Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/7qHMf0tDla85K4MWekgfnZC_GZ0.roa
File: 7qHMf0tDla85K4MWekgfnZC_GZ0.roa (raw, json)
Hash identifier: JjXdTvxVzICRsVC2xEQhCc6QbY1Z09t0LaEqj7BxkCU=
Subject key identifier: EE:A1:CC:7F:4B:43:95:AF:39:2B:83:16:7A:48:1F:9D:90:BF:19:9D
Certificate issuer: /CN=d9d0318f2685e32d2dba923f6662771427359738
Certificate serial: 01941FFAB411CD0358F3EF8FEDE2D9A879EE
Authority key identifier: D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/7qHMf0tDla85K4MWekgfnZC_GZ0.roa
Signing time: Wed 01 Jan 2025 03:48:31 +0000
ROA not before: Wed 01 Jan 2025 03:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205950
IP address blocks: 109.235.244.0/24 maxlen: 32
109.235.245.0/24 maxlen: 32
109.235.246.0/24 maxlen: 32
109.235.247.0/24 maxlen: 32
2001:1b28:406::/48 maxlen: 48
2001:1b28:800::/37 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b4:11:cd:03:58:f3:ef:8f:ed:e2:d9:a8:79:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d0318f2685e32d2dba923f6662771427359738
Validity
Not Before: Jan 1 03:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eea1cc7f4b4395af392b83167a481f9d90bf199d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:79:ab:40:aa:57:6f:4a:9e:7b:56:86:fa:19:
9f:02:f5:aa:86:47:95:00:6b:41:da:f0:d8:a4:b0:
3b:96:17:fc:0b:e6:8e:08:24:31:a5:4d:c9:ad:29:
96:0c:d4:91:f9:4e:31:23:fe:ee:bb:f1:52:a8:06:
0a:c6:60:30:c3:49:26:0d:2f:32:7e:1b:6b:75:33:
b3:fa:d6:e4:9f:4a:df:df:ef:2f:ca:da:35:91:81:
72:8d:f6:40:d6:c9:37:61:21:42:97:ab:c3:cf:fc:
65:49:07:83:a6:3d:ae:a6:a9:ed:c4:21:cc:bc:36:
cf:fe:cd:34:fb:26:f3:d1:f1:62:6d:b1:96:8a:0f:
21:b2:0d:28:ff:34:c6:f4:a5:75:e2:bf:77:c6:c4:
36:98:2d:ae:46:7a:b0:5e:9c:99:23:91:41:c9:60:
f3:e9:de:47:ac:e7:e4:6b:77:7e:7f:ce:1d:da:53:
ef:ee:cb:b0:04:a2:1c:05:f7:54:91:e4:4e:33:ac:
d1:b3:20:6b:d4:b4:ca:52:eb:32:6d:28:d3:90:f8:
bd:9d:40:e6:08:d6:7e:42:c6:3e:8e:1d:17:b6:b2:
07:73:87:57:a8:02:17:9b:e3:ce:19:79:70:c0:f9:
9a:a8:06:7b:cd:91:e4:63:dc:27:3e:6f:87:3e:3f:
07:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A1:CC:7F:4B:43:95:AF:39:2B:83:16:7A:48:1F:9D:90:BF:19:9D
X509v3 Authority Key Identifier:
keyid:D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/7qHMf0tDla85K4MWekgfnZC_GZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.244.0/22
IPv6:
2001:1b28:406::/48
2001:1b28:800::/37
Signature Algorithm: sha256WithRSAEncryption
