Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dgFGDxPfvgjFP4P_nkAnksb1cMA.roa
File: dgFGDxPfvgjFP4P_nkAnksb1cMA.roa (raw, json)
Hash identifier: TpMJCjrlO3RqSaNPolkDOvJgUXuropNVtyNr1yhRabs=
Subject key identifier: 76:01:46:0F:13:DF:BE:08:C5:3F:83:FF:9E:40:27:92:C6:F5:70:C0
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0194A7F8975AD72DF6EA598EF57143CEAE00
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dgFGDxPfvgjFP4P_nkAnksb1cMA.roa
Signing time: Mon 27 Jan 2025 13:34:34 +0000
ROA not before: Mon 27 Jan 2025 13:34:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.111.32.0/20 maxlen: 24
109.111.42.0/23 maxlen: 24
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:f8:97:5a:d7:2d:f6:ea:59:8e:f5:71:43:ce:ae:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 27 13:34:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7601460f13dfbe08c53f83ff9e402792c6f570c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:93:6d:12:7d:6d:24:1e:2d:31:51:02:1e:
cc:93:e0:b4:ac:3e:4c:10:05:74:04:b0:ca:a3:92:
65:bf:f7:84:f0:aa:5f:e9:8f:57:bb:55:a2:ae:9a:
6b:0b:f6:89:7c:1d:ad:d6:d0:80:60:eb:a7:25:47:
7c:7b:fc:21:fe:0f:1c:77:de:3f:90:06:4f:b0:e1:
e7:4d:75:0b:cf:d5:0a:23:a0:6d:04:f3:dd:c2:03:
35:fe:15:26:82:15:f8:6c:83:49:ec:1c:5f:73:4b:
a0:bb:44:b8:d9:fb:a8:a5:6d:16:fc:ac:8d:d3:a5:
2b:9a:e1:1a:40:9e:01:e1:8d:40:0a:99:93:33:0f:
ac:99:7f:1e:89:11:57:5c:08:da:82:e6:34:b7:1d:
ba:62:02:2a:31:70:b9:08:87:af:56:98:54:64:35:
9b:02:a0:01:9f:ba:39:6c:50:62:e6:5e:1d:2d:cc:
f9:46:d8:0b:3f:6e:07:2e:5f:80:c4:f2:b0:d8:01:
c2:1a:bc:32:3e:b0:c0:94:ee:62:50:4c:d0:d9:d8:
22:bb:dd:59:a2:dd:fc:a8:60:2a:ec:7c:c5:cd:59:
a7:34:c9:31:fd:e3:1d:3d:66:1b:a3:89:3a:db:53:
8c:4d:28:ee:12:56:1b:3c:b7:06:b5:de:56:8b:2c:
4a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:01:46:0F:13:DF:BE:08:C5:3F:83:FF:9E:40:27:92:C6:F5:70:C0
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dgFGDxPfvgjFP4P_nkAnksb1cMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.32.0/20
176.221.20.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
0f:02:14:4e:d6:41:fe:77:bb:b9:98:f5:71:1d:12:bc:92:c5:
c8:49:3f:23:8f:e6:b5:73:b4:8b:22:20:a4:88:8f:d6:80:0d:
1d:c1:ee:20:b9:a5:fc:dc:c9:d5:52:22:c9:7a:46:3d:83:93:
5e:36:da:15:50:1e:cf:a0:7a:c7:0c:d4:c9:69:e3:76:5a:cb:
69:1a:9c:ec:82:05:20:01:8b:76:5e:20:1e:f9:f3:ce:d3:98:
d5:56:7f:14:67:36:60:95:26:3d:07:20:df:5e:7c:75:1e:a5:
b0:0b:be:ed:9e:ca:79:12:22:39:28:17:05:47:9f:47:a1:3b:
5f:21:1e:23:dc:0c:34:a3:3a:ae:b1:4b:61:3d:11:d1:07:d3:
b7:c1:0c:79:8c:84:10:51:6e:c6:6d:1d:34:64:e5:9a:2a:c2:
fd:f7:9d:78:f7:3e:ac:0b:3a:a5:d8:8a:aa:e0:1a:86:06:97:
e9:58:9a:08:7e:b9:90:fa:de:63:c5:13:fd:8d:c5:fa:83:42:
37:7c:52:ca:7d:cc:e2:43:5e:b4:57:71:09:d0:7e:0f:9f:0b:
e4:f1:40:f5:b9:cc:d5:06:b3:a6:29:80:93:28:31:e7:fe:e6:
0d:a3:15:c8:ec:c2:33:17:cf:32:30:59:cc:cd:e2:7b:c1:a3:
0b:27:d8:d1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZSn+Jda1y326lmO9XFDzq4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjUwMTI3MTMzNDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjAxNDYwZjEzZGZiZTA4YzUzZjgzZmY5ZTQwMjc5MmM2ZjU3MGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn6TbRJ9bSQeLTFRAh7Mk+C0rD5M
EAV0BLDKo5Jlv/eE8Kpf6Y9Xu1WirpprC/aJfB2t1tCAYOunJUd8e/wh/g8cd94/
kAZPsOHnTXULz9UKI6BtBPPdwgM1/hUmghX4bINJ7Bxfc0ugu0S42fuopW0W/KyN
06UrmuEaQJ4B4Y1ACpmTMw+smX8eiRFXXAjaguY0tx26YgIqMXC5CIevVphUZDWb
AqABn7o5bFBi5l4dLcz5RtgLP24HLl+AxPKw2AHCGrwyPrDAlO5iUEzQ2dgiu91Z
ot38qGAq7HzFzVmnNMkx/eMdPWYbo4k621OMTSjuElYbPLcGtd5WiyxK8QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHYBRg8T374IxT+D/55AJ5LG9XDAMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvZGdGR0R4UGZ2Z2pGUDRQX25rQW5rc2IxY01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQEbW8gMAwD
BAKw3RQDBAKw3RgwDQYJKoZIhvcNAQELBQADggEBAA8CFE7WQf53u7mY9XEdEryS
xchJPyOP5rVztIsiIKSIj9aADR3B7iC5pfzcydVSIsl6Rj2Dk1422hVQHs+gescM
1Mlp43Zay2kanOyCBSABi3ZeIB75887TmNVWfxRnNmCVJj0HIN9efHUepbALvu2e
ynkSIjkoFwVHn0ehO18hHiPcDDSjOq6xS2E9EdEH07fBDHmMhBBRbsZtHTRk5Zoq
wv33nXj3PqwLOqXYiqrgGoYGl+lYmgh+uZD63mPFE/2NxfqDQjd8Usp9zOJDXrRX
cQnQfg+fC+TxQPW5zNUGs6YpgJMoMef+5g2jFcjswjMXzzIwWczN4nvBowsn2NE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:34 2025 by rpki-client