Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/2GiYWCqgnTIID6EALGcJJSsnZxU.roa
File: 2GiYWCqgnTIID6EALGcJJSsnZxU.roa (raw, json)
Hash identifier: i02F97lvwL/HSP+qjkTjHOVVib9lvoYmmfnO234hRuI=
Subject key identifier: D8:68:98:58:2A:A0:9D:32:08:0F:A1:00:2C:67:09:25:2B:27:67:15
Certificate issuer: /CN=e0b9c65dc95053e437e32c99acf3bdc5e95cb1ee
Certificate serial: 01868C81159D78B249D5DED95ABFE085551F
Authority key identifier: E0:B9:C6:5D:C9:50:53:E4:37:E3:2C:99:AC:F3:BD:C5:E9:5C:B1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4LnGXclQU-Q34yyZrPO9xelcse4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/2GiYWCqgnTIID6EALGcJJSsnZxU.roa
Signing time: Sun 26 Feb 2023 06:55:15 +0000
ROA not before: Sun 26 Feb 2023 06:55:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49931
IP address blocks: 109.164.0.0/17 maxlen: 25
109.164.121.0/24 maxlen: 25
2a03:3a01::/32 maxlen: 56
2a03:3a00::/32 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8c:81:15:9d:78:b2:49:d5:de:d9:5a:bf:e0:85:55:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0b9c65dc95053e437e32c99acf3bdc5e95cb1ee
Validity
Not Before: Feb 26 06:55:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d86898582aa09d32080fa1002c6709252b276715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c0:48:06:81:38:4f:83:a5:dd:56:ff:70:98:
00:cc:5e:97:8a:0f:31:9a:15:89:0a:47:99:71:20:
97:00:be:b1:48:0a:eb:97:cf:8a:eb:1e:e0:14:17:
31:2f:bd:11:f3:3d:1f:0e:91:60:3d:d1:d0:96:68:
ea:52:ff:c0:2f:37:1d:fa:1b:4c:56:63:0c:99:6e:
a0:e1:9d:e8:c0:ae:d5:72:06:fc:a7:c6:06:03:2f:
8d:1e:61:61:41:60:fa:01:e8:da:36:96:4a:68:38:
c6:54:81:55:f7:f8:f1:40:ef:8a:03:d6:98:95:2c:
e5:9d:f4:8d:3e:bc:ca:a6:47:40:bf:6a:d0:3d:90:
ed:a5:81:29:34:bf:f7:d1:2b:b5:be:d3:6d:88:99:
be:f6:65:52:42:55:ee:ed:19:ba:f8:b6:07:cc:ec:
2d:83:1d:e1:d0:2e:9a:c3:da:3e:33:53:2a:90:21:
76:1b:85:8b:bc:50:42:5d:9c:ea:56:57:db:03:b3:
73:39:68:49:79:61:71:2e:b5:03:60:fe:a6:9c:31:
d0:2b:db:0c:c0:6d:59:01:36:e2:20:2c:f6:08:b2:
e5:f1:10:6e:bd:fc:46:d2:0b:a2:dc:6a:2b:10:9a:
a8:ee:4c:1d:51:d0:2a:74:5a:eb:22:ca:65:a4:04:
c4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:68:98:58:2A:A0:9D:32:08:0F:A1:00:2C:67:09:25:2B:27:67:15
X509v3 Authority Key Identifier:
keyid:E0:B9:C6:5D:C9:50:53:E4:37:E3:2C:99:AC:F3:BD:C5:E9:5C:B1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LnGXclQU-Q34yyZrPO9xelcse4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/2GiYWCqgnTIID6EALGcJJSsnZxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/4LnGXclQU-Q34yyZrPO9xelcse4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.164.0.0/17
IPv6:
