Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/DQkkhpmdMMNiMGqB2MvufgL9z-I.roa
File: DQkkhpmdMMNiMGqB2MvufgL9z-I.roa (raw, json)
Hash identifier: 14iJkWGP9sXrmAZhe4UfYCRcRobjpow3rCCHJEu6sko=
Subject key identifier: 0D:09:24:86:99:9D:30:C3:62:30:6A:81:D8:CB:EE:7E:02:FD:CF:E2
Certificate issuer: /CN=e0b9c65dc95053e437e32c99acf3bdc5e95cb1ee
Certificate serial: 01856CCAEA9CD978EBF45AEE7F5AF03A1FAB
Authority key identifier: E0:B9:C6:5D:C9:50:53:E4:37:E3:2C:99:AC:F3:BD:C5:E9:5C:B1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4LnGXclQU-Q34yyZrPO9xelcse4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/DQkkhpmdMMNiMGqB2MvufgL9z-I.roa
Signing time: Sun 01 Jan 2023 10:05:15 +0000
ROA not before: Sun 01 Jan 2023 10:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44489
IP address blocks: 109.164.0.0/17 maxlen: 25
185.131.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:ea:9c:d9:78:eb:f4:5a:ee:7f:5a:f0:3a:1f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0b9c65dc95053e437e32c99acf3bdc5e95cb1ee
Validity
Not Before: Jan 1 10:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d092486999d30c362306a81d8cbee7e02fdcfe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:30:91:ba:78:04:5e:39:22:5f:2f:d7:b2:67:
3e:75:89:e7:9f:b6:d8:2b:83:6f:f5:9e:6e:81:b0:
e6:0b:3f:1f:49:cc:3b:b5:59:7a:37:5f:77:54:ca:
b6:b2:db:58:31:8b:4f:da:db:0e:45:bc:14:0d:45:
94:f0:b4:b9:b1:6b:3d:84:66:c6:7e:ad:15:c5:6e:
e3:21:d6:11:36:da:ee:0e:69:f5:85:a3:7b:84:26:
11:e5:d8:46:42:a5:ef:fb:ad:48:8e:9d:73:cb:c4:
10:78:a0:9b:3f:5e:22:e0:ea:a1:38:63:7f:bb:ac:
6b:29:88:f1:a2:0b:bd:21:f8:14:6a:d4:5f:1b:90:
fc:90:30:14:a3:5a:d9:dd:01:bd:48:b5:22:da:03:
ff:e0:55:86:fa:3d:21:0e:d7:db:d3:37:e1:1c:72:
5f:2d:62:21:70:4f:2b:a5:26:06:2e:b9:84:90:8f:
00:44:d4:1d:22:0b:14:6d:ec:fc:21:7c:fb:dd:07:
5d:4a:ad:39:82:b1:ed:23:a6:0d:50:32:54:bf:2e:
07:73:cf:e4:7e:1c:3f:be:db:5e:ea:c9:59:4e:ce:
07:20:af:31:97:12:85:02:12:06:f9:5e:30:49:af:
94:98:5d:db:d0:5d:fd:73:7a:67:6f:f9:ca:17:5f:
a2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:09:24:86:99:9D:30:C3:62:30:6A:81:D8:CB:EE:7E:02:FD:CF:E2
X509v3 Authority Key Identifier:
keyid:E0:B9:C6:5D:C9:50:53:E4:37:E3:2C:99:AC:F3:BD:C5:E9:5C:B1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LnGXclQU-Q34yyZrPO9xelcse4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/DQkkhpmdMMNiMGqB2MvufgL9z-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/4LnGXclQU-Q34yyZrPO9xelcse4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.164.0.0/17
