Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/a9ojZnfz0fm0UVD2fXdjv-28qnw.roa
File: a9ojZnfz0fm0UVD2fXdjv-28qnw.roa (raw, json)
Hash identifier: s9wsqrb6KjabBhTORHQp4WAcdtQIFP8TAj4IRPzQjYo=
Subject key identifier: 6B:DA:23:66:77:F3:D1:F9:B4:51:50:F6:7D:77:63:BF:ED:BC:AA:7C
Certificate issuer: /CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Certificate serial: 019425FC36249E255D4C01D047EB567ABDEF
Authority key identifier: 52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/a9ojZnfz0fm0UVD2fXdjv-28qnw.roa
Signing time: Thu 02 Jan 2025 07:47:53 +0000
ROA not before: Thu 02 Jan 2025 07:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39602
IP address blocks: 109.71.76.0/24 maxlen: 24
195.210.38.0/23 maxlen: 23
195.210.38.0/24 maxlen: 24
195.210.39.0/24 maxlen: 24
2001:678:900::/48 maxlen: 48
2a0c:3340::/29 maxlen: 29
2a0c:3340:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:36:24:9e:25:5d:4c:01:d0:47:eb:56:7a:bd:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Validity
Not Before: Jan 2 07:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bda236677f3d1f9b45150f67d7763bfedbcaa7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:78:de:6a:8a:d3:e6:7c:71:7b:50:2a:00:e6:
14:e8:3e:36:62:67:0a:0d:67:ba:18:3c:6e:fa:56:
bc:b0:00:79:62:51:93:63:cb:31:fa:88:28:9a:6e:
fe:21:ad:03:50:a0:9e:5b:31:00:ee:d3:ef:5e:65:
27:db:09:22:08:bc:25:f5:1d:9d:f8:ad:a0:7d:fa:
4b:90:54:0d:a8:97:9a:93:fd:bd:ec:2b:b7:1c:3d:
42:da:51:03:76:01:69:c2:67:73:b8:e5:9e:c9:a7:
12:17:6b:ab:ab:ea:0a:85:db:56:ed:f6:52:51:48:
81:78:5b:52:5b:bf:c4:04:fa:c3:b4:0f:25:74:12:
40:0c:ee:39:bc:16:0d:43:de:ca:05:d2:81:10:69:
c2:72:aa:16:12:62:ab:a9:14:25:96:93:e0:3e:51:
d9:c4:63:07:ec:29:d6:e5:ab:8a:56:03:84:5f:68:
e4:ba:f1:90:c8:91:a5:21:d0:c1:ed:f9:49:e2:7f:
10:bd:94:60:12:9f:bd:06:4a:b9:96:a3:83:e0:c4:
a1:21:ae:e0:01:40:87:47:c6:6c:46:67:33:c7:5b:
7b:60:4c:b3:fd:a5:f1:64:e7:22:86:48:14:8c:88:
20:8e:61:89:74:8b:61:5d:3d:2b:70:5d:5b:a6:6c:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DA:23:66:77:F3:D1:F9:B4:51:50:F6:7D:77:63:BF:ED:BC:AA:7C
X509v3 Authority Key Identifier:
keyid:52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/a9ojZnfz0fm0UVD2fXdjv-28qnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.76.0/24
195.210.38.0/23
IPv6:
2001:678:900::/48
2a0c:3340::/29
Signature Algorithm: sha256WithRSAEncryption