2a03:3a00::/31
Signature Algorithm: sha256WithRSAEncryption
25:d3:b1:69:e4:3c:2f:41:d7:d6:e1:79:00:5e:e1:87:cc:81:
5b:6a:25:14:d5:77:c0:85:4c:cf:fa:6f:6a:18:57:d4:46:6d:
33:f4:2a:2d:25:c2:a3:ff:06:55:01:d0:c7:bf:9c:52:4b:ca:
c4:d3:2c:2d:6b:73:7a:06:f3:33:f8:85:54:63:15:48:59:a8:
4f:1f:1f:8f:35:6c:6e:c1:5a:5c:aa:23:02:2f:bd:f0:b5:4b:
37:a2:ed:78:2d:ce:85:80:ca:bd:3a:9c:83:82:14:7c:f9:1e:
04:c5:30:a4:1a:93:7d:ca:e7:03:9b:c1:45:7f:64:41:3f:73:
d5:99:da:3f:f0:64:68:5f:a1:ed:41:82:fc:3b:c5:07:e3:2c:
30:78:f0:ab:8d:31:81:77:44:30:16:2a:61:15:5f:22:bc:f6:
a6:15:9d:f5:ce:da:88:a4:92:99:e8:c2:6c:30:e4:a2:7a:09:
fa:e2:9d:64:63:26:da:dc:bc:7c:dd:74:94:5b:07:93:84:95:
35:6b:83:0e:38:a1:84:3c:32:14:7e:73:d4:3b:5f:be:53:fe:
4c:37:2d:84:2c:64:64:d4:32:b5:6b:ef:c1:0d:3f:59:1b:b2:
db:f3:99:d5:ae:f6:af:c5:96:1b:ee:dc:a4:af:6d:6c:6c:0e:
bf:22:d3:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaMgRWdeLJJ1d7ZWr/ghVUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjljNjVkYzk1MDUzZTQzN2UzMmM5OWFjZjNiZGM1ZTk1
Y2IxZWUwHhcNMjMwMjI2MDY1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODY4OTg1ODJhYTA5ZDMyMDgwZmExMDAyYzY3MDkyNTJiMjc2NzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsBIBoE4T4Ol3Vb/cJgAzF6Xig8x
mhWJCkeZcSCXAL6xSArrl8+K6x7gFBcxL70R8z0fDpFgPdHQlmjqUv/ALzcd+htM
VmMMmW6g4Z3owK7Vcgb8p8YGAy+NHmFhQWD6AejaNpZKaDjGVIFV9/jxQO+KA9aY
lSzlnfSNPrzKpkdAv2rQPZDtpYEpNL/30Su1vtNtiJm+9mVSQlXu7Rm6+LYHzOwt
gx3h0C6aw9o+M1MqkCF2G4WLvFBCXZzqVlfbA7NzOWhJeWFxLrUDYP6mnDHQK9sM
wG1ZATbiICz2CLLl8RBuvfxG0gui3GorEJqo7kwdUdAqdFrrIsplpATEBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNhomFgqoJ0yCA+hACxnCSUrJ2cVMB8GA1UdIwQY
MBaAFOC5xl3JUFPkN+MsmazzvcXpXLHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExuR1hjbFFVLVEzNHl5WnJQTzl4ZWxjc2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9kMDE5YmItODc2OC00NDc4LWEzOWEt
Yjk0Zjc2NTRhOGM3LzEvMkdpWVdDcWduVElJRDZFQUxHY0pKU3NuWnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9kMDE5YmItODc2OC00NDc4LWEzOWEtYjk0Zjc2NTRhOGM3
LzEvNExuR1hjbFFVLVEzNHl5WnJQTzl4ZWxjc2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHbaQAMA0E
AgACMAcDBQEqAzoAMA0GCSqGSIb3DQEBCwUAA4IBAQAl07Fp5DwvQdfW4XkAXuGH
zIFbaiUU1XfAhUzP+m9qGFfURm0z9CotJcKj/wZVAdDHv5xSS8rE0ywta3N6BvMz
+IVUYxVIWahPHx+PNWxuwVpcqiMCL73wtUs3ou14Lc6FgMq9OpyDghR8+R4ExTCk
GpN9yucDm8FFf2RBP3PVmdo/8GRoX6HtQYL8O8UH4ywwePCrjTGBd0QwFiphFV8i
vPamFZ31ztqIpJKZ6MJsMOSiegn64p1kYyba3Lx83XSUWweThJU1a4MOOKGEPDIU
fnPUO1++U/5MNy2ELGRk1DK1a+/BDT9ZG7Lb85nVrvavxZYb7tykr21sbA6/ItNz
-----END CERTIFICATE-----
Generated at Thu Dec 28 16:03:51 2023 by rpki-client on console-fra.rpki-client.org