Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/nB0xEW4pKbb60glRLTO6o0L_ehc.roa
File: nB0xEW4pKbb60glRLTO6o0L_ehc.roa (raw, json)
Hash identifier: j1gnFU7hM1AyNj+0jsbglOPGIeZalcWrgTurseJekCk=
Subject key identifier: 9C:1D:31:11:6E:29:29:B6:FA:D2:09:51:2D:33:BA:A3:42:FF:7A:17
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747D7986EB1C5D6B345955CA929551C
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/nB0xEW4pKbb60glRLTO6o0L_ehc.roa
Signing time: Thu 02 Jan 2025 13:50:07 +0000
ROA not before: Thu 02 Jan 2025 13:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213789
IP address blocks: 109.248.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d7:98:6e:b1:c5:d6:b3:45:95:5c:a9:29:55:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c1d31116e2929b6fad209512d33baa342ff7a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:99:57:a9:8d:3d:9d:43:9b:68:8e:de:b9:
06:7c:de:37:1f:b4:ac:cc:8b:8e:17:a3:f7:1c:64:
ef:34:40:15:05:88:2b:15:10:c4:e9:d7:08:31:7f:
b3:bd:5f:8f:a2:97:fa:30:12:e4:94:27:1a:d2:b8:
22:19:85:d3:61:6b:a4:41:0f:07:8d:01:d3:01:ec:
ed:9e:0f:e9:e4:1b:1f:5c:b8:d7:49:e1:b9:1e:7c:
db:e7:0a:f0:86:29:ba:41:75:3a:57:90:29:57:fe:
87:24:5f:0e:ef:bc:aa:8c:23:d5:c7:c3:4d:23:17:
7a:91:7c:50:e5:13:59:45:7a:63:f8:bd:eb:ef:29:
52:81:88:59:64:81:f8:30:7b:0a:a4:f9:63:62:2f:
3a:7f:a9:f7:62:e3:3c:7d:8a:70:8b:f0:50:10:25:
f3:da:0e:eb:fe:ca:e2:5d:14:db:10:58:c9:19:be:
5a:74:84:6f:81:f0:5d:a3:3e:ba:b0:95:e4:70:28:
ea:70:0b:75:3d:5b:48:2c:a9:b2:a1:25:3a:f0:33:
ae:e0:a6:fb:0f:98:ce:35:aa:56:10:4f:53:da:15:
50:86:d4:f5:9b:63:1c:93:26:8c:e2:e1:02:1b:60:
8f:e0:94:05:e7:2e:e8:e7:9b:7d:e2:aa:82:9c:96:
6b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1D:31:11:6E:29:29:B6:FA:D2:09:51:2D:33:BA:A3:42:FF:7A:17
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/nB0xEW4pKbb60glRLTO6o0L_ehc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.227.0/24
Signature Algorithm: sha256WithRSAEncryption
89:db:c8:ad:53:49:9d:88:81:9d:0a:6a:10:d9:88:c2:76:4e:
60:f5:af:d0:7f:da:9c:0e:87:7b:18:ac:91:df:da:50:ed:9d:
90:f4:88:20:06:3f:e8:f6:39:26:61:bb:6e:11:db:7b:0c:f8:
1d:d6:27:a3:ab:fd:25:13:fd:96:db:7f:b6:72:bd:41:66:29:
5a:1f:52:9a:fa:d8:22:2f:04:07:95:ee:7c:7c:91:37:1a:8e:
fe:ce:a0:a9:74:64:0b:02:da:f2:75:5b:ec:84:39:17:52:7c:
be:58:3f:f8:f3:15:00:ec:f4:d2:30:8a:06:e5:6d:a9:49:8b:
b5:de:76:8f:7b:08:5b:8b:cc:5e:dd:83:2d:bb:3b:8b:6b:ad:
77:9f:d4:a9:a6:2a:82:38:30:3b:ab:5f:eb:61:41:b4:16:ee:
9a:ba:c5:3e:51:36:96:75:4e:f7:80:09:ff:a8:7a:1f:71:87:
41:0f:0a:e3:9d:0f:a2:9a:ef:f1:79:da:ac:fc:3a:56:3c:80:
48:0a:0c:8f:2d:e6:e1:5e:9e:5f:3c:67:02:df:f4:d8:d5:d9:
5e:42:1e:5a:f7:42:e8:42:bf:c6:27:c9:02:5a:33:b5:29:e7:
21:f5:5d:00:49:a9:42:7f:39:b8:34:54:ee:42:75:83:bd:ab:
05:28:65:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR9eYbrHF1rNFlVypKVUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzFkMzExMTZlMjkyOWI2ZmFkMjA5NTEyZDMzYmFhMzQyZmY3YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIKZV6mNPZ1Dm2iO3rkGfN43H7Ss
zIuOF6P3HGTvNEAVBYgrFRDE6dcIMX+zvV+Popf6MBLklCca0rgiGYXTYWukQQ8H
jQHTAeztng/p5BsfXLjXSeG5Hnzb5wrwhim6QXU6V5ApV/6HJF8O77yqjCPVx8NN
Ixd6kXxQ5RNZRXpj+L3r7ylSgYhZZIH4MHsKpPljYi86f6n3YuM8fYpwi/BQECXz
2g7r/sriXRTbEFjJGb5adIRvgfBdoz66sJXkcCjqcAt1PVtILKmyoSU68DOu4Kb7
D5jONapWEE9T2hVQhtT1m2MckyaM4uECG2CP4JQF5y7o55t94qqCnJZreQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwdMRFuKSm2+tIJUS0zuqNC/3oXMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvbkIweEVXNHBLYmI2MGdsUkxUTzZvMExfZWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbfjjMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ28itU0mdiIGdCmoQ2YjCdk5g9a/Qf9qcDod7GKyR
39pQ7Z2Q9IggBj/o9jkmYbtuEdt7DPgd1iejq/0lE/2W23+2cr1BZilaH1Ka+tgi
LwQHle58fJE3Go7+zqCpdGQLAtrydVvshDkXUny+WD/48xUA7PTSMIoG5W2pSYu1
3naPewhbi8xe3YMtuzuLa613n9SppiqCODA7q1/rYUG0Fu6ausU+UTaWdU73gAn/
qHofcYdBDwrjnQ+imu/xedqs/DpWPIBICgyPLebhXp5fPGcC3/TY1dleQh5a90Lo
Qr/GJ8kCWjO1Kech9V0ASalCfzm4NFTuQnWDvasFKGV/
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:28:23 2025 by rpki-client