Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/mG-NGr5UJw8Bdsm31xr0LARp3LM.roa
File: mG-NGr5UJw8Bdsm31xr0LARp3LM.roa (raw, json)
Hash identifier: Ez+x2KZ41CLnIqO9c7EUA1U/u9pzX46TWaq6peZ65/4=
Subject key identifier: 98:6F:8D:1A:BE:54:27:0F:01:76:C9:B7:D7:1A:F4:2C:04:69:DC:B3
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 01942067EB4B77917F97A81DCFCA8AA6D159
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/mG-NGr5UJw8Bdsm31xr0LARp3LM.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60980
IP address blocks: 109.226.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:eb:4b:77:91:7f:97:a8:1d:cf:ca:8a:a6:d1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=986f8d1abe54270f0176c9b7d71af42c0469dcb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:b5:11:e6:0b:5c:15:36:b1:90:96:3c:7e:
0c:cc:17:cd:73:09:87:23:14:b0:88:84:b1:75:86:
94:ff:6e:4d:a2:8c:b2:69:47:2c:03:c1:4d:1c:5a:
16:23:b6:ad:6b:95:f9:a4:87:2d:86:a8:81:d4:19:
30:d6:ac:42:90:94:8d:03:e6:31:e6:4c:ad:a0:06:
25:e0:4b:2b:ba:33:df:f3:d3:d8:49:c2:a4:67:09:
b9:90:0e:6f:6e:89:80:6a:44:80:2a:bd:86:6a:97:
c4:24:47:fb:dc:aa:96:2f:8c:6c:23:21:1d:f4:c4:
88:d3:7d:18:1f:d2:b6:9c:7c:97:7c:d2:7f:4a:e6:
cf:27:d0:fc:b4:f0:49:fb:1c:9c:4f:a8:5f:db:7f:
c3:ba:7e:fd:b2:33:da:59:f3:ed:91:75:79:96:39:
a6:22:37:38:5e:89:99:e1:95:b8:e3:21:27:2c:a5:
e1:ca:d8:20:17:aa:ce:f6:3a:b5:52:21:e7:74:1d:
08:52:a8:48:f5:cc:0f:ab:bb:d0:54:c6:50:26:29:
e9:5f:31:9f:92:22:05:84:9c:48:38:01:d9:8c:f9:
a5:b4:f3:2d:98:bb:89:1f:7b:aa:b7:47:65:af:84:
fe:67:6e:1b:16:55:50:74:1c:1a:66:d5:c6:f8:05:
1c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6F:8D:1A:BE:54:27:0F:01:76:C9:B7:D7:1A:F4:2C:04:69:DC:B3
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/mG-NGr5UJw8Bdsm31xr0LARp3LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.247.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:75:44:8b:75:56:73:ff:52:38:67:3c:15:e7:1a:ac:dc:39:
2a:a6:57:7a:a5:ae:fc:1f:3c:07:72:36:7c:81:50:fa:e7:57:
c9:12:02:4d:f9:47:28:a3:05:88:38:e9:b4:d4:2e:00:53:8b:
9b:a5:2a:0b:77:f4:ef:31:e7:e7:57:60:ef:46:fb:1c:e3:57:
18:df:fd:8a:d5:49:9a:26:a4:22:b8:e6:ea:15:9c:cc:19:4a:
d3:3e:5b:43:ef:fb:b0:bf:fe:47:2c:9e:b2:b4:5e:f0:52:69:
e4:36:59:b1:58:8c:6e:fd:8a:6c:e5:c8:de:62:78:f2:3a:4f:
fb:2e:e0:ef:94:5f:63:f9:95:52:73:e3:47:70:de:77:42:cd:
91:14:15:1f:2b:f0:ae:0d:d7:f9:01:52:49:50:d8:2d:c5:70:
26:c8:2c:de:e4:53:bb:3a:18:c4:d8:a4:81:b3:57:96:7b:4a:
33:31:dc:aa:aa:95:16:82:47:48:ef:f8:a5:12:3d:f3:11:79:
4a:95:8d:8f:15:51:1a:e0:cf:5b:eb:d8:8f:cc:16:78:17:0f:
12:17:37:54:2e:80:8a:98:78:d9:85:45:ca:2c:63:17:9f:52:
63:83:0f:56:04:18:b9:a4:b2:dc:49:d4:7f:1a:76:81:d4:c0:
55:08:49:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+tLd5F/l6gdz8qKptFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZmOGQxYWJlNTQyNzBmMDE3NmM5YjdkNzFhZjQyYzA0NjlkY2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ21EeYLXBU2sZCWPH4MzBfNcwmH
IxSwiISxdYaU/25NooyyaUcsA8FNHFoWI7ata5X5pIcthqiB1Bkw1qxCkJSNA+Yx
5kytoAYl4EsrujPf89PYScKkZwm5kA5vbomAakSAKr2GapfEJEf73KqWL4xsIyEd
9MSI030YH9K2nHyXfNJ/SubPJ9D8tPBJ+xycT6hf23/Dun79sjPaWfPtkXV5ljmm
Ijc4XomZ4ZW44yEnLKXhytggF6rO9jq1UiHndB0IUqhI9cwPq7vQVMZQJinpXzGf
kiIFhJxIOAHZjPmltPMtmLuJH3uqt0dlr4T+Z24bFlVQdBwaZtXG+AUcNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhvjRq+VCcPAXbJt9ca9CwEadyzMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvbUctTkdyNVVKdzhCZHNtMzF4cjBMQVJwM0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbeL3MA0G
CSqGSIb3DQEBCwUAA4IBAQAvdUSLdVZz/1I4ZzwV5xqs3Dkqpld6pa78HzwHcjZ8
gVD651fJEgJN+UcoowWIOOm01C4AU4ubpSoLd/TvMefnV2DvRvsc41cY3/2K1Uma
JqQiuObqFZzMGUrTPltD7/uwv/5HLJ6ytF7wUmnkNlmxWIxu/Yps5cjeYnjyOk/7
LuDvlF9j+ZVSc+NHcN53Qs2RFBUfK/CuDdf5AVJJUNgtxXAmyCze5FO7OhjE2KSB
s1eWe0ozMdyqqpUWgkdI7/ilEj3zEXlKlY2PFVEa4M9b69iPzBZ4Fw8SFzdULoCK
mHjZhUXKLGMXn1Jjgw9WBBi5pLLcSdR/GnaB1MBVCEkI
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:34 2025 by rpki-client