28:be:3e:bc:db:17:70:88:db:ac:f4:26:c2:01:06:67:4c:2c:
8b:48:67:fe:22:b1:38:e9:c7:6d:b5:23:ba:b5:36:9d:58:47:
0b:0a:3b:fc:51:76:cc:b4:ea:cd:6f:13:b4:1c:ea:c1:f3:40:
e2:d4:0a:a8:12:74:4b:ca:e1:2b:2a:6d:ff:1c:0e:96:7e:c1:
d4:7c:ae:94:fa:b6:0c:ee:42:cd:9f:4b:ea:f9:05:fb:cc:0a:
d7:4c:7c:4d:1c:9d:27:c5:eb:76:06:56:44:d5:f6:bb:56:b0:
e6:f3:33:22:21:37:ff:d8:f6:01:1f:31:6d:80:1e:a0:d7:88:
c6:1a:7f:47:3c:18:e0:63:7e:a9:17:f5:83:8c:f6:c9:b1:e0:
07:07:da:cc:c7:b7:4f:b9:83:dd:54:43:24:35:2e:89:c6:7f:
33:de:b1:e0:68:ee:4f:b5:59:2a:38:19:8c:01:2a:6f:88:b5:
cd:b6:dd:d4:31:15:eb:54:f0:15:ec:c1:16:28:6b:1d:4c:cc:
cd:b1:71:9c:46:b6:4b:1e:d5:96:da:71:8d:93:83:95:89:1b:
ae:ed:4c:dd:a1:cd:fc:a2:4d:b3:a8:ea:10:ea:18:54:02:2d:
94:45:1e:07:d7:aa:96:ca:08:9b:7e:dd:8f:a1:0f:c7:86:7f:
ed:36:61:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQf+rQRzQNY8++P7eLZqHnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDAzMThmMjY4NWUzMmQyZGJhOTIzZjY2NjI3NzE0Mjcz
NTk3MzgwHhcNMjUwMTAxMDM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWExY2M3ZjRiNDM5NWFmMzkyYjgzMTY3YTQ4MWY5ZDkwYmYxOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnmrQKpXb0qee1aG+hmfAvWqhkeV
AGtB2vDYpLA7lhf8C+aOCCQxpU3JrSmWDNSR+U4xI/7uu/FSqAYKxmAww0kmDS8y
fhtrdTOz+tbkn0rf3+8vyto1kYFyjfZA1sk3YSFCl6vDz/xlSQeDpj2upqntxCHM
vDbP/s00+ybz0fFibbGWig8hsg0o/zTG9KV14r93xsQ2mC2uRnqwXpyZI5FByWDz
6d5HrOfka3d+f84d2lPv7suwBKIcBfdUkeROM6zRsyBr1LTKUusybSjTkPi9nUDm
CNZ+QsY+jh0XtrIHc4dXqAIXm+POGXlwwPmaqAZ7zZHkY9wnPm+HPj8HvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6hzH9LQ5WvOSuDFnpIH52QvxmdMB8GA1UdIwQY
MBaAFNnQMY8mheMtLbqSP2ZidxQnNZc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEt
OTZkZGQ1YTAyMzlkLzEvN3FITWYwdERsYTg1SzRNV2VrZ2ZuWkNfR1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEtOTZkZGQ1YTAyMzlk
LzEvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCbev0MBcE
AgACMBEDBwAgARsoBAYDBgMgARsoCDANBgkqhkiG9w0BAQsFAAOCAQEAKL4+vNsX
cIjbrPQmwgEGZ0wsi0hn/iKxOOnHbbUjurU2nVhHCwo7/FF2zLTqzW8TtBzqwfNA
4tQKqBJ0S8rhKypt/xwOln7B1HyulPq2DO5CzZ9L6vkF+8wK10x8TRydJ8XrdgZW
RNX2u1aw5vMzIiE3/9j2AR8xbYAeoNeIxhp/RzwY4GN+qRf1g4z2ybHgBwfazMe3
T7mD3VRDJDUuicZ/M96x4GjuT7VZKjgZjAEqb4i1zbbd1DEV61TwFezBFihrHUzM
zbFxnEa2Sx7VltpxjZODlYkbru1M3aHN/KJNs6jqEOoYVAItlEUeB9eqlsoIm37d
j6EPx4Z/7TZh1g==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:42:06 2025 by rpki-client