Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/U-9gs6-HPp-63tFVTgK5YJ7Vtx0.roa
File: U-9gs6-HPp-63tFVTgK5YJ7Vtx0.roa (raw, json)
Hash identifier: is1qZnviSeshx9o2Nm8hFCS4enc7GdrzL/0sgsJwTiY=
Subject key identifier: 53:EF:60:B3:AF:87:3E:9F:BA:DE:D1:55:4E:02:B9:60:9E:D5:B7:1D
Certificate issuer: /CN=86df1259b3aa1de34d13d1d863178864d9d185cb
Certificate serial: 019426D99714A80BFEA3A8981D0CA9F68527
Authority key identifier: 86:DF:12:59:B3:AA:1D:E3:4D:13:D1:D8:63:17:88:64:D9:D1:85:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ht8SWbOqHeNNE9HYYxeIZNnRhcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/U-9gs6-HPp-63tFVTgK5YJ7Vtx0.roa
Signing time: Thu 02 Jan 2025 11:49:41 +0000
ROA not before: Thu 02 Jan 2025 11:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 109.235.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:97:14:a8:0b:fe:a3:a8:98:1d:0c:a9:f6:85:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86df1259b3aa1de34d13d1d863178864d9d185cb
Validity
Not Before: Jan 2 11:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53ef60b3af873e9fbaded1554e02b9609ed5b71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a2:f1:ff:b1:38:39:0c:a9:fe:dc:66:03:93:
8b:ec:76:55:b0:5d:e7:3b:ed:f2:75:4d:88:bb:2d:
99:59:9b:29:7c:28:b1:9d:01:c9:91:df:4d:ce:fc:
25:be:b3:f6:4a:5f:07:e6:6b:75:53:65:13:12:bf:
68:64:4f:f1:24:f3:2e:8e:37:51:93:40:07:42:a6:
b1:6c:3d:55:c7:16:3a:2b:98:85:64:62:f5:6b:12:
5a:ca:26:87:21:b4:56:25:04:16:2a:c9:4b:d0:1d:
d0:2b:8e:eb:70:a7:e0:bd:f3:e0:f9:bf:6f:bd:49:
84:45:54:2e:3f:2a:43:24:c4:3c:39:c6:4f:af:14:
ce:da:d3:69:fd:d4:ae:19:dc:f1:0b:09:37:50:fb:
76:44:a3:21:40:5e:2b:58:91:a1:fc:64:78:f8:6b:
3d:34:8f:48:e1:75:d3:a4:6d:1a:8c:c6:b0:2d:f3:
e0:ac:dc:d3:1c:97:0c:19:52:ae:5e:a0:d7:a9:ac:
b6:66:b5:2c:d2:73:01:6d:74:8f:72:ce:f7:8e:b1:
91:06:ed:dd:38:8f:f4:4f:9b:30:39:74:ea:81:49:
bf:42:42:34:c7:22:67:3d:26:7c:88:bc:0e:af:5e:
77:01:5d:91:43:38:8d:5c:d1:aa:79:be:52:c9:fb:
87:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EF:60:B3:AF:87:3E:9F:BA:DE:D1:55:4E:02:B9:60:9E:D5:B7:1D
X509v3 Authority Key Identifier:
keyid:86:DF:12:59:B3:AA:1D:E3:4D:13:D1:D8:63:17:88:64:D9:D1:85:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ht8SWbOqHeNNE9HYYxeIZNnRhcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/U-9gs6-HPp-63tFVTgK5YJ7Vtx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/ht8SWbOqHeNNE9HYYxeIZNnRhcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.99.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:61:79:5f:31:89:1a:04:fd:e4:f9:67:2b:ff:b9:76:b3:c0:
