Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/p4_2wcOawugaSj43rAVSkkmPf8k.roa
File: p4_2wcOawugaSj43rAVSkkmPf8k.roa (raw, json)
Hash identifier: Y3pbjD0B2GwO/FNWMPam+BoxaGEQd85k797hs416lA8=
Subject key identifier: A7:8F:F6:C1:C3:9A:C2:E8:1A:4A:3E:37:AC:05:52:92:49:8F:7F:C9
Certificate issuer: /CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Certificate serial: 01951DA5FFA639876EAF2D3DB8A4660260F3
Authority key identifier: 59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/p4_2wcOawugaSj43rAVSkkmPf8k.roa
Signing time: Wed 19 Feb 2025 09:59:32 +0000
ROA not before: Wed 19 Feb 2025 09:59:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199366
IP address blocks: 109.235.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:a5:ff:a6:39:87:6e:af:2d:3d:b8:a4:66:02:60:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Validity
Not Before: Feb 19 09:59:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a78ff6c1c39ac2e81a4a3e37ac055292498f7fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6f:02:52:46:33:42:80:89:1b:ea:42:50:ed:
ba:19:23:4b:01:b1:22:a9:09:7f:1d:b6:ca:99:38:
1a:ef:d3:cd:27:7c:d5:99:56:f2:9d:7b:a9:16:6c:
2d:f5:00:a3:c6:b5:43:b7:0c:de:f8:f1:ed:88:72:
55:4f:97:41:c8:19:9d:36:f0:10:3d:1f:9d:45:af:
44:7b:95:3f:c1:8c:fd:bd:10:b3:1c:be:ab:cc:17:
2d:ee:47:e1:92:a4:ba:64:a2:48:7a:6a:82:a2:08:
36:c3:0a:c5:89:02:c0:62:0a:3c:6b:74:97:3f:e0:
c0:34:94:bc:aa:60:fb:42:5d:5a:2a:fc:3c:f8:9a:
81:51:7b:e2:17:14:50:7f:5d:03:5c:6f:22:8c:fb:
bf:65:cc:c3:81:9b:0a:d4:a0:fb:18:fa:5e:00:e7:
5a:68:3b:67:6c:dc:0c:cb:33:fe:84:9f:5b:49:29:
59:53:6b:05:f2:4f:91:3a:e2:16:7a:0d:0a:82:07:
3c:f8:69:78:cf:1e:bb:77:7d:d1:8e:49:54:34:ba:
ad:23:b0:e4:aa:af:5c:90:4e:9c:2c:58:d4:ea:7a:
0d:a3:d7:39:aa:fc:11:72:47:bc:9c:40:c0:04:dd:
9e:b1:63:07:f9:71:60:17:ba:c5:63:10:e6:45:70:
57:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8F:F6:C1:C3:9A:C2:E8:1A:4A:3E:37:AC:05:52:92:49:8F:7F:C9
X509v3 Authority Key Identifier:
keyid:59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/p4_2wcOawugaSj43rAVSkkmPf8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.253.0/24
Signature Algorithm: sha256WithRSAEncryption
92:6c:69:5f:2b:6f:2a:0c:d8:02:63:34:69:40:0f:ca:37:09:
d2:cd:7d:35:98:1c:fd:97:1d:33:47:16:8b:db:a3:23:68:64:
51:1c:29:6d:a7:e6:19:37:6c:33:95:78:cc:ab:4c:11:a2:09:
74:01:c3:ea:52:31:e6:d1:51:65:2d:e5:5b:68:db:e8:22:e4:
1d:9a:15:08:02:4b:39:3b:9e:cf:fa:c1:30:36:5a:0c:49:35:
e6:a3:5a:f3:33:45:07:c7:d8:13:58:18:0a:eb:f9:a6:be:1d:
32:d7:d8:8a:aa:54:0d:f7:11:a4:7d:99:9d:ae:81:ce:d6:c7:
88:a9:08:76:e1:f6:bb:cf:fc:98:7d:c7:b1:39:2b:8e:f4:c9:
42:b6:9c:17:c8:a7:57:64:d4:ed:fc:04:70:87:da:81:02:c2:
dc:35:51:0e:6d:1b:03:1d:e6:5b:44:aa:ac:56:be:bc:84:13:
cf:e0:46:3c:be:bf:a3:a7:d0:20:c4:15:e4:35:b1:19:1a:18:
8d:2d:b3:be:14:1e:95:6b:c9:fd:6e:59:89:f6:6a:bc:66:d4:
f2:c4:2a:19:51:60:74:1c:c1:30:60:f0:44:53:b5:88:f2:d8:
78:de:7e:ac:54:f6:43:da:9e:a6:ec:4b:31:b4:73:27:42:5c:
3f:bb:37:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUdpf+mOYdury09uKRmAmDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MmU3YzFmMjM5NGMzZTNhYWE4Y2NiNjQ3ZmQ4MzY3MWQ2
MDk4YjcwHhcNMjUwMjE5MDk1OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhmZjZjMWMzOWFjMmU4MWE0YTNlMzdhYzA1NTI5MjQ5OGY3ZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW8CUkYzQoCJG+pCUO26GSNLAbEi
qQl/HbbKmTga79PNJ3zVmVbynXupFmwt9QCjxrVDtwze+PHtiHJVT5dByBmdNvAQ
PR+dRa9Ee5U/wYz9vRCzHL6rzBct7kfhkqS6ZKJIemqCogg2wwrFiQLAYgo8a3SX
P+DANJS8qmD7Ql1aKvw8+JqBUXviFxRQf10DXG8ijPu/ZczDgZsK1KD7GPpeAOda
aDtnbNwMyzP+hJ9bSSlZU2sF8k+ROuIWeg0Kggc8+Gl4zx67d33RjklUNLqtI7Dk
qq9ckE6cLFjU6noNo9c5qvwRcke8nEDABN2esWMH+XFgF7rFYxDmRXBXYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeP9sHDmsLoGko+N6wFUpJJj3/JMB8GA1UdIwQY
MBaAFFkufB8jlMPjqqjMtkf9g2cdYJi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAt
NDQzYmU2M2ZjMTIzLzEvcDRfMndjT2F3dWdhU2o0M3JBVlNra21QZjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAtNDQzYmU2M2ZjMTIz
LzEvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbev9MA0G
CSqGSIb3DQEBCwUAA4IBAQCSbGlfK28qDNgCYzRpQA/KNwnSzX01mBz9lx0zRxaL
26MjaGRRHCltp+YZN2wzlXjMq0wRogl0AcPqUjHm0VFlLeVbaNvoIuQdmhUIAks5
O57P+sEwNloMSTXmo1rzM0UHx9gTWBgK6/mmvh0y19iKqlQN9xGkfZmdroHO1seI
qQh24fa7z/yYfcexOSuO9MlCtpwXyKdXZNTt/ARwh9qBAsLcNVEObRsDHeZbRKqs
Vr68hBPP4EY8vr+jp9AgxBXkNbEZGhiNLbO+FB6Va8n9blmJ9mq8ZtTyxCoZUWB0
HMEwYPBEU7WI8th43n6sVPZD2p6m7EsxtHMnQlw/uzco
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:18:11 2025 by rpki-client