Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/1-bwt-sVuHj2c1KUgvFOOTFr_wP0.roa
File: 1-bwt-sVuHj2c1KUgvFOOTFr_wP0.roa (raw, json)
Hash identifier: vaM0UnsCz+iyN9isVQ5NHTCh+M3bWKEqtb4oXckwJCg=
Subject key identifier: F9:BC:2D:FA:C5:6E:1E:3D:9C:D4:A5:20:BC:53:8E:4C:5A:FF:C0:FD
Certificate issuer: /CN=5d88e4f7a302412c316a3bb599cdd2042b5ff485
Certificate serial: 019424B3AAFAC20B892089824D8DE161428D
Authority key identifier: 5D:88:E4:F7:A3:02:41:2C:31:6A:3B:B5:99:CD:D2:04:2B:5F:F4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/1-bwt-sVuHj2c1KUgvFOOTFr_wP0.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29622
IP address blocks: 109.160.24.0/21 maxlen: 21
109.160.24.0/22 maxlen: 22
109.160.24.0/24 maxlen: 24
109.160.25.0/24 maxlen: 24
109.160.26.0/24 maxlen: 24
109.160.27.0/24 maxlen: 24
109.160.28.0/22 maxlen: 22
109.160.28.0/24 maxlen: 24
109.160.29.0/24 maxlen: 24
109.160.30.0/24 maxlen: 24
109.160.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:aa:fa:c2:0b:89:20:89:82:4d:8d:e1:61:42:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d88e4f7a302412c316a3bb599cdd2042b5ff485
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9bc2dfac56e1e3d9cd4a520bc538e4c5affc0fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c9:9e:26:08:b4:76:86:3f:8c:d5:b3:06:01:
fc:ec:98:be:cc:b1:d6:e7:64:4a:75:7c:1e:c3:4b:
0f:08:72:b3:93:89:de:38:c1:16:39:d1:ef:f3:69:
f4:53:f5:39:bc:55:8b:b3:9f:aa:66:24:5e:11:6f:
40:1f:34:a6:0c:82:56:d2:18:37:58:6d:de:70:8e:
ce:77:fa:6a:1b:c1:9a:1d:49:ab:aa:7a:70:c9:03:
82:8d:81:87:01:e1:8a:ed:46:8e:1f:9b:39:bc:af:
d6:87:ee:e9:71:b1:c6:7f:02:0e:e2:5b:f2:fa:d0:
01:5a:9c:ec:64:1b:86:16:09:7d:fa:19:09:15:b9:
f0:fb:b0:07:08:b3:f6:78:b6:57:dc:08:5d:0e:48:
bd:38:cf:5c:bb:16:20:c4:bd:f7:72:36:f8:c8:c6:
76:b5:4b:9c:08:3c:f0:22:d3:bb:3c:28:6f:9d:63:
4f:8d:c2:3d:e6:7c:44:ff:42:93:62:64:1a:ba:34:
92:3c:c6:ec:f2:cf:e8:9c:32:85:b5:46:db:06:16:
e7:40:45:5a:cf:62:96:6e:3e:f9:2d:0d:8a:b9:17:
c1:6b:c8:84:c2:09:cf:56:74:0d:e4:f8:ae:d1:26:
eb:db:72:45:f6:4c:1c:37:fa:ae:2b:16:5e:6e:1b:
d2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BC:2D:FA:C5:6E:1E:3D:9C:D4:A5:20:BC:53:8E:4C:5A:FF:C0:FD
X509v3 Authority Key Identifier:
keyid:5D:88:E4:F7:A3:02:41:2C:31:6A:3B:B5:99:CD:D2:04:2B:5F:F4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/1-bwt-sVuHj2c1KUgvFOOTFr_wP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/XYjk96MCQSwxaju1mc3SBCtf9IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.24.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:67:87:fb:e2:e9:e5:98:c9:a2:b9:c4:96:7d:70:47:a7:95:
