Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3ce7b6-1539-4d98-96d3-7b8c9f629728/1/12QxtEW8Lg5FHmyGOWlRhFpD8K0.roa
File: 12QxtEW8Lg5FHmyGOWlRhFpD8K0.roa (raw, json)
Hash identifier: F0VBqnjp0y2JokoTWMMVhx0AtTIXu/IolcaOiB/G5MQ=
Subject key identifier: D7:64:31:B4:45:BC:2E:0E:45:1E:6C:86:39:69:51:84:5A:43:F0:AD
Certificate issuer: /CN=aecdd8bee24b342b039d610ce3c0c0c4719a3bf9
Certificate serial: 0184F6C9F14B10CAEA97337511BCB627F347
Authority key identifier: AE:CD:D8:BE:E2:4B:34:2B:03:9D:61:0C:E3:C0:C0:C4:71:9A:3B:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rs3YvuJLNCsDnWEM48DAxHGaO_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3ce7b6-1539-4d98-96d3-7b8c9f629728/1/12QxtEW8Lg5FHmyGOWlRhFpD8K0.roa
Signing time: Fri 09 Dec 2022 12:09:00 +0000
ROA not before: Fri 09 Dec 2022 12:09:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211415
IP address blocks: 109.107.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:c9:f1:4b:10:ca:ea:97:33:75:11:bc:b6:27:f3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aecdd8bee24b342b039d610ce3c0c0c4719a3bf9
Validity
Not Before: Dec 9 12:09:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d76431b445bc2e0e451e6c86396951845a43f0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8e:2e:79:7c:47:f4:95:07:76:43:81:3c:f4:
fa:ce:83:4f:fd:2f:a5:97:7c:bc:3c:3b:29:44:8e:
14:68:aa:fb:29:08:72:c8:6e:29:a3:2c:14:fc:b2:
17:43:b9:a4:0c:26:c3:a9:6e:2a:ae:04:7f:86:48:
e3:d5:02:d5:fb:18:f5:e3:da:85:d0:93:11:77:9d:
3b:ac:26:fe:18:d3:70:51:8b:80:f3:f8:6a:83:6a:
50:44:77:33:fc:30:b4:96:94:88:b2:05:dc:51:92:
f9:ae:12:64:c4:c6:29:4b:d6:76:a9:40:a4:bc:17:
af:d0:a5:2e:3e:6b:3a:d7:a8:01:3c:48:95:c8:8d:
93:c5:f7:e9:f1:4a:29:56:df:61:9e:9e:aa:ae:51:
fe:c3:98:bf:98:3d:bb:56:11:5c:01:39:4f:99:03:
8a:5e:cd:75:e7:15:ac:53:ed:39:78:c9:d8:2c:3a:
f2:0c:f3:9d:5a:64:fd:e9:01:08:af:16:00:d5:5a:
d7:95:44:0f:8d:14:73:8c:2d:c0:b9:16:36:86:07:
ea:80:83:9d:86:f7:e8:84:bb:01:88:24:92:df:99:
fb:46:81:55:50:d4:fd:f8:a5:cb:8c:52:3b:a1:43:
e7:39:9a:90:8f:f7:49:12:03:2f:20:64:e3:2b:36:
ee:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:64:31:B4:45:BC:2E:0E:45:1E:6C:86:39:69:51:84:5A:43:F0:AD
X509v3 Authority Key Identifier:
keyid:AE:CD:D8:BE:E2:4B:34:2B:03:9D:61:0C:E3:C0:C0:C4:71:9A:3B:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs3YvuJLNCsDnWEM48DAxHGaO_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3ce7b6-1539-4d98-96d3-7b8c9f629728/1/12QxtEW8Lg5FHmyGOWlRhFpD8K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3ce7b6-1539-4d98-96d3-7b8c9f629728/1/rs3YvuJLNCsDnWEM48DAxHGaO_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.135.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:82:95:c3:ba:5e:4b:73:90:d8:ee:60:b7:2a:02:9b:d8:d0:
