Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/5LnfbURgWimr8F-YI-VSyM7CXO8.roa
File: 5LnfbURgWimr8F-YI-VSyM7CXO8.roa (raw, json)
Hash identifier: DR8/omtulgApOdaoBxVf7F7xTPonfWpkFej/eWopPOo=
Subject key identifier: E4:B9:DF:6D:44:60:5A:29:AB:F0:5F:98:23:E5:52:C8:CE:C2:5C:EF
Certificate issuer: /CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Certificate serial: 01857227CAC1F6FF2B68F8D8906211F15E68
Authority key identifier: C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/5LnfbURgWimr8F-YI-VSyM7CXO8.roa
Signing time: Mon 02 Jan 2023 11:04:48 +0000
ROA not before: Mon 02 Jan 2023 11:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48201
IP address blocks: 109.167.212.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:ca:c1:f6:ff:2b:68:f8:d8:90:62:11:f1:5e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Validity
Not Before: Jan 2 11:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4b9df6d44605a29abf05f9823e552c8cec25cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ea:84:b1:8b:d2:bb:d2:2d:09:eb:63:3c:13:
53:26:ce:bf:32:d9:04:cf:f7:8d:3a:3b:f3:9b:5e:
9f:7d:e1:89:d4:09:0a:6a:d9:f9:cf:8b:f8:fc:36:
a4:88:cc:bd:24:a5:22:aa:d3:97:80:be:fc:ca:7d:
a4:52:12:9b:79:20:db:c8:ea:55:96:71:41:cc:80:
af:ce:3c:43:c5:f9:a9:3b:34:dd:f1:dd:97:6a:13:
4c:09:54:73:6b:aa:5d:87:68:20:05:5d:6e:f8:ab:
74:50:0b:f7:a0:b1:ba:ab:4b:80:e6:59:4c:9a:eb:
62:f9:a1:70:36:ff:c0:d3:52:d9:55:a9:de:c6:bd:
4a:b5:09:a7:52:6d:e2:de:46:21:30:ab:90:e4:07:
09:ee:ea:03:f4:a8:1e:3d:6d:63:90:a8:52:d2:7f:
b2:59:f2:61:93:8b:c9:dd:11:f8:8a:55:88:52:55:
47:b5:84:a0:e4:83:57:4f:72:87:32:6e:34:e8:22:
bb:16:15:e2:db:32:fa:dc:27:02:af:e8:bf:dc:04:
6b:ce:75:72:d5:e4:c2:4c:95:09:ff:0b:2c:5d:c6:
d7:f4:4f:27:8a:f8:07:91:88:ce:10:f4:fc:49:b1:
9c:a1:01:40:2d:af:0e:41:fa:d3:03:e6:bc:57:b7:
9c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B9:DF:6D:44:60:5A:29:AB:F0:5F:98:23:E5:52:C8:CE:C2:5C:EF
X509v3 Authority Key Identifier:
keyid:C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/5LnfbURgWimr8F-YI-VSyM7CXO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/yPb13sCbx6EgMEVpm6BYKV0440Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.167.212.0/23
Signature Algorithm: sha256WithRSAEncryption
78:e6:1a:2a:e8:f3:5a:86:8e:a5:5f:57:ee:57:35:39:66:5b:
3c:1b:27:aa:a9:15:a0:f5:3b:d2:38:22:f0:73:dd:f4:90:56:
c0:f0:13:ad:fe:89:ec:9a:e6:c4:2c:5d:62:92:a4:9b:7a:8e:
ae:80:fd:10:5e:15:c4:1f:e4:f0:e9:b0:6b:9a:c0:90:ac:55:
7a:bf:42:c8:ce:dd:08:4b:b1:46:a0:31:01:69:f4:51:16:ed:
47:aa:d8:4b:b6:4b:86:ac:75:52:b7:f4:82:f3:bc:89:46:79:
22:12:7e:ce:5b:35:fb:12:e3:33:41:10:fa:83:66:45:88:6d:
c8:2d:44:db:0e:31:dc:28:52:0f:6d:bd:73:7d:f5:91:ba:64:
af:f7:cc:51:99:2a:28:d3:12:59:94:f9:4c:a7:56:9a:57:64:
20:b3:95:28:72:ef:c0:96:81:b3:24:f9:72:76:51:8b:c6:2f:
b0:b2:a1:5e:ab:cc:71:2e:2e:45:82:cd:40:7d:9a:be:f3:89:
91:e1:3c:aa:cc:8c:77:b7:85:43:81:dd:e6:16:56:d3:cf:a7:
3a:a3:44:2b:28:39:91:4b:33:49:19:b0:36:34:ba:0f:59:35:
5a:d2:73:d2:31:7a:d2:43:e9:f7:35:2c:6a:eb:c3:ba:d4:02:
c6:73:b8:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ8rB9v8raPjYkGIR8V5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjZmNWRlYzA5YmM3YTEyMDMwNDU2OTliYTA1ODI5NWQz
OGUzNDYwHhcNMjMwMTAyMTEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI5ZGY2ZDQ0NjA1YTI5YWJmMDVmOTgyM2U1NTJjOGNlYzI1Y2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheqEsYvSu9ItCetjPBNTJs6/MtkE
z/eNOjvzm16ffeGJ1AkKatn5z4v4/DakiMy9JKUiqtOXgL78yn2kUhKbeSDbyOpV
lnFBzICvzjxDxfmpOzTd8d2XahNMCVRza6pdh2ggBV1u+Kt0UAv3oLG6q0uA5llM
muti+aFwNv/A01LZVanexr1KtQmnUm3i3kYhMKuQ5AcJ7uoD9KgePW1jkKhS0n+y
WfJhk4vJ3RH4ilWIUlVHtYSg5INXT3KHMm406CK7FhXi2zL63CcCr+i/3ARrznVy
1eTCTJUJ/wssXcbX9E8nivgHkYjOEPT8SbGcoQFALa8OQfrTA+a8V7ecZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOS5321EYFopq/BfmCPlUsjOwlzvMB8GA1UdIwQY
MBaAFMj29d7Am8ehIDBFaZugWCldOONGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEt
MWJlNTI1NTc2ODYzLzEvNUxuZmJVUmdXaW1yOEYtWUktVlN5TTdDWE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEtMWJlNTI1NTc2ODYz
LzEveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbafUMA0G
CSqGSIb3DQEBCwUAA4IBAQB45hoq6PNaho6lX1fuVzU5Zls8GyeqqRWg9TvSOCLw
c930kFbA8BOt/onsmubELF1ikqSbeo6ugP0QXhXEH+Tw6bBrmsCQrFV6v0LIzt0I
S7FGoDEBafRRFu1HqthLtkuGrHVSt/SC87yJRnkiEn7OWzX7EuMzQRD6g2ZFiG3I
LUTbDjHcKFIPbb1zffWRumSv98xRmSoo0xJZlPlMp1aaV2Qgs5Uocu/AloGzJPly
dlGLxi+wsqFeq8xxLi5Fgs1AfZq+84mR4TyqzIx3t4VDgd3mFlbTz6c6o0QrKDmR
SzNJGbA2NLoPWTVa0nPSMXrSQ+n3NSxq68O61ALGc7h7
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:35:02 2025 by rpki-client