Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/gwJ9hMltFlWaOeN-R_fhzG-JI24.roa
File: gwJ9hMltFlWaOeN-R_fhzG-JI24.roa (raw, json)
Hash identifier: wuy2X0I9Yx6e8bAqg0gf/bu0yRoRH3AWoeZNQfjdFoc=
Subject key identifier: 83:02:7D:84:C9:6D:16:55:9A:39:E3:7E:47:F7:E1:CC:6F:89:23:6E
Certificate issuer: /CN=2cce5d51fa75bbb6ed962a4166ef6f8630a02581
Certificate serial: 0194214462B6D2B4341AEE38BAAFC3E6D2A8
Authority key identifier: 2C:CE:5D:51:FA:75:BB:B6:ED:96:2A:41:66:EF:6F:86:30:A0:25:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LM5dUfp1u7btlipBZu9vhjCgJYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/gwJ9hMltFlWaOeN-R_fhzG-JI24.roa
Signing time: Wed 01 Jan 2025 09:48:37 +0000
ROA not before: Wed 01 Jan 2025 09:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212302
IP address blocks: 109.70.239.0/24 maxlen: 24
2a0c:2bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:62:b6:d2:b4:34:1a:ee:38:ba:af:c3:e6:d2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cce5d51fa75bbb6ed962a4166ef6f8630a02581
Validity
Not Before: Jan 1 09:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83027d84c96d16559a39e37e47f7e1cc6f89236e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0c:37:aa:dd:e8:30:b9:01:11:1d:8a:74:53:
e3:3f:01:21:8a:d6:e2:ec:f5:70:2a:12:ab:5f:8b:
80:51:8e:b6:e0:e4:ab:7d:74:b6:13:89:bf:f2:d4:
b3:e8:8b:04:45:5b:e2:86:11:f2:79:2c:67:a8:69:
36:1d:f0:7d:fe:f5:c2:a3:19:46:6e:88:cb:c6:04:
54:ee:3e:5a:38:13:3a:7b:c8:0a:54:1a:07:7e:33:
a1:b6:92:4a:51:33:d4:a3:e1:a2:b6:85:85:17:b3:
c5:43:52:a8:ff:83:ed:31:cf:2d:28:7d:d7:70:9a:
b5:7c:85:3b:dd:45:a2:08:78:8d:71:bd:f3:e3:eb:
9b:c5:e3:a0:ec:8d:22:91:c5:13:fc:9f:b6:a7:26:
a8:48:44:f2:a5:7e:40:0e:15:e1:74:cb:3a:eb:9c:
0c:d9:9f:c1:80:aa:61:93:da:97:5c:1d:8e:ec:3b:
7b:06:51:96:1d:b2:84:0a:f1:c7:8f:92:42:d3:cf:
c3:72:18:73:99:24:e8:92:97:68:04:ac:3d:3a:ef:
e0:18:a3:91:b4:1c:ce:a2:92:a2:71:4b:be:1d:bb:
d7:76:10:a1:fd:a9:8d:5e:23:f8:ff:b3:27:ad:a1:
ac:c9:6a:a7:d9:ec:43:7b:d6:4a:75:a2:98:7f:fd:
3a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:02:7D:84:C9:6D:16:55:9A:39:E3:7E:47:F7:E1:CC:6F:89:23:6E
X509v3 Authority Key Identifier:
keyid:2C:CE:5D:51:FA:75:BB:B6:ED:96:2A:41:66:EF:6F:86:30:A0:25:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LM5dUfp1u7btlipBZu9vhjCgJYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/gwJ9hMltFlWaOeN-R_fhzG-JI24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/LM5dUfp1u7btlipBZu9vhjCgJYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.239.0/24
IPv6:
2a0c:2bc0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:e7:68:d8:51:61:f2:b6:31:4b:4c:68:cb:f4:76:a0:80:60:
ae:c8:4f:1b:28:1f:67:8e:70:48:fe:11:f3:a9:4f:62:85:8d:
34:f0:b6:1c:55:4e:cf:2e:bf:ec:24:ef:24:a0:fd:08:0d:ee:
80:f4:11:fa:ba:8b:05:39:01:a2:ad:cf:4d:17:36:97:3b:2b:
1b:e6:ab:09:5a:be:d6:d4:42:4e:5f:6b:45:09:b2:13:34:e9:
12:ea:44:84:5e:7d:d8:68:a4:e0:7e:96:83:e9:e2:06:73:e1:
e2:ff:46:53:41:06:f4:bd:4f:d9:36:96:88:92:17:5f:c8:4e:
ee:e4:a5:30:f2:29:8f:2b:f5:c3:75:23:75:75:22:5a:22:c9:
9e:97:f5:1c:f6:fd:0c:1d:7c:dc:60:75:a2:d3:04:d2:55:87:
04:d1:46:d4:fa:70:e2:87:fb:7f:cb:15:17:81:ef:11:78:67:
3f:57:ee:2d:0d:00:6e:29:0f:b8:07:55:26:cb:40:40:86:db:
af:80:35:b6:99:0d:43:02:b2:1d:09:43:e4:b3:21:00:ce:09:
2c:47:cb:9a:1e:15:bd:1d:d2:70:a1:60:0d:f9:91:8b:b2:a6:
2c:73:1b:80:f7:38:cb:f1:38:1e:3f:89:58:94:72:d6:e4:d8:
09:b6:b4:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRGK20rQ0Gu44uq/D5tKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjY2U1ZDUxZmE3NWJiYjZlZDk2MmE0MTY2ZWY2Zjg2MzBh
MDI1ODEwHhcNMjUwMTAxMDk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzAyN2Q4NGM5NmQxNjU1OWEzOWUzN2U0N2Y3ZTFjYzZmODkyMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAw3qt3oMLkBER2KdFPjPwEhitbi
7PVwKhKrX4uAUY624OSrfXS2E4m/8tSz6IsERVvihhHyeSxnqGk2HfB9/vXCoxlG
bojLxgRU7j5aOBM6e8gKVBoHfjOhtpJKUTPUo+GitoWFF7PFQ1Ko/4PtMc8tKH3X
cJq1fIU73UWiCHiNcb3z4+ubxeOg7I0ikcUT/J+2pyaoSETypX5ADhXhdMs665wM
2Z/BgKphk9qXXB2O7Dt7BlGWHbKECvHHj5JC08/DchhzmSTokpdoBKw9Ou/gGKOR
tBzOopKicUu+HbvXdhCh/amNXiP4/7MnraGsyWqn2exDe9ZKdaKYf/063QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIMCfYTJbRZVmjnjfkf34cxviSNuMB8GA1UdIwQY
MBaAFCzOXVH6dbu27ZYqQWbvb4YwoCWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE01ZFVmcDF1N2J0bGlwQlp1OXZoakNnSllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8yYjVlZDYtM2E3Yy00NjMxLWI0OWQt
YmY1NWI4YjE2NjljLzEvZ3dKOWhNbHRGbFdhT2VOLVJfZmh6Ry1KSTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8yYjVlZDYtM2E3Yy00NjMxLWI0OWQtYmY1NWI4YjE2Njlj
LzEvTE01ZFVmcDF1N2J0bGlwQlp1OXZoakNnSllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbUbvMA0E
AgACMAcDBQMqDCvAMA0GCSqGSIb3DQEBCwUAA4IBAQC352jYUWHytjFLTGjL9Hag
gGCuyE8bKB9njnBI/hHzqU9ihY008LYcVU7PLr/sJO8koP0IDe6A9BH6uosFOQGi
rc9NFzaXOysb5qsJWr7W1EJOX2tFCbITNOkS6kSEXn3YaKTgfpaD6eIGc+Hi/0ZT
QQb0vU/ZNpaIkhdfyE7u5KUw8imPK/XDdSN1dSJaIsmel/Uc9v0MHXzcYHWi0wTS
VYcE0UbU+nDih/t/yxUXge8ReGc/V+4tDQBuKQ+4B1Umy0BAhtuvgDW2mQ1DArId
CUPksyEAzgksR8uaHhW9HdJwoWAN+ZGLsqYscxuA9zjL8TgeP4lYlHLW5NgJtrS/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:37 2025 by rpki-client