Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/0d2b6c-abd7-43bb-97b7-4596d65b54f8/1/7_I39A9v5gVM30N2rBWVOjBrPec.roa
File: 7_I39A9v5gVM30N2rBWVOjBrPec.roa (raw, json)
Hash identifier: +rCg3z11XFxniqtysS7IrTpQPwtdYnMsCezHdzagEkg=
Subject key identifier: EF:F2:37:F4:0F:6F:E6:05:4C:DF:43:76:AC:15:95:3A:30:6B:3D:E7
Certificate issuer: /CN=9e962a44217b8ed45d0e567108313f04bbf050e5
Certificate serial: 01856BAEAE416445BEBCCD5D34CE8CFBDC8D
Authority key identifier: 9E:96:2A:44:21:7B:8E:D4:5D:0E:56:71:08:31:3F:04:BB:F0:50:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npYqRCF7jtRdDlZxCDE_BLvwUOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/0d2b6c-abd7-43bb-97b7-4596d65b54f8/1/7_I39A9v5gVM30N2rBWVOjBrPec.roa
Signing time: Sun 01 Jan 2023 04:54:47 +0000
ROA not before: Sun 01 Jan 2023 04:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28863
IP address blocks: 109.234.168.0/24 maxlen: 24
109.234.168.0/21 maxlen: 21
109.234.170.0/24 maxlen: 24
109.234.169.0/24 maxlen: 24
109.234.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:ae:41:64:45:be:bc:cd:5d:34:ce:8c:fb:dc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e962a44217b8ed45d0e567108313f04bbf050e5
Validity
Not Before: Jan 1 04:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eff237f40f6fe6054cdf4376ac15953a306b3de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5c:e4:fc:84:c1:4b:d2:eb:d3:61:07:91:78:
54:07:40:a5:71:99:65:d1:30:94:0f:a0:cf:8c:10:
e1:8e:f2:f3:50:f2:c7:38:7f:37:b2:39:17:73:d1:
67:a4:80:cd:74:89:b6:09:1c:22:16:60:d6:b8:73:
1a:2b:66:bf:0e:4b:19:42:fc:af:66:71:eb:54:4c:
59:58:95:95:0b:72:63:a8:c4:c0:f0:af:31:b1:3d:
3e:54:68:41:86:2c:73:b4:7a:d5:91:72:16:dc:14:
c8:f0:c8:d8:f7:c1:50:a3:a0:2c:6f:97:ea:61:0d:
aa:09:74:1a:11:be:c5:a7:21:d1:58:aa:12:98:53:
d8:43:af:27:db:76:6a:71:28:d4:66:9b:d1:07:cb:
fd:61:cb:36:0c:e2:f0:82:e7:83:97:0c:9f:4c:71:
b0:84:7d:ee:d5:94:5e:0c:d2:3d:3e:75:46:b9:3b:
c3:15:62:e9:71:64:8b:85:87:ec:10:fc:b9:84:32:
3d:b3:fe:a3:48:41:58:5e:bd:73:aa:9e:5c:f6:c1:
25:8a:35:71:de:50:15:46:1c:3a:3d:14:54:59:d2:
17:e2:e5:ea:56:83:23:4c:58:9d:62:49:8e:27:80:
93:8e:30:05:e4:2f:70:31:e3:ae:07:d6:d2:70:8b:
60:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F2:37:F4:0F:6F:E6:05:4C:DF:43:76:AC:15:95:3A:30:6B:3D:E7
X509v3 Authority Key Identifier:
keyid:9E:96:2A:44:21:7B:8E:D4:5D:0E:56:71:08:31:3F:04:BB:F0:50:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npYqRCF7jtRdDlZxCDE_BLvwUOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/0d2b6c-abd7-43bb-97b7-4596d65b54f8/1/7_I39A9v5gVM30N2rBWVOjBrPec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/0d2b6c-abd7-43bb-97b7-4596d65b54f8/1/npYqRCF7jtRdDlZxCDE_BLvwUOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.168.0/21