51:79:3d:94:31:fc:01:93:69:35:a9:fc:89:c3:76:0e:c3:a7:
9c:2f:ac:a1:74:5c:92:0d:b9:a5:cb:c9:e8:5d:c1:9d:07:d2:
08:c5:eb:40:84:d6:76:fd:ba:37:5e:0b:98:dd:7b:76:83:c7:
1a:06:27:66:75:a9:5d:04:d5:e1:dd:a7:05:ec:d4:3a:44:5d:
64:00:71:6d:89:37:96:27:ec:f0:1b:86:36:bb:52:ad:ca:27:
1f:11:2e:da:a5:06:42:8e:77:5d:44:14:15:8b:d7:ce:b4:8d:
6d:c9:89:ac:e2:66:88:e6:a1:89:c3:e4:09:c3:ed:06:f4:e5:
13:5c:24:18:f0:17:91:da:da:a5:2b:20:59:ba:36:ce:db:b7:
1e:3a:b5:f2:a4:a3:fa:5a:1b:8b:67:b3:97:84:11:02:bb:6c:
75:8a:2f:2a:f7:9d:cd:2a:14:e9:92:e6:4a:68:30:4e:ab:19:
d6:13:7c:f7:ec:de:81:71:28:14:40:26:b2:fd:d3:f6:79:63:
fb:32:b9:3d:45:93:68:d6:11:7d:cc:5b:38:e3:18:b8:25:34:
9f:f5:6a:cb:71:b8:4d:35:4b:4d:25:e6:fc:12:21:5c:59:b1:
07:d2:d3:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT2yfFLEMrqlzN1Eby2J/NHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlY2RkOGJlZTI0YjM0MmIwMzlkNjEwY2UzYzBjMGM0NzE5
YTNiZjkwHhcNMjIxMjA5MTIwOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzY0MzFiNDQ1YmMyZTBlNDUxZTZjODYzOTY5NTE4NDVhNDNmMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY4ueXxH9JUHdkOBPPT6zoNP/S+l
l3y8PDspRI4UaKr7KQhyyG4poywU/LIXQ7mkDCbDqW4qrgR/hkjj1QLV+xj149qF
0JMRd507rCb+GNNwUYuA8/hqg2pQRHcz/DC0lpSIsgXcUZL5rhJkxMYpS9Z2qUCk
vBev0KUuPms616gBPEiVyI2Txffp8UopVt9hnp6qrlH+w5i/mD27VhFcATlPmQOK
Xs115xWsU+05eMnYLDryDPOdWmT96QEIrxYA1VrXlUQPjRRzjC3AuRY2hgfqgIOd
hvfohLsBiCSS35n7RoFVUNT9+KXLjFI7oUPnOZqQj/dJEgMvIGTjKzbuhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdkMbRFvC4ORR5shjlpUYRaQ/CtMB8GA1UdIwQY
MBaAFK7N2L7iSzQrA51hDOPAwMRxmjv5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnMzWXZ1SkxOQ3NEbldFTTQ4REF4SEdhT19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zY2U3YjYtMTUzOS00ZDk4LTk2ZDMt
N2I4YzlmNjI5NzI4LzEvMTJReHRFVzhMZzVGSG15R09XbFJoRnBEOEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zY2U3YjYtMTUzOS00ZDk4LTk2ZDMtN2I4YzlmNjI5NzI4
LzEvcnMzWXZ1SkxOQ3NEbldFTTQ4REF4SEdhT19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuHMA0G
CSqGSIb3DQEBCwUAA4IBAQAcgpXDul5Lc5DY7mC3KgKb2NBReT2UMfwBk2k1qfyJ
w3YOw6ecL6yhdFySDbmly8noXcGdB9IIxetAhNZ2/bo3XguY3Xt2g8caBidmdald
BNXh3acF7NQ6RF1kAHFtiTeWJ+zwG4Y2u1KtyicfES7apQZCjnddRBQVi9fOtI1t
yYms4maI5qGJw+QJw+0G9OUTXCQY8BeR2tqlKyBZujbO27ceOrXypKP6WhuLZ7OX
hBECu2x1ii8q953NKhTpkuZKaDBOqxnWE3z37N6BcSgUQCay/dP2eWP7Mrk9RZNo
1hF9zFs44xi4JTSf9WrLcbhNNUtNJeb8EiFcWbEH0tMa
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:11 2025 by rpki-client