Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/P_9_iSFjxdPORyj4Qlct6kcEfBw.roa
File: P_9_iSFjxdPORyj4Qlct6kcEfBw.roa (raw, json)
Hash identifier: hiZJ/Gu5At2lx+OvmaZFpCtmbc4It++24gLKPw6vN4k=
Subject key identifier: 3F:FF:7F:89:21:63:C5:D3:CE:47:28:F8:42:57:2D:EA:47:04:7C:1C
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 0186307423CF79737093FF77F80A4D828E85
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/P_9_iSFjxdPORyj4Qlct6kcEfBw.roa
Signing time: Wed 08 Feb 2023 09:56:02 +0000
ROA not before: Wed 08 Feb 2023 09:56:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 79.139.52.0/22 maxlen: 24
198.14.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:74:23:cf:79:73:70:93:ff:77:f8:0a:4d:82:8e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Feb 8 09:56:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fff7f892163c5d3ce4728f842572dea47047c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d8:b1:75:89:00:55:06:af:0b:94:98:f6:64:
e6:e1:05:d6:04:d2:31:cf:20:51:f7:b7:80:10:91:
c3:29:0e:43:a2:f1:1d:7c:7c:99:d3:56:a3:61:aa:
b7:13:a6:7b:a9:fd:5e:2c:1e:11:f9:be:03:5d:1e:
a4:c7:58:08:57:cf:0c:17:71:56:98:80:56:e0:3a:
ab:0f:0b:8b:e6:f0:9c:cd:95:d5:f4:cf:f4:31:44:
ee:9d:5c:d5:b8:e8:76:32:58:02:31:df:af:3f:1a:
d9:cc:8b:d0:f8:d8:7f:89:08:04:b4:d0:50:9c:00:
b8:95:10:bc:b2:f6:86:f2:1c:0d:f3:31:de:da:17:
a3:22:90:13:33:ad:61:bf:64:80:dd:fd:61:a1:1d:
8b:d9:de:6e:85:91:e7:ab:d7:b0:28:63:88:de:55:
79:8d:4c:bf:05:4d:0f:84:47:a4:8e:c3:80:d9:cd:
f2:06:dc:c3:3a:be:e0:6b:42:16:06:27:44:90:dd:
84:64:f9:ed:16:5a:2c:34:e5:28:ee:9c:82:c2:b3:
0b:39:3b:e9:e5:12:d8:46:c6:52:17:33:05:6d:bf:
4c:ed:aa:27:24:fa:28:55:2e:9a:09:69:55:cf:ae:
a5:16:e6:d5:97:58:14:a4:e4:8a:71:18:d1:46:10:
d8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:FF:7F:89:21:63:C5:D3:CE:47:28:F8:42:57:2D:EA:47:04:7C:1C
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/P_9_iSFjxdPORyj4Qlct6kcEfBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.52.0/22
198.14.16.0/20
Signature Algorithm: sha256WithRSAEncryption
a9:22:b9:6b:1b:95:a0:8a:bf:05:7d:66:1f:39:39:c0:3d:bf:
06:c0:b6:0b:1f:92:62:c3:f1:e5:c0:c1:6e:b6:10:8b:fe:d2:
bb:71:fb:0d:92:c2:d6:33:a0:df:c2:c9:86:51:8f:2b:c6:8a:
dc:88:2a:22:59:7a:56:bb:95:41:04:af:94:e8:f5:44:6a:95:
ef:ea:01:2e:bc:e3:92:7f:e5:5a:a6:bd:9a:31:6d:e4:25:25:
9c:d0:57:04:b2:df:e4:6f:7d:a1:e2:45:1b:36:0c:15:db:36:
ad:1a:e1:ce:a0:5b:c3:43:40:93:e1:d7:91:f9:02:11:fa:c3:
bf:b6:c3:bf:33:26:e7:be:dd:b4:71:c1:4e:8b:b7:d7:22:9c:
55:72:be:8c:13:b1:a2:cf:39:9a:ba:45:69:d8:c4:eb:c5:ea:
9f:2b:35:aa:71:f2:d3:9b:b2:2e:0b:1b:7f:a7:1d:81:12:5f:
99:f6:01:fd:14:d9:97:b9:a5:33:3f:31:83:0a:a5:0c:03:0c:
ec:3d:a3:7f:3e:8e:6d:ae:d1:6a:d4:c0:45:ec:9d:86:35:7b:
e0:32:89:d0:e3:3c:ff:3a:bb:54:1a:06:eb:ea:0c:40:e8:1a:
1d:25:e5:33:21:af:94:ea:cf:ab:24:ad:c7:03:eb:0d:1b:0a:
f2:54:00:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYwdCPPeXNwk/93+ApNgo6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yzk2MDY1MDkzOTk4YmE0MmNmYmExMWJmMGQxN2QzYWM0
MDNkNDAwHhcNMjMwMjA4MDk1NjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmZmN2Y4OTIxNjNjNWQzY2U0NzI4Zjg0MjU3MmRlYTQ3MDQ3YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdixdYkAVQavC5SY9mTm4QXWBNIx
zyBR97eAEJHDKQ5DovEdfHyZ01ajYaq3E6Z7qf1eLB4R+b4DXR6kx1gIV88MF3FW
mIBW4DqrDwuL5vCczZXV9M/0MUTunVzVuOh2MlgCMd+vPxrZzIvQ+Nh/iQgEtNBQ
nAC4lRC8svaG8hwN8zHe2hejIpATM61hv2SA3f1hoR2L2d5uhZHnq9ewKGOI3lV5
jUy/BU0PhEekjsOA2c3yBtzDOr7ga0IWBidEkN2EZPntFlosNOUo7pyCwrMLOTvp
5RLYRsZSFzMFbb9M7aonJPooVS6aCWlVz66lFubVl1gUpOSKcRjRRhDYMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD//f4khY8XTzkco+EJXLepHBHwcMB8GA1UdIwQY
MBaAFDXJYGUJOZi6Qs+6Eb8NF9OsQD1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMt
NmJhYzM0OTg3MDE5LzEvUF85X2lTRmp4ZFBPUnlqNFFsY3Q2a2NFZkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMtNmJhYzM0OTg3MDE5
LzEvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCT4s0AwQE
xg4QMA0GCSqGSIb3DQEBCwUAA4IBAQCpIrlrG5Wgir8FfWYfOTnAPb8GwLYLH5Ji
w/HlwMFuthCL/tK7cfsNksLWM6DfwsmGUY8rxorciCoiWXpWu5VBBK+U6PVEapXv
6gEuvOOSf+Vapr2aMW3kJSWc0FcEst/kb32h4kUbNgwV2zatGuHOoFvDQ0CT4deR
+QIR+sO/tsO/Mybnvt20ccFOi7fXIpxVcr6ME7GizzmaukVp2MTrxeqfKzWqcfLT
m7IuCxt/px2BEl+Z9gH9FNmXuaUzPzGDCqUMAwzsPaN/Po5trtFq1MBF7J2GNXvg
MonQ4zz/OrtUGgbr6gxA6BodJeUzIa+U6s+rJK3HA+sNGwryVADB
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:50 2025 by rpki-client