Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dc8e13-6dd3-44f9-90f6-7cd1f652d925/1/n2ywdwAxh_5A6fhmbinLsjV_74w.roa
File: n2ywdwAxh_5A6fhmbinLsjV_74w.roa (raw, json)
Hash identifier: KHmvQ0UKMcNm8rNxLKWRsULyUAvt5HBPZFXUNE/Pe7Y=
Subject key identifier: 9F:6C:B0:77:00:31:87:FE:40:E9:F8:66:6E:29:CB:B2:35:7F:EF:8C
Certificate issuer: /CN=7b5516af4b74a1142bef13c3fd707059e61a6b95
Certificate serial: 0195B84F26886AAC84053BB0119715A981F8
Authority key identifier: 7B:55:16:AF:4B:74:A1:14:2B:EF:13:C3:FD:70:70:59:E6:1A:6B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1UWr0t0oRQr7xPD_XBwWeYaa5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dc8e13-6dd3-44f9-90f6-7cd1f652d925/1/n2ywdwAxh_5A6fhmbinLsjV_74w.roa
Signing time: Fri 21 Mar 2025 10:45:49 +0000
ROA not before: Fri 21 Mar 2025 10:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20712
IP address blocks: 109.205.152.0/22 maxlen: 22
109.205.156.0/24 maxlen: 24
185.6.132.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:4f:26:88:6a:ac:84:05:3b:b0:11:97:15:a9:81:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5516af4b74a1142bef13c3fd707059e61a6b95
Validity
Not Before: Mar 21 10:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f6cb077003187fe40e9f8666e29cbb2357fef8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:86:88:bd:3e:29:2d:26:fa:5e:7d:fd:aa:3a:
79:7c:d8:2a:a2:6c:54:33:69:5d:96:2d:82:b3:f8:
f3:70:78:49:36:1b:ed:f4:4c:bd:c0:66:a7:56:a4:
5e:1b:97:14:eb:74:0d:55:51:96:30:fe:be:7a:8a:
31:f6:46:fd:ec:70:4a:5d:d4:05:15:0f:c3:cf:c7:
06:5d:7b:ee:4a:fe:a1:c4:81:b1:a9:82:95:48:2a:
ba:16:bc:60:77:90:af:59:75:df:4a:01:ac:8e:af:
f5:aa:ef:bd:68:52:c0:dd:33:9f:a7:fc:25:75:68:
fc:2c:75:11:80:5c:bd:93:de:92:68:2d:e7:64:32:
90:0f:7d:1d:c3:5c:11:30:be:de:6b:58:8a:51:16:
23:44:15:ef:37:bd:12:d0:14:46:26:5f:73:cd:47:
5d:df:f3:dd:86:e1:29:3f:eb:86:37:f3:ab:82:5b:
0e:81:40:62:a6:a8:62:ff:27:42:e1:bd:8d:7b:25:
90:07:e3:97:55:3b:e2:3f:91:ee:04:a5:13:84:76:
85:a0:11:27:82:41:68:cb:f1:e6:09:58:aa:0d:84:
ac:ff:e6:67:3a:47:90:3e:ce:c9:12:8a:c9:aa:e2:
97:7d:5e:0a:a1:53:3a:b3:62:3c:4b:ce:32:dc:9a:
1a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6C:B0:77:00:31:87:FE:40:E9:F8:66:6E:29:CB:B2:35:7F:EF:8C
X509v3 Authority Key Identifier:
keyid:7B:55:16:AF:4B:74:A1:14:2B:EF:13:C3:FD:70:70:59:E6:1A:6B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1UWr0t0oRQr7xPD_XBwWeYaa5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dc8e13-6dd3-44f9-90f6-7cd1f652d925/1/n2ywdwAxh_5A6fhmbinLsjV_74w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dc8e13-6dd3-44f9-90f6-7cd1f652d925/1/e1UWr0t0oRQr7xPD_XBwWeYaa5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.152.0-109.205.156.255
