Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/322450-21ca-41af-9b65-cbe084872174/1/h_GYODiIwy0tVyLDmKAyNCK7Ui8.roa
File: h_GYODiIwy0tVyLDmKAyNCK7Ui8.roa (raw, json)
Hash identifier: EVyFdfHvchtGYnioVymnJTf1ceZLIXds+uNSkp7sgG8=
Subject key identifier: 87:F1:98:38:38:88:C3:2D:2D:57:22:C3:98:A0:32:34:22:BB:52:2F
Certificate issuer: /CN=4a7cfe881168b615a0bd411cc314bd040a4d27f6
Certificate serial: 0194228D2776BDFE0A19E10CF45E599682CB
Authority key identifier: 4A:7C:FE:88:11:68:B6:15:A0:BD:41:1C:C3:14:BD:04:0A:4D:27:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Snz-iBFothWgvUEcwxS9BApNJ_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/322450-21ca-41af-9b65-cbe084872174/1/h_GYODiIwy0tVyLDmKAyNCK7Ui8.roa
Signing time: Wed 01 Jan 2025 15:47:43 +0000
ROA not before: Wed 01 Jan 2025 15:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39250
IP address blocks: 109.68.152.0/21 maxlen: 21
2a00:1d68::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:27:76:bd:fe:0a:19:e1:0c:f4:5e:59:96:82:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7cfe881168b615a0bd411cc314bd040a4d27f6
Validity
Not Before: Jan 1 15:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87f198383888c32d2d5722c398a0323422bb522f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e1:8b:9c:58:2c:75:dc:c4:ee:ff:61:7b:82:
bc:07:91:3b:dc:c7:0a:f4:16:e2:cb:96:b8:71:c1:
0d:08:11:96:0f:e1:cb:0f:d3:95:36:2d:6f:7d:cd:
2d:17:43:e9:a5:59:53:31:59:e2:48:44:83:27:2d:
88:ed:c3:6a:00:cd:2a:ae:d8:f3:ca:54:1a:f0:99:
fa:e8:86:b5:97:72:24:a4:13:27:46:58:6e:b3:36:
b2:38:f5:bc:79:8d:f6:24:56:16:7f:bd:05:8a:dc:
fe:bd:89:3d:28:1a:a0:4d:d8:b0:69:96:e0:31:87:
d5:3a:56:4a:40:32:ae:e6:c0:ba:1a:b2:9a:b2:32:
93:9b:33:be:fd:80:ad:c2:af:02:37:be:14:c0:bd:
68:f7:31:7c:9f:67:aa:53:bc:54:a6:9b:07:ab:06:
03:e0:af:1b:1b:2d:86:41:54:5a:58:e4:ba:be:08:
48:3e:9a:b9:18:e8:91:85:84:09:60:57:d1:1b:7a:
d2:09:c2:48:4f:bc:92:d3:b6:cb:da:c3:85:e2:da:
ad:ba:63:b4:fb:37:19:3e:03:e0:2d:8e:e4:4d:ca:
2a:9e:49:0d:50:11:5e:10:88:7d:c6:ea:0b:f0:7b:
37:68:7d:2e:30:cc:8f:0b:74:ee:12:d4:50:2d:56:
50:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F1:98:38:38:88:C3:2D:2D:57:22:C3:98:A0:32:34:22:BB:52:2F
X509v3 Authority Key Identifier:
keyid:4A:7C:FE:88:11:68:B6:15:A0:BD:41:1C:C3:14:BD:04:0A:4D:27:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Snz-iBFothWgvUEcwxS9BApNJ_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/322450-21ca-41af-9b65-cbe084872174/1/h_GYODiIwy0tVyLDmKAyNCK7Ui8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/322450-21ca-41af-9b65-cbe084872174/1/Snz-iBFothWgvUEcwxS9BApNJ_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.152.0/21