08:68:ae:e9:92:cd:4b:95:5a:a4:10:0f:42:0f:76:ae:8c:0a:
ae:29:73:81:19:37:63:c0:fb:66:28:5d:5d:ad:a3:87:62:d2:
05:d8:7f:f7:1b:30:ee:8f:ea:80:80:fc:33:51:0f:21:19:a3:
73:7f:ae:37:2e:c2:0f:ba:2a:b7:3f:cc:4b:06:97:24:ec:d6:
5a:61:f8:6b:2d:8d:1e:7f:e5:87:45:11:10:20:d9:1c:8d:d8:
fc:a3:cf:91:e3:c3:9e:97:74:84:93:57:42:4f:73:17:95:cb:
30:09:c2:e0:57:27:52:10:06:93:82:f1:b2:7b:8e:99:f6:6b:
c8:6f:f3:9e:e9:6d:6a:66:85:7b:98:98:ca:32:cb:39:30:f8:
68:d7:40:0b:d3:14:28:b2:c0:17:38:d8:c4:f0:8c:f5:ab:c3:
6a:fe:0c:12:5f:81:85:7b:67:6d:d9:39:1d:e3:82:4c:38:0c:
a9:80:f7:11:82:a8:18:84:6e:7f:b8:0c:e5:59:23:26:b6:d6:
fe:e2:c5:ae:a3:0b:0b:83:1b:e3:ca:37:b9:1e:73:b7:85:d2:
fa:d3:9a:13:e2:61:ee:ac:bc:c6:1b:5c:a5:06:2e:67:b1:17:
bb:81:27:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks6r6wguJIImCTY3hYUKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODhlNGY3YTMwMjQxMmMzMTZhM2JiNTk5Y2RkMjA0MmI1
ZmY0ODUwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJjMmRmYWM1NmUxZTNkOWNkNGE1MjBiYzUzOGU0YzVhZmZjMGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusmeJgi0doY/jNWzBgH87Ji+zLHW
52RKdXwew0sPCHKzk4neOMEWOdHv82n0U/U5vFWLs5+qZiReEW9AHzSmDIJW0hg3
WG3ecI7Od/pqG8GaHUmrqnpwyQOCjYGHAeGK7UaOH5s5vK/Wh+7pcbHGfwIO4lvy
+tABWpzsZBuGFgl9+hkJFbnw+7AHCLP2eLZX3AhdDki9OM9cuxYgxL33cjb4yMZ2
tUucCDzwItO7PChvnWNPjcI95nxE/0KTYmQaujSSPMbs8s/onDKFtUbbBhbnQEVa
z2KWbj75LQ2KuRfBa8iEwgnPVnQN5Piu0Sbr23JF9kwcN/quKxZebhvS3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPm8LfrFbh49nNSlILxTjkxa/8D9MB8GA1UdIwQY
MBaAFF2I5PejAkEsMWo7tZnN0gQrX/SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlqazk2TUNRU3d4YWp1MW1jM1NCQ3RmOUlVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83NjBjMGYtMTJhYi00ODNkLThjZGIt
NTdlMWQ1YjcyYjJkLzEvMS1id3Qtc1Z1SGoyYzFLVWd2Rk9PVEZyX3dQMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvNzYwYzBmLTEyYWItNDgzZC04Y2RiLTU3ZTFkNWI3MmIy
ZC8xL1hZams5Nk1DUVN3eGFqdTFtYzNTQkN0ZjlJVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA22gGDAN
BgkqhkiG9w0BAQsFAAOCAQEAoGeH++Lp5ZjJornEln1wR6eVCGiu6ZLNS5VapBAP
Qg92rowKrilzgRk3Y8D7ZihdXa2jh2LSBdh/9xsw7o/qgID8M1EPIRmjc3+uNy7C
D7oqtz/MSwaXJOzWWmH4ay2NHn/lh0URECDZHI3Y/KPPkePDnpd0hJNXQk9zF5XL
MAnC4FcnUhAGk4LxsnuOmfZryG/znultamaFe5iYyjLLOTD4aNdAC9MUKLLAFzjY
xPCM9avDav4MEl+BhXtnbdk5HeOCTDgMqYD3EYKoGIRuf7gM5VkjJrbW/uLFrqML
C4Mb48o3uR5zt4XS+tOaE+Jh7qy8xhtcpQYuZ7EXu4EnHg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:49 2025 by rpki-client