185.131.60.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:ab:c6:6d:01:d7:2f:7f:d8:04:c0:86:95:41:80:81:dd:d0:
fd:55:22:55:76:90:ae:59:71:1c:3a:95:fd:f6:96:6e:14:bc:
9a:3a:b6:8a:5f:75:2a:19:dc:a3:5a:6d:5c:62:ae:28:55:5a:
cf:f3:87:7a:e1:31:28:90:87:2a:c9:3a:e6:7b:89:b7:34:d0:
af:9c:f9:34:26:14:f1:74:13:c0:51:dc:33:3f:37:9f:9a:be:
72:df:c0:e2:98:40:8c:bb:53:b5:de:8a:48:96:88:9b:40:68:
d5:d2:e1:b7:05:d5:14:68:6a:98:77:a2:d7:14:60:0e:30:66:
27:3d:42:b4:05:c9:a1:7b:16:ba:4e:b4:85:40:31:ab:e9:a0:
f4:db:22:b2:6f:85:95:0c:3c:4a:f2:a6:ce:d3:b6:2a:61:4f:
52:b2:03:ae:c1:d2:a8:cd:22:cd:81:a9:ce:e6:0c:3f:2b:14:
aa:25:f5:a2:99:48:43:a0:5d:55:33:c3:1a:a1:7e:37:06:a1:
66:72:4e:fa:74:91:32:fa:12:5d:a2:82:61:c2:19:16:b1:e4:
23:36:54:c5:e6:8c:5d:ae:e9:6f:25:a0:d6:3f:59:8e:6d:2b:
96:36:19:22:3a:2e:43:60:ca:01:8d:3f:6e:01:93:8d:24:71:
c9:b3:b2:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsyuqc2Xjr9Fruf1rwOh+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjljNjVkYzk1MDUzZTQzN2UzMmM5OWFjZjNiZGM1ZTk1
Y2IxZWUwHhcNMjMwMTAxMTAwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDA5MjQ4Njk5OWQzMGMzNjIzMDZhODFkOGNiZWU3ZTAyZmRjZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTCRungEXjkiXy/Xsmc+dYnnn7bY
K4Nv9Z5ugbDmCz8fScw7tVl6N193VMq2sttYMYtP2tsORbwUDUWU8LS5sWs9hGbG
fq0VxW7jIdYRNtruDmn1haN7hCYR5dhGQqXv+61Ijp1zy8QQeKCbP14i4OqhOGN/
u6xrKYjxogu9IfgUatRfG5D8kDAUo1rZ3QG9SLUi2gP/4FWG+j0hDtfb0zfhHHJf
LWIhcE8rpSYGLrmEkI8ARNQdIgsUbez8IXz73QddSq05grHtI6YNUDJUvy4Hc8/k
fhw/vtte6slZTs4HIK8xlxKFAhIG+V4wSa+UmF3b0F39c3pnb/nKF1+iVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA0JJIaZnTDDYjBqgdjL7n4C/c/iMB8GA1UdIwQY
MBaAFOC5xl3JUFPkN+MsmazzvcXpXLHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExuR1hjbFFVLVEzNHl5WnJQTzl4ZWxjc2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9kMDE5YmItODc2OC00NDc4LWEzOWEt
Yjk0Zjc2NTRhOGM3LzEvRFFra2hwbWRNTU5pTUdxQjJNdnVmZ0w5ei1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9kMDE5YmItODc2OC00NDc4LWEzOWEtYjk0Zjc2NTRhOGM3
LzEvNExuR1hjbFFVLVEzNHl5WnJQTzl4ZWxjc2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHbaQAAwQC
uYM8MA0GCSqGSIb3DQEBCwUAA4IBAQA7q8ZtAdcvf9gEwIaVQYCB3dD9VSJVdpCu
WXEcOpX99pZuFLyaOraKX3UqGdyjWm1cYq4oVVrP84d64TEokIcqyTrme4m3NNCv
nPk0JhTxdBPAUdwzPzefmr5y38DimECMu1O13opIloibQGjV0uG3BdUUaGqYd6LX
FGAOMGYnPUK0Bcmhexa6TrSFQDGr6aD02yKyb4WVDDxK8qbO07YqYU9SsgOuwdKo
zSLNganO5gw/KxSqJfWimUhDoF1VM8MaoX43BqFmck76dJEy+hJdooJhwhkWseQj
NlTF5oxdrulvJaDWP1mObSuWNhkiOi5DYMoBjT9uAZONJHHJs7Ld
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:20 2025 by rpki-client