6d:84:40:ad:50:44:5b:48:f6:62:21:3d:41:53:41:25:1b:76:
c4:56:d7:1d:b7:33:2a:7d:b5:cc:4e:e9:ff:2f:32:59:8f:31:
db:26:c7:e0:3a:33:ad:00:ab:f7:14:d0:5f:cb:57:13:b2:0b:
fe:6f:c3:2f:01:cc:8b:88:3a:b2:49:83:85:39:55:6a:20:17:
9d:8c:e4:5f:40:f8:ae:08:cc:5a:a2:cd:e4:92:b4:ed:b5:63:
46:e0:68:a3:fe:8e:98:fb:5a:04:6b:f4:f6:9f:90:18:0e:45:
41:c6:a0:2f:fa:34:27:61:7d:6a:79:2b:d9:9b:16:7d:94:41:
47:a3:4c:c6:27:59:27:4c:c9:6d:fd:9a:ff:93:bc:1a:fe:a3:
55:a6:e4:a8:89:85:00:55:f2:06:8a:d5:4b:f8:4e:cb:dd:df:
1d:51:74:b3:d4:85:94:bb:20:3c:88:47:0d:35:14:4f:2a:95:
c7:28:f9:7d:b7:cf:0d:c0:2b:1b:ef:42:af:4b:bb:01:4c:65:
a8:2f:15:74:21:e7:a6:59:8f:32:ef:80:37:03:93:5b:5d:47:
ea:f1:12:c2:01:a3:9b:b5:cc:bf:31:4d:07:3b:68:bd:a4:ad:
de:78:35:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2ZcUqAv+o6iYHQyp9oUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZGYxMjU5YjNhYTFkZTM0ZDEzZDFkODYzMTc4ODY0ZDlk
MTg1Y2IwHhcNMjUwMTAyMTE0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VmNjBiM2FmODczZTlmYmFkZWQxNTU0ZTAyYjk2MDllZDViNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKLx/7E4OQyp/txmA5OL7HZVsF3n
O+3ydU2Iuy2ZWZspfCixnQHJkd9NzvwlvrP2Sl8H5mt1U2UTEr9oZE/xJPMujjdR
k0AHQqaxbD1VxxY6K5iFZGL1axJayiaHIbRWJQQWKslL0B3QK47rcKfgvfPg+b9v
vUmERVQuPypDJMQ8OcZPrxTO2tNp/dSuGdzxCwk3UPt2RKMhQF4rWJGh/GR4+Gs9
NI9I4XXTpG0ajMawLfPgrNzTHJcMGVKuXqDXqay2ZrUs0nMBbXSPcs73jrGRBu3d
OI/0T5swOXTqgUm/QkI0xyJnPSZ8iLwOr153AV2RQziNXNGqeb5SyfuHhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPvYLOvhz6fut7RVU4CuWCe1bcdMB8GA1UdIwQY
MBaAFIbfElmzqh3jTRPR2GMXiGTZ0YXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHQ4U1diT3FIZU5ORTlIWVl4ZUlaTm5SaGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kMDFhOTEtYTNhYi00ZTA4LTk1NjQt
YTUxYWEyM2E4ZmRkLzEvVS05Z3M2LUhQcC02M3RGVlRnSzVZSjdWdHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kMDFhOTEtYTNhYi00ZTA4LTk1NjQtYTUxYWEyM2E4ZmRk
LzEvaHQ4U1diT3FIZU5ORTlIWVl4ZUlaTm5SaGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbetjMA0G
CSqGSIb3DQEBCwUAA4IBAQDPYXlfMYkaBP3k+Wcr/7l2s8BthECtUERbSPZiIT1B
U0ElG3bEVtcdtzMqfbXMTun/LzJZjzHbJsfgOjOtAKv3FNBfy1cTsgv+b8MvAcyL
iDqySYOFOVVqIBedjORfQPiuCMxaos3kkrTttWNG4Gij/o6Y+1oEa/T2n5AYDkVB
xqAv+jQnYX1qeSvZmxZ9lEFHo0zGJ1knTMlt/Zr/k7wa/qNVpuSoiYUAVfIGitVL
+E7L3d8dUXSz1IWUuyA8iEcNNRRPKpXHKPl9t88NwCsb70KvS7sBTGWoLxV0Ieem
WY8y74A3A5NbXUfq8RLCAaObtcy/MU0HO2i9pK3eeDW2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:19 2025 by rpki-client