Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/vP2XIRxXZu3n6HMkgo_bxrja08I.roa
File: vP2XIRxXZu3n6HMkgo_bxrja08I.roa (raw, json)
Hash identifier: 27UMiWkept90GDt3TlpgIhzAKXi7ZFBzyJvgogNoQ2w=
Subject key identifier: BC:FD:97:21:1C:57:66:ED:E7:E8:73:24:82:8F:DB:C6:B8:DA:D3:C2
Certificate issuer: /CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Certificate serial: 01857227CD52D7B4FED06F37E9F0C6681D83
Authority key identifier: C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/vP2XIRxXZu3n6HMkgo_bxrja08I.roa
Signing time: Mon 02 Jan 2023 11:04:49 +0000
ROA not before: Mon 02 Jan 2023 11:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199658
IP address blocks: 109.167.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:cd:52:d7:b4:fe:d0:6f:37:e9:f0:c6:68:1d:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Validity
Not Before: Jan 2 11:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcfd97211c5766ede7e87324828fdbc6b8dad3c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:54:b2:aa:1b:6e:d9:a0:9a:18:93:82:30:36:
fe:be:c7:2d:af:e3:fc:27:1b:f2:eb:33:9f:66:a7:
05:33:cf:5b:0d:ec:c8:7a:d5:f8:c4:19:ba:2f:9e:
44:bf:60:44:0a:c2:fe:25:03:bb:8e:5e:6b:65:00:
9b:a3:5a:81:a6:e9:e5:6f:31:3e:50:4b:0a:39:7a:
ac:1b:98:17:3c:0f:97:1e:d4:b9:9c:bc:5e:08:90:
0d:88:21:c2:9a:d8:8b:2d:75:66:ee:fa:fd:97:bd:
f0:7b:e0:2c:d2:f7:8f:a1:6f:f5:d4:6f:37:e5:3c:
a6:c1:b2:1f:b8:e7:8a:ed:f1:3b:30:7e:a7:47:b6:
9c:16:72:bf:82:a4:1b:94:e0:c8:01:0f:25:75:c7:
47:2a:14:17:cd:6b:eb:49:13:d8:24:c5:2e:2a:98:
70:5e:4a:ab:f3:8e:ab:33:ae:50:28:a2:c2:b9:49:
82:77:20:22:0b:c1:16:ad:bd:e0:40:22:dc:2e:7e:
48:85:b0:fd:e9:a5:32:8d:a7:a6:72:28:06:93:fc:
0b:ab:9d:fd:e8:37:6e:8e:74:d0:b3:9c:3c:cc:09:
37:58:ae:aa:fe:ff:c9:85:36:05:c2:bd:ff:de:09:
bf:23:7f:5b:d4:0b:b1:58:5b:68:62:d6:59:a1:98:
39:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:FD:97:21:1C:57:66:ED:E7:E8:73:24:82:8F:DB:C6:B8:DA:D3:C2
X509v3 Authority Key Identifier:
keyid:C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/vP2XIRxXZu3n6HMkgo_bxrja08I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/yPb13sCbx6EgMEVpm6BYKV0440Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.167.254.0/24
Signature Algorithm: sha256WithRSAEncryption
87:81:21:32:68:57:7b:93:67:08:3c:bd:55:f6:a3:03:06:0f:
9e:db:51:6c:f6:95:04:f7:6f:3d:4c:37:e3:31:40:a2:e0:45:
d8:1f:ff:0e:fd:0f:87:7d:f9:5d:45:74:cf:50:cb:31:88:4d:
28:c2:5c:3a:6a:40:70:70:1e:39:c9:2a:ad:33:d5:d7:38:4d:
9e:30:c9:45:e9:71:91:f1:16:52:eb:a6:87:23:b3:0d:bd:1c:
93:b9:2a:85:08:b5:b3:b0:3d:94:38:58:46:c6:7f:64:5e:42:
9c:61:48:45:d4:33:37:f3:bf:e6:26:0f:45:22:a2:15:7b:e0:
e7:6c:df:0a:7c:8a:bb:54:65:a8:a6:fe:9c:cd:24:f4:c8:f2:
35:0f:db:17:61:84:07:71:a0:44:8a:07:90:f9:bc:1f:86:5a:
79:02:bf:23:53:40:c8:4b:fa:5e:27:ce:fe:a8:dd:25:fa:ef:
ce:6c:1b:d8:41:ea:a9:ae:e8:8e:15:33:c5:80:99:55:97:f1:
d7:a8:82:79:0b:67:d2:9b:3e:3e:44:ce:52:3b:f9:59:41:40:
05:dd:50:36:1e:45:37:22:91:37:37:02:13:5d:e1:60:dd:de:
90:c7:9c:6c:5f:54:b4:fc:2e:3d:21:34:59:93:b2:b4:88:e1:
dc:07:f4:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ81S17T+0G836fDGaB2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjZmNWRlYzA5YmM3YTEyMDMwNDU2OTliYTA1ODI5NWQz
OGUzNDYwHhcNMjMwMTAyMTEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2ZkOTcyMTFjNTc2NmVkZTdlODczMjQ4MjhmZGJjNmI4ZGFkM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1Syqhtu2aCaGJOCMDb+vsctr+P8
Jxvy6zOfZqcFM89bDezIetX4xBm6L55Ev2BECsL+JQO7jl5rZQCbo1qBpunlbzE+
UEsKOXqsG5gXPA+XHtS5nLxeCJANiCHCmtiLLXVm7vr9l73we+As0vePoW/11G83
5TymwbIfuOeK7fE7MH6nR7acFnK/gqQblODIAQ8ldcdHKhQXzWvrSRPYJMUuKphw
Xkqr846rM65QKKLCuUmCdyAiC8EWrb3gQCLcLn5IhbD96aUyjaemcigGk/wLq539
6DdujnTQs5w8zAk3WK6q/v/JhTYFwr3/3gm/I39b1AuxWFtoYtZZoZg52wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLz9lyEcV2bt5+hzJIKP28a42tPCMB8GA1UdIwQY
MBaAFMj29d7Am8ehIDBFaZugWCldOONGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEt
MWJlNTI1NTc2ODYzLzEvdlAyWElSeFhadTNuNkhNa2dvX2J4cmphMDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEtMWJlNTI1NTc2ODYz
LzEveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaf+MA0G
CSqGSIb3DQEBCwUAA4IBAQCHgSEyaFd7k2cIPL1V9qMDBg+e21Fs9pUE9289TDfj
MUCi4EXYH/8O/Q+HffldRXTPUMsxiE0owlw6akBwcB45ySqtM9XXOE2eMMlF6XGR
8RZS66aHI7MNvRyTuSqFCLWzsD2UOFhGxn9kXkKcYUhF1DM387/mJg9FIqIVe+Dn
bN8KfIq7VGWopv6czST0yPI1D9sXYYQHcaBEigeQ+bwfhlp5Ar8jU0DIS/peJ87+
qN0l+u/ObBvYQeqpruiOFTPFgJlVl/HXqIJ5C2fSmz4+RM5SO/lZQUAF3VA2HkU3
IpE3NwITXeFg3d6Qx5xsX1S0/C49ITRZk7K0iOHcB/Ti
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:32:41 2025 by rpki-client