87:51:ca:85:70:bf:65:d3:d5:63:cf:a7:bd:4e:fd:a8:bc:ba:
25:e3:af:24:7b:9b:58:aa:53:76:fb:42:32:b7:67:de:59:1d:
c8:7b:99:8d:63:7f:71:61:f1:2c:49:a3:d5:5e:6e:cb:1b:bf:
ea:54:d5:a5:26:8d:23:77:58:11:c1:04:6d:a9:15:a1:c6:11:
16:0e:da:46:ab:6d:bb:11:64:8e:ee:2e:54:c8:6c:9f:ed:85:
12:5b:60:b0:1b:f9:4e:65:bf:42:a4:2d:db:3d:67:84:9e:7e:
3f:54:3b:e0:5a:d2:98:d4:e6:0d:c6:e2:ee:b9:c7:7a:80:c2:
df:68:6b:c9:35:d3:19:24:23:cb:e6:34:67:00:46:14:95:d6:
af:6e:69:dc:e0:a7:13:70:03:2b:92:3f:be:f9:37:c3:a6:39:
f6:21:4a:75:8d:df:04:d2:f6:1e:8a:6e:e7:f9:45:1d:52:6d:
bf:f7:3c:7e:07:1d:06:0d:17:f5:37:cc:bb:4a:01:42:15:a7:
3f:a5:ce:9e:32:fd:ac:d6:10:3c:ad:c4:d7:b2:84:67:af:78:
26:32:2f:db:2a:a2:35:4a:dd:34:f2:88:bd:72:c4:5b:b0:87:
f9:d7:d6:c9:c8:9d:6c:08:99:78:8a:fb:7c:08:a9:b5:39:4f:
a7:a8:ba:03
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/DYkniVdTAHQR+tWer3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOGQ1ODE0YzcxNTY0MjBkZWMzYTNmN2U1MjZlZjBmODMz
M2VlZjYwHhcNMjUwMTAyMDc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRhMjM2Njc3ZjNkMWY5YjQ1MTUwZjY3ZDc3NjNiZmVkYmNhYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHjeaorT5nxxe1AqAOYU6D42YmcK
DWe6GDxu+la8sAB5YlGTY8sx+ogomm7+Ia0DUKCeWzEA7tPvXmUn2wkiCLwl9R2d
+K2gffpLkFQNqJeak/297Cu3HD1C2lEDdgFpwmdzuOWeyacSF2urq+oKhdtW7fZS
UUiBeFtSW7/EBPrDtA8ldBJADO45vBYNQ97KBdKBEGnCcqoWEmKrqRQllpPgPlHZ
xGMH7CnW5auKVgOEX2jkuvGQyJGlIdDB7flJ4n8QvZRgEp+9Bkq5lqOD4MShIa7g
AUCHR8ZsRmczx1t7YEyz/aXxZOcihkgUjIggjmGJdIthXT0rcF1bpmyaKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGvaI2Z389H5tFFQ9n13Y7/tvKp8MB8GA1UdIwQY
MBaAFFKNWBTHFWQg3sOj9+Um7w+DM+72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgt
NDMxYzM5YmI3YjM4LzEvYTlvalpuZnowZm0wVVZEMmZYZGp2LTI4cW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgtNDMxYzM5YmI3YjM4
LzEvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAbUdMAwQB
w9ImMBYEAgACMBADBwAgAQZ4CQADBQMqDDNAMA0GCSqGSIb3DQEBCwUAA4IBAQCH
UcqFcL9l09Vjz6e9Tv2ovLol468ke5tYqlN2+0Iyt2feWR3Ie5mNY39xYfEsSaPV
Xm7LG7/qVNWlJo0jd1gRwQRtqRWhxhEWDtpGq227EWSO7i5UyGyf7YUSW2CwG/lO
Zb9CpC3bPWeEnn4/VDvgWtKY1OYNxuLuucd6gMLfaGvJNdMZJCPL5jRnAEYUldav
bmnc4KcTcAMrkj+++TfDpjn2IUp1jd8E0vYeim7n+UUdUm2/9zx+Bx0GDRf1N8y7
SgFCFac/pc6eMv2s1hA8rcTXsoRnr3gmMi/bKqI1St008oi9csRbsIf519bJyJ1s
CJl4ivt8CKm1OU+nqLoD
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:58:34 2025 by rpki-client