185.6.132.0/23
Signature Algorithm: sha256WithRSAEncryption
d0:32:c3:fc:db:65:7a:ac:a1:4d:46:00:ce:57:4c:cf:9b:ba:
f0:92:49:d9:5d:d3:f0:6c:09:ce:53:03:9d:5e:79:2d:58:5d:
0d:92:69:8c:fb:62:50:88:97:c4:95:d3:42:d4:23:df:c3:31:
70:e7:88:df:cc:4b:3c:b0:2c:3d:ac:af:79:3b:a9:94:fe:c3:
7e:18:6b:25:66:44:0d:b3:de:05:5c:67:37:59:6c:f1:48:f2:
c2:58:99:e2:38:e2:5c:54:3d:98:41:a2:6a:15:4e:5d:5c:ea:
99:58:91:1d:c0:85:c7:3a:5c:ea:9b:b8:9b:69:1f:8b:71:fe:
32:e9:79:fc:8f:da:f1:83:86:28:dd:4a:ff:db:f3:71:06:4e:
cd:a1:88:40:9e:e3:bd:3e:a2:30:f9:f1:fa:fc:f4:91:4e:ef:
07:b2:bc:10:35:70:c8:a1:fc:47:9a:11:38:34:4e:94:62:28:
1b:d0:ad:e1:79:ee:d1:1d:c0:0d:39:d6:3b:b4:77:9c:c9:dd:
8d:0d:5d:b6:40:d7:e6:33:70:1b:fd:4a:f9:1c:56:fc:1b:d0:
b0:96:5d:63:36:d6:8b:88:95:f1:42:84:f2:e7:70:d7:e7:d4:
96:97:2d:f4:d2:9d:fd:6b:13:3f:4f:db:9a:13:e8:7a:af:b3:
f3:d9:ce:94
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZW4TyaIaqyEBTuwEZcVqYH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNTUxNmFmNGI3NGExMTQyYmVmMTNjM2ZkNzA3MDU5ZTYx
YTZiOTUwHhcNMjUwMzIxMTA0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjZjYjA3NzAwMzE4N2ZlNDBlOWY4NjY2ZTI5Y2JiMjM1N2ZlZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooaIvT4pLSb6Xn39qjp5fNgqomxU
M2ldli2Cs/jzcHhJNhvt9Ey9wGanVqReG5cU63QNVVGWMP6+eoox9kb97HBKXdQF
FQ/Dz8cGXXvuSv6hxIGxqYKVSCq6Frxgd5CvWXXfSgGsjq/1qu+9aFLA3TOfp/wl
dWj8LHURgFy9k96SaC3nZDKQD30dw1wRML7ea1iKURYjRBXvN70S0BRGJl9zzUdd
3/PdhuEpP+uGN/OrglsOgUBipqhi/ydC4b2NeyWQB+OXVTviP5HuBKUThHaFoBEn
gkFoy/HmCViqDYSs/+ZnOkeQPs7JEorJquKXfV4KoVM6s2I8S84y3JoaawIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ9ssHcAMYf+QOn4Zm4py7I1f++MMB8GA1UdIwQY
MBaAFHtVFq9LdKEUK+8Tw/1wcFnmGmuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTFVV3IwdDBvUlFyN3hQRF9YQndXZVlhYTVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kYzhlMTMtNmRkMy00NGY5LTkwZjYt
N2NkMWY2NTJkOTI1LzEvbjJ5d2R3QXhoXzVBNmZobWJpbkxzalZfNzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kYzhlMTMtNmRkMy00NGY5LTkwZjYtN2NkMWY2NTJkOTI1
LzEvZTFVV3IwdDBvUlFyN3hQRF9YQndXZVlhYTVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANtzZgD
BABtzZwDBAG5BoQwDQYJKoZIhvcNAQELBQADggEBANAyw/zbZXqsoU1GAM5XTM+b
uvCSSdld0/BsCc5TA51eeS1YXQ2SaYz7YlCIl8SV00LUI9/DMXDniN/MSzywLD2s
r3k7qZT+w34YayVmRA2z3gVcZzdZbPFI8sJYmeI44lxUPZhBomoVTl1c6plYkR3A
hcc6XOqbuJtpH4tx/jLpefyP2vGDhijdSv/b83EGTs2hiECe470+ojD58fr89JFO
7weyvBA1cMih/EeaETg0TpRiKBvQreF57tEdwA051ju0d5zJ3Y0NXbZA1+YzcBv9
SvkcVvwb0LCWXWM21ouIlfFChPLncNfn1JaXLfTSnf1rEz9P25oT6Hqvs/PZzpQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:47:57 2025 by rpki-client