Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ywD6PCjjDWy4fZpsDdft6FRxmM0.roa
File: ywD6PCjjDWy4fZpsDdft6FRxmM0.roa (raw, json)
Hash identifier: hAeJd1EZUyPDm9EDT7SaqzqysJ0ol1clqjKlzp128LE=
Subject key identifier: CB:00:FA:3C:28:E3:0D:6C:B8:7D:9A:6C:0D:D7:ED:E8:54:71:98:CD
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01944DF39EFD69A4F49DAA8107EC245F6E4F
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ywD6PCjjDWy4fZpsDdft6FRxmM0.roa
Signing time: Fri 10 Jan 2025 02:03:19 +0000
ROA not before: Fri 10 Jan 2025 02:03:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 109.122.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4d:f3:9e:fd:69:a4:f4:9d:aa:81:07:ec:24:5f:6e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 10 02:03:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb00fa3c28e30d6cb87d9a6c0dd7ede8547198cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a2:ef:aa:9e:1e:7e:f1:d9:a7:02:c6:94:f6:
df:7b:57:0e:2e:e6:19:d4:e5:25:8e:0e:97:b2:4a:
bf:95:34:e2:2d:00:2e:e5:40:b8:74:62:bb:14:e6:
fc:fc:50:39:f8:f4:1c:05:10:2a:87:d7:1f:d5:7a:
ca:01:b1:41:d3:71:a7:bc:34:55:0c:4e:dd:63:f3:
1d:ec:5c:b8:9c:7c:5f:aa:78:e4:66:ff:90:31:f7:
56:43:74:64:4c:b9:9f:b3:3c:4e:b6:e3:90:d1:61:
f9:7d:02:98:31:fd:1e:a4:cf:4f:e5:c6:88:af:14:
e1:84:9f:25:88:5a:f9:86:99:95:f5:47:ed:75:9a:
84:19:7a:91:73:1e:d8:0f:3f:73:69:6a:47:e6:ea:
25:30:7c:83:29:e1:4a:35:91:7c:60:8a:7b:21:66:
48:7d:e1:72:d8:5e:e8:aa:5b:2e:6a:3c:8b:73:6f:
ac:17:2f:d6:45:b6:ed:d2:79:fe:c0:19:06:24:73:
0b:f3:76:e4:04:6d:50:12:9e:ab:80:23:4e:11:30:
b7:d4:76:37:ee:d7:e1:68:79:49:14:8a:c8:3a:15:
6e:7d:f3:bb:b0:f7:5f:27:92:00:aa:42:2b:96:a1:
a3:0a:3e:56:62:7d:ae:ba:aa:bf:af:59:5f:11:d8:
62:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:00:FA:3C:28:E3:0D:6C:B8:7D:9A:6C:0D:D7:ED:E8:54:71:98:CD
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ywD6PCjjDWy4fZpsDdft6FRxmM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.240.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:81:b3:8e:70:32:f0:a9:a1:6b:2b:5c:c7:f8:cf:fa:ec:a5:
02:b4:5b:06:ea:01:df:87:ea:cf:fa:60:ef:9f:c8:52:8e:c9:
af:0f:5c:c8:7f:d0:3d:a8:89:db:2e:fc:ed:8f:49:b6:85:6b:
47:e1:f0:06:bd:ca:f5:20:75:15:1a:5b:e5:84:fe:4b:05:bc:
46:4b:a2:24:66:2b:22:16:d3:6c:7e:7e:c5:bc:5a:cc:e9:a2:
f0:54:d5:57:f4:1b:27:73:8a:02:37:b2:e3:11:98:87:19:74:
b8:69:18:d0:5a:92:21:55:81:61:2d:01:3d:92:ed:73:91:7d:
a1:53:0a:a3:0e:c0:54:9d:f1:a3:25:84:de:7f:04:31:41:e7:
6a:53:ce:f2:47:79:95:f2:1f:10:4e:2a:07:76:29:11:b1:f1:
54:24:0f:1a:3d:83:10:94:b0:dd:30:68:c0:a1:c6:af:1c:68:
04:e1:f7:ae:16:de:be:af:f1:3e:11:ce:36:b8:b0:61:c5:e1:
1b:7a:9c:4d:54:a9:8f:94:16:cc:ef:3d:0c:0f:da:33:11:38:
f7:0d:f4:90:c6:7d:39:97:de:8a:e3:59:ab:a4:48:06:1f:97:
04:84:66:fa:68:15:c0:37:48:cb:ec:72:93:2e:0a:71:b4:45:
15:2f:04:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRN8579aaT0naqBB+wkX25PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwMTEwMDIwMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjAwZmEzYzI4ZTMwZDZjYjg3ZDlhNmMwZGQ3ZWRlODU0NzE5OGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KLvqp4efvHZpwLGlPbfe1cOLuYZ
1OUljg6Xskq/lTTiLQAu5UC4dGK7FOb8/FA5+PQcBRAqh9cf1XrKAbFB03GnvDRV
DE7dY/Md7Fy4nHxfqnjkZv+QMfdWQ3RkTLmfszxOtuOQ0WH5fQKYMf0epM9P5caI
rxThhJ8liFr5hpmV9UftdZqEGXqRcx7YDz9zaWpH5uolMHyDKeFKNZF8YIp7IWZI
feFy2F7oqlsuajyLc2+sFy/WRbbt0nn+wBkGJHML83bkBG1QEp6rgCNOETC31HY3
7tfhaHlJFIrIOhVuffO7sPdfJ5IAqkIrlqGjCj5WYn2uuqq/r1lfEdhiVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsA+jwo4w1suH2abA3X7ehUcZjNMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEveXdENlBDampEV3k0Zlpwc0RkZnQ2RlJ4bU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbXrwMA0G
CSqGSIb3DQEBCwUAA4IBAQBfgbOOcDLwqaFrK1zH+M/67KUCtFsG6gHfh+rP+mDv
n8hSjsmvD1zIf9A9qInbLvztj0m2hWtH4fAGvcr1IHUVGlvlhP5LBbxGS6IkZisi
FtNsfn7FvFrM6aLwVNVX9Bsnc4oCN7LjEZiHGXS4aRjQWpIhVYFhLQE9ku1zkX2h
UwqjDsBUnfGjJYTefwQxQedqU87yR3mV8h8QTioHdikRsfFUJA8aPYMQlLDdMGjA
ocavHGgE4feuFt6+r/E+Ec42uLBhxeEbepxNVKmPlBbM7z0MD9ozETj3DfSQxn05
l96K41mrpEgGH5cEhGb6aBXAN0jL7HKTLgpxtEUVLwRB
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:34:36 2025 by rpki-client