IPv6:
2a00:1d68::/32
Signature Algorithm: sha256WithRSAEncryption
cd:b5:8b:e9:2f:49:c5:2a:f4:85:eb:7b:a8:ca:31:45:eb:74:
fa:aa:ac:09:a0:7f:db:d5:5b:c9:91:82:0a:de:c7:40:ed:10:
0c:b0:24:3d:cc:65:63:42:16:38:2c:b7:a9:a8:d5:0f:99:de:
f6:59:f9:9a:bd:cf:fc:3c:a7:98:1b:28:4f:86:2d:10:61:2f:
c6:b9:ac:22:3d:a7:10:b5:91:a8:c6:c1:3a:ad:f0:b5:a4:ce:
e7:3c:0f:39:ba:48:fc:bb:57:10:81:9f:3d:8f:7c:7b:32:32:
55:a5:21:d4:58:0e:9a:03:a1:03:19:f8:39:04:bd:af:93:36:
71:63:e0:9e:3e:15:ae:e7:41:50:76:fe:42:44:e2:bc:1a:c3:
49:29:dc:92:dc:32:ad:97:a0:af:d7:eb:80:18:fd:91:19:14:
98:a4:88:d4:bc:56:07:f8:f0:16:56:5e:5c:d1:1f:67:1e:05:
3d:ae:da:cd:58:9e:bc:62:d3:44:72:eb:58:81:0e:52:56:18:
8e:c1:42:36:13:d6:54:b2:02:6b:2e:b7:1e:c5:4c:e2:f0:db:
5c:79:86:87:09:c5:c4:38:59:a1:8d:b8:d2:73:53:fa:b1:30:
a1:74:a8:ba:76:9c:88:02:0a:a4:5d:6c:0a:1e:31:04:00:f6:
c0:66:27:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijSd2vf4KGeEM9F5ZloLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2NmZTg4MTE2OGI2MTVhMGJkNDExY2MzMTRiZDA0MGE0
ZDI3ZjYwHhcNMjUwMTAxMTU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2YxOTgzODM4ODhjMzJkMmQ1NzIyYzM5OGEwMzIzNDIyYmI1MjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+GLnFgsddzE7v9he4K8B5E73McK
9Bbiy5a4ccENCBGWD+HLD9OVNi1vfc0tF0PppVlTMVniSESDJy2I7cNqAM0qrtjz
ylQa8Jn66Ia1l3IkpBMnRlhuszayOPW8eY32JFYWf70Fitz+vYk9KBqgTdiwaZbg
MYfVOlZKQDKu5sC6GrKasjKTmzO+/YCtwq8CN74UwL1o9zF8n2eqU7xUppsHqwYD
4K8bGy2GQVRaWOS6vghIPpq5GOiRhYQJYFfRG3rSCcJIT7yS07bL2sOF4tqtumO0
+zcZPgPgLY7kTcoqnkkNUBFeEIh9xuoL8Hs3aH0uMMyPC3TuEtRQLVZQHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIfxmDg4iMMtLVciw5igMjQiu1IvMB8GA1UdIwQY
MBaAFEp8/ogRaLYVoL1BHMMUvQQKTSf2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU256LWlCRm90aFdndlVFY3d4UzlCQXBOSl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zMjI0NTAtMjFjYS00MWFmLTliNjUt
Y2JlMDg0ODcyMTc0LzEvaF9HWU9EaUl3eTB0VnlMRG1LQXlOQ0s3VWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zMjI0NTAtMjFjYS00MWFmLTliNjUtY2JlMDg0ODcyMTc0
LzEvU256LWlCRm90aFdndlVFY3d4UzlCQXBOSl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbUSYMA0E
AgACMAcDBQAqAB1oMA0GCSqGSIb3DQEBCwUAA4IBAQDNtYvpL0nFKvSF63uoyjFF
63T6qqwJoH/b1VvJkYIK3sdA7RAMsCQ9zGVjQhY4LLepqNUPmd72Wfmavc/8PKeY
GyhPhi0QYS/GuawiPacQtZGoxsE6rfC1pM7nPA85ukj8u1cQgZ89j3x7MjJVpSHU
WA6aA6EDGfg5BL2vkzZxY+CePhWu50FQdv5CROK8GsNJKdyS3DKtl6Cv1+uAGP2R
GRSYpIjUvFYH+PAWVl5c0R9nHgU9rtrNWJ68YtNEcutYgQ5SVhiOwUI2E9ZUsgJr
LrcexUzi8NtceYaHCcXEOFmhjbjSc1P6sTChdKi6dpyIAgqkXWwKHjEEAPbAZicI
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:31 2025 by rpki-client