Signature Algorithm: sha256WithRSAEncryption
39:80:25:ac:f1:58:f7:ea:e9:2e:f5:81:56:9c:8b:15:07:68:
ad:86:2e:47:8d:8b:9d:ce:d0:68:ed:fa:0c:0e:3f:50:ab:e8:
8a:41:ad:4e:f5:95:87:54:e8:77:3f:2a:42:a4:11:d3:ac:80:
50:9e:c2:b3:ce:26:c9:c3:3a:e5:c9:9d:db:88:08:56:d1:b1:
f8:6f:9e:48:8c:21:b8:60:db:4b:3d:a5:40:57:39:c6:cc:03:
0f:5e:36:97:86:3e:ea:f0:4a:76:a4:6a:8d:1e:c9:d0:ef:6d:
b8:61:86:88:43:fb:11:fc:8d:04:49:f6:ff:ec:0f:01:46:72:
fe:1e:80:22:7d:20:8d:a8:08:35:a5:5f:32:fd:ba:f5:39:25:
9b:98:c0:be:4c:7f:4b:19:93:6d:45:a8:a6:8e:5b:ad:cc:57:
19:22:bd:48:4e:ce:49:87:e9:01:64:04:e6:71:57:0e:19:24:
42:f5:fb:71:4e:6d:b7:c4:0d:a1:2a:c4:69:e4:3e:4d:7d:28:
25:c4:40:42:1c:a8:52:b7:49:2b:d9:12:14:c3:08:92:c0:4d:
92:33:49:62:ff:04:37:18:ee:5e:50:ca:ca:f7:56:39:e4:35:
73:2d:91:65:bd:39:0e:6e:15:62:0a:97:18:f5:9a:12:f0:27:
7d:62:fb:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrrq5BZEW+vM1dNM6M+9yNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTYyYTQ0MjE3YjhlZDQ1ZDBlNTY3MTA4MzEzZjA0YmJm
MDUwZTUwHhcNMjMwMTAxMDQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmYyMzdmNDBmNmZlNjA1NGNkZjQzNzZhYzE1OTUzYTMwNmIzZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1zk/ITBS9Lr02EHkXhUB0ClcZll
0TCUD6DPjBDhjvLzUPLHOH83sjkXc9FnpIDNdIm2CRwiFmDWuHMaK2a/DksZQvyv
ZnHrVExZWJWVC3JjqMTA8K8xsT0+VGhBhixztHrVkXIW3BTI8MjY98FQo6Asb5fq
YQ2qCXQaEb7FpyHRWKoSmFPYQ68n23ZqcSjUZpvRB8v9Ycs2DOLwgueDlwyfTHGw
hH3u1ZReDNI9PnVGuTvDFWLpcWSLhYfsEPy5hDI9s/6jSEFYXr1zqp5c9sElijVx
3lAVRhw6PRRUWdIX4uXqVoMjTFidYkmOJ4CTjjAF5C9wMeOuB9bScItgzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/yN/QPb+YFTN9DdqwVlTowaz3nMB8GA1UdIwQY
MBaAFJ6WKkQhe47UXQ5WcQgxPwS78FDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBZcVJDRjdqdFJkRGxaeENERV9CTHZ3VU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8wZDJiNmMtYWJkNy00M2JiLTk3Yjct
NDU5NmQ2NWI1NGY4LzEvN19JMzlBOXY1Z1ZNMzBOMnJCV1ZPakJyUGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8wZDJiNmMtYWJkNy00M2JiLTk3YjctNDU5NmQ2NWI1NGY4
LzEvbnBZcVJDRjdqdFJkRGxaeENERV9CTHZ3VU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbeqoMA0G
CSqGSIb3DQEBCwUAA4IBAQA5gCWs8Vj36uku9YFWnIsVB2ithi5HjYudztBo7foM
Dj9Qq+iKQa1O9ZWHVOh3PypCpBHTrIBQnsKzzibJwzrlyZ3biAhW0bH4b55IjCG4
YNtLPaVAVznGzAMPXjaXhj7q8Ep2pGqNHsnQ7224YYaIQ/sR/I0ESfb/7A8BRnL+
HoAifSCNqAg1pV8y/br1OSWbmMC+TH9LGZNtRaimjlutzFcZIr1ITs5Jh+kBZATm
cVcOGSRC9ftxTm23xA2hKsRp5D5NfSglxEBCHKhSt0kr2RIUwwiSwE2SM0li/wQ3
GO5eUMrK91Y55DVzLZFlvTkObhViCpcY9ZoS8Cd9YvvC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:16 2024 by rpki-client on console-ams.rpki-client.org