Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/MDrD-uKFZ_Yb4ZIC2Po8frR_H34.roa
File: MDrD-uKFZ_Yb4ZIC2Po8frR_H34.roa (raw, json)
Hash identifier: 6i+1tLOBfwQZsWiohYfI3Z5fvAQitp1iTyZYTIX5ZZ4=
Subject key identifier: 30:3A:C3:FA:E2:85:67:F6:1B:E1:92:02:D8:FA:3C:7E:B4:7F:1F:7E
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0194A7F897BF4B6B68479173F88973A5F686
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/MDrD-uKFZ_Yb4ZIC2Po8frR_H34.roa
Signing time: Mon 27 Jan 2025 13:34:34 +0000
ROA not before: Mon 27 Jan 2025 13:34:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 109.111.52.0/22 maxlen: 24
176.221.20.0/23 maxlen: 24
176.221.22.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:f8:97:bf:4b:6b:68:47:91:73:f8:89:73:a5:f6:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 27 13:34:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=303ac3fae28567f61be19202d8fa3c7eb47f1f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b2:88:c2:73:49:ed:d9:67:11:ad:df:e0:53:
46:64:6e:7a:e9:d2:03:1b:4a:d2:a4:d6:a7:92:56:
d3:f2:e6:46:71:0a:cc:14:5c:40:95:fa:ab:8c:ba:
97:ad:03:45:8a:70:80:b8:3e:0b:19:cf:b7:b8:10:
91:b5:ac:1f:24:63:8e:25:96:37:50:1a:a3:9f:8a:
d1:06:17:b4:b9:a1:a7:8c:fa:35:7d:c3:93:06:49:
7b:ab:e0:c4:55:a4:34:23:fb:9d:de:1b:31:7d:cb:
44:d3:d5:aa:6b:56:89:95:16:80:91:eb:c2:56:e7:
bc:17:8d:b5:d3:53:95:6f:86:52:c8:ea:e8:73:98:
92:08:79:bd:6e:78:71:48:db:c9:6d:ac:35:cd:9a:
90:c4:07:4b:61:e1:73:ed:9b:25:1c:38:3f:9e:df:
e8:5c:78:83:c7:87:d9:f9:37:34:d7:1a:b4:4d:19:
61:c9:ef:2d:ca:d5:17:bd:0e:9d:76:c6:81:d8:b9:
8c:20:b4:c0:6c:24:96:32:79:98:b9:30:52:14:dc:
f1:33:be:23:45:3a:08:4b:4f:9e:72:69:bd:dd:03:
9e:3a:3d:06:f9:c1:59:fd:d8:9d:27:80:65:04:9d:
11:cd:f0:82:b4:49:0b:b4:6c:8e:25:30:6f:27:1f:
3f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:3A:C3:FA:E2:85:67:F6:1B:E1:92:02:D8:FA:3C:7E:B4:7F:1F:7E
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/MDrD-uKFZ_Yb4ZIC2Po8frR_H34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.52.0/22
176.221.20.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:2a:db:51:76:ae:e9:c6:42:e6:08:96:8c:d2:2d:41:62:6f:
3b:48:f7:48:82:e1:4e:23:f4:1f:ff:8b:e3:65:b6:76:77:63:
a0:7c:3f:17:df:c7:3e:57:fd:20:79:94:e5:b6:3f:8f:c3:94:
2e:d7:7d:19:a2:27:ca:06:9d:42:07:92:10:e6:39:b3:9d:6d:
8e:11:07:e9:55:d5:bc:a1:98:b7:08:d0:13:8e:7e:42:36:d9:
cf:ef:45:b1:71:dd:a9:d6:90:50:b3:b3:3d:8f:24:ae:72:2e:
03:d4:98:bb:13:cb:ee:37:15:30:3d:28:e3:8d:2d:7b:66:f8:
31:6a:36:66:43:e8:c4:ee:65:f1:be:70:d2:62:e7:16:21:80:
57:f1:e2:b2:5f:76:10:07:75:8d:a8:76:83:7f:b8:4e:57:06:
10:ed:2c:6b:8f:4a:99:c0:1c:93:de:2e:32:77:f4:a4:79:7b:
cc:04:e2:a8:f9:11:c0:11:e2:af:4e:f4:54:44:45:6a:5c:34:
69:34:a4:3a:c3:0f:6e:20:9a:66:6c:4f:e1:01:64:22:b5:31:
10:ce:91:32:02:02:fd:35:fa:3c:84:2f:1d:a6:ba:d5:9c:c2:
ee:13:65:60:7c:6f:37:b2:42:71:36:7a:f9:e2:64:c1:be:02:
e3:ab:63:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSn+Je/S2toR5Fz+IlzpfaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjUwMTI3MTMzNDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDNhYzNmYWUyODU2N2Y2MWJlMTkyMDJkOGZhM2M3ZWI0N2YxZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7KIwnNJ7dlnEa3f4FNGZG566dID
G0rSpNanklbT8uZGcQrMFFxAlfqrjLqXrQNFinCAuD4LGc+3uBCRtawfJGOOJZY3
UBqjn4rRBhe0uaGnjPo1fcOTBkl7q+DEVaQ0I/ud3hsxfctE09Wqa1aJlRaAkevC
Vue8F42101OVb4ZSyOroc5iSCHm9bnhxSNvJbaw1zZqQxAdLYeFz7ZslHDg/nt/o
XHiDx4fZ+Tc01xq0TRlhye8tytUXvQ6ddsaB2LmMILTAbCSWMnmYuTBSFNzxM74j
RToIS0+ecmm93QOeOj0G+cFZ/didJ4BlBJ0RzfCCtEkLtGyOJTBvJx8/KwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDA6w/rihWf2G+GSAtj6PH60fx9+MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvTURyRC11S0ZaX1liNFpJQzJQbzhmclJfSDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbW80AwQC
sN0UMA0GCSqGSIb3DQEBCwUAA4IBAQBfKttRdq7pxkLmCJaM0i1BYm87SPdIguFO
I/Qf/4vjZbZ2d2OgfD8X38c+V/0geZTltj+Pw5Qu130ZoifKBp1CB5IQ5jmznW2O
EQfpVdW8oZi3CNATjn5CNtnP70Wxcd2p1pBQs7M9jySuci4D1Ji7E8vuNxUwPSjj
jS17ZvgxajZmQ+jE7mXxvnDSYucWIYBX8eKyX3YQB3WNqHaDf7hOVwYQ7Sxrj0qZ
wByT3i4yd/SkeXvMBOKo+RHAEeKvTvRUREVqXDRpNKQ6ww9uIJpmbE/hAWQitTEQ
zpEyAgL9Nfo8hC8dprrVnMLuE2VgfG83skJxNnr54mTBvgLjq2Nm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:44 2025 by rpki-client