Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/zI6nYj_i1_5ZVOUNKEzdVqKAhHc.roa
File: zI6nYj_i1_5ZVOUNKEzdVqKAhHc.roa (raw, json)
Hash identifier: Tz8B0LAgnKok7T9uiP0ZGZ9U3X0aH5AhglrVpjxkISw=
Subject key identifier: CC:8E:A7:62:3F:E2:D7:FE:59:54:E5:0D:28:4C:DD:56:A2:80:84:77
Certificate issuer: /CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Certificate serial: 03E225AB
Authority key identifier: C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/zI6nYj_i1_5ZVOUNKEzdVqKAhHc.roa
Signing time: Sat 01 Jan 2022 00:57:11 +0000
ROA not before: Sat 01 Jan 2022 00:57:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199658
IP address blocks: 109.167.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65152427 (0x3e225ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Validity
Not Before: Jan 1 00:57:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc8ea7623fe2d7fe5954e50d284cdd56a2808477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:86:ca:8c:37:58:43:53:44:0c:8d:d9:15:40:
b0:b9:71:31:81:1a:c8:7b:f0:fa:82:0c:d0:83:22:
7d:ed:91:1c:ac:65:33:ac:03:0b:6f:47:c8:49:0d:
50:71:b3:64:1c:7a:e6:58:2a:8c:89:49:a1:f6:b8:
83:07:a3:27:4f:e4:8e:f2:a5:96:90:ec:d8:b7:63:
94:dc:b7:11:e2:41:5d:72:5e:e8:78:8c:73:bf:a1:
66:35:82:c5:4e:45:46:55:61:97:72:5d:32:58:44:
82:8f:4c:e9:a4:24:be:d6:5b:46:e6:4e:ab:1b:fa:
da:6b:d0:db:72:ca:ba:14:23:55:1a:03:a4:9d:37:
2d:f9:7b:36:98:ca:83:18:54:a1:e3:ec:f1:f1:5b:
7a:e0:ca:21:ec:0c:99:f9:67:69:d1:99:e0:96:c4:
2e:50:f0:ca:d3:59:0f:8a:d3:db:60:ba:26:bb:e4:
81:ca:35:fc:d4:f2:25:be:6c:28:9c:57:ec:03:e8:
8e:47:fe:59:89:b8:93:30:25:36:87:25:77:1b:21:
0b:07:c7:8f:75:16:95:91:a5:19:dc:c5:65:e9:c1:
40:42:1e:c9:f4:e7:e5:18:84:fd:b7:5f:85:f3:e4:
d9:ea:be:a8:60:a8:27:bb:60:31:27:8e:fb:76:be:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8E:A7:62:3F:E2:D7:FE:59:54:E5:0D:28:4C:DD:56:A2:80:84:77
X509v3 Authority Key Identifier:
keyid:C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/zI6nYj_i1_5ZVOUNKEzdVqKAhHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/yPb13sCbx6EgMEVpm6BYKV0440Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.167.254.0/24
Signature Algorithm: sha256WithRSAEncryption
30:51:c6:b2:6f:43:de:4d:6d:75:3d:82:bc:50:be:b7:c3:c8:
7b:40:ba:13:40:83:ca:cf:6e:3c:8b:98:3f:94:b6:c3:49:e5:
d1:ef:3b:6b:5a:43:8c:bf:48:93:e5:92:c9:ad:b6:dc:6e:cf:
f9:ed:46:48:7d:f6:ac:04:7c:02:88:72:02:e5:f1:20:69:ca:
d3:38:10:9d:e4:5d:3d:ce:eb:06:62:e2:6d:27:ac:f8:bf:b8:
9e:3e:df:0e:04:e0:6e:f3:83:ff:46:1f:e9:c8:b4:e2:e1:a3:
c7:d0:b1:28:5c:35:a4:9e:3d:bb:d1:53:c2:73:6c:bd:f5:43:
d7:69:33:f3:c3:82:1c:6f:f0:82:f9:38:ad:66:10:a3:32:fc:
fc:7b:cc:52:86:62:3a:36:e7:77:65:f4:ec:05:2e:03:69:1e:
df:fc:90:1b:f9:b7:11:a5:30:9b:30:8c:65:01:fc:ae:25:9b:
c9:94:e9:ba:5b:57:1f:c1:89:79:4a:be:96:08:be:6a:82:65:
c2:39:5e:a8:f7:d5:08:45:13:5d:25:5d:d9:aa:03:e7:5c:36:
be:76:aa:fd:75:13:5d:b0:0a:16:c8:07:4b:ad:49:94:a3:ca:
a5:17:67:f2:8d:d9:e5:99:18:d7:4c:2b:7e:8a:6a:c8:5e:c6:
09:e5:04:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+IlqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGY2ZjVkZWMwOWJjN2ExMjAzMDQ1Njk5YmEwNTgyOTVkMzhlMzQ2MB4XDTIyMDEw
MTAwNTcxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M4ZWE3NjIzZmUy
ZDdmZTU5NTRlNTBkMjg0Y2RkNTZhMjgwODQ3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeGyow3WENTRAyN2RVAsLlxMYEayHvw+oIM0IMife2RHKxl
M6wDC29HyEkNUHGzZBx65lgqjIlJofa4gwejJ0/kjvKllpDs2LdjlNy3EeJBXXJe
6HiMc7+hZjWCxU5FRlVhl3JdMlhEgo9M6aQkvtZbRuZOqxv62mvQ23LKuhQjVRoD
pJ03Lfl7NpjKgxhUoePs8fFbeuDKIewMmflnadGZ4JbELlDwytNZD4rT22C6Jrvk
gco1/NTyJb5sKJxX7APojkf+WYm4kzAlNocldxshCwfHj3UWlZGlGdzFZenBQEIe
yfTn5RiE/bdfhfPk2eq+qGCoJ7tgMSeO+3a+0s8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTMjqdiP+LX/llU5Q0oTN1WooCEdzAfBgNVHSMEGDAWgBTI9vXewJvHoSAw
RWmboFgpXTjjRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lQYjEzc0NieDZFZ01FVnBtNkJZS1YwNDQwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvNDhjYjg2LTI3NTAtNGQ2YS04YTcxLTFiZTUyNTU3Njg2My8x
L3pJNm5Zal9pMV81WlZPVU5LRXpkVnFLQWhIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
NDhjYjg2LTI3NTAtNGQ2YS04YTcxLTFiZTUyNTU3Njg2My8xL3lQYjEzc0NieDZF
Z01FVnBtNkJZS1YwNDQwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG2n/jANBgkqhkiG9w0BAQsFAAOC
AQEAMFHGsm9D3k1tdT2CvFC+t8PIe0C6E0CDys9uPIuYP5S2w0nl0e87a1pDjL9I
k+WSya223G7P+e1GSH32rAR8AohyAuXxIGnK0zgQneRdPc7rBmLibSes+L+4nj7f
DgTgbvOD/0Yf6ci04uGjx9CxKFw1pJ49u9FTwnNsvfVD12kz88OCHG/wgvk4rWYQ
ozL8/HvMUoZiOjbnd2X07AUuA2ke3/yQG/m3EaUwmzCMZQH8riWbyZTpultXH8GJ
eUq+lgi+aoJlwjleqPfVCEUTXSVd2aoD51w2vnaq/XUTXbAKFsgHS61JlKPKpRdn
8o3Z5ZkY10wrfopqyF7GCeUEmA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:39:39 2025 by rpki-client