Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/5fec55-4d4a-4fa5-a764-42bd92f30a97/1/_F8TtMCr-GrK1-WadHxYHdaqsV8.roa
File: _F8TtMCr-GrK1-WadHxYHdaqsV8.roa (raw, json)
Hash identifier: OhF5DdkGtGDTUS9hafqNY2D1lnp3rhyFQSObJeOPCts=
Subject key identifier: FC:5F:13:B4:C0:AB:F8:6A:CA:D7:E5:9A:74:7C:58:1D:D6:AA:B1:5F
Certificate issuer: /CN=e791851680b72c9691225e1bf36c47260ea244fa
Certificate serial: 019423696F2455B5D03597116AAEA9B7F649
Authority key identifier: E7:91:85:16:80:B7:2C:96:91:22:5E:1B:F3:6C:47:26:0E:A2:44:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55GFFoC3LJaRIl4b82xHJg6iRPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/5fec55-4d4a-4fa5-a764-42bd92f30a97/1/_F8TtMCr-GrK1-WadHxYHdaqsV8.roa
Signing time: Wed 01 Jan 2025 19:48:19 +0000
ROA not before: Wed 01 Jan 2025 19:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21221
IP address blocks: 109.71.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:6f:24:55:b5:d0:35:97:11:6a:ae:a9:b7:f6:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e791851680b72c9691225e1bf36c47260ea244fa
Validity
Not Before: Jan 1 19:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc5f13b4c0abf86acad7e59a747c581dd6aab15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:84:89:d5:3e:96:f0:7a:f2:78:5f:4b:2c:cb:
c8:47:cc:ce:cf:01:52:23:ff:c1:74:c1:d4:58:0b:
ef:25:1c:82:94:f9:a5:3e:42:0d:51:eb:94:a1:7a:
21:08:f9:72:fb:70:e7:1a:ad:22:d5:92:f8:ee:2d:
78:2f:3f:2b:73:f0:98:f1:c1:01:2e:70:d4:75:66:
f1:b5:de:83:82:60:59:f4:77:34:20:08:fd:0a:43:
ab:d1:d9:9b:1c:cc:2c:28:0c:a2:32:ff:b2:3b:46:
e5:50:f7:d2:b9:52:c0:ca:6d:aa:86:ca:88:b9:c8:
10:b4:d4:6a:6c:05:bc:66:3e:6f:24:4f:fc:8c:b6:
97:45:31:5e:d6:1d:52:14:be:3d:b7:c0:30:ba:e0:
7e:5e:78:b8:56:bc:32:e8:cd:c1:99:31:90:b4:3d:
19:60:7f:16:6f:7d:53:9e:f7:6b:52:2a:6e:6a:73:
15:d0:be:dc:25:03:e4:53:6a:e9:73:21:ed:76:ad:
bd:e4:cd:9a:5f:c7:9c:96:b9:e9:b0:97:38:47:cd:
7d:3c:4c:c4:99:1a:d9:6d:e7:82:0d:56:2f:a3:24:
8c:d3:87:8b:8d:b9:fb:58:ad:58:db:79:c2:56:24:
0f:22:1d:84:d1:75:71:56:65:74:a0:3e:57:ed:d5:
b3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:5F:13:B4:C0:AB:F8:6A:CA:D7:E5:9A:74:7C:58:1D:D6:AA:B1:5F
X509v3 Authority Key Identifier:
keyid:E7:91:85:16:80:B7:2C:96:91:22:5E:1B:F3:6C:47:26:0E:A2:44:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55GFFoC3LJaRIl4b82xHJg6iRPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5fec55-4d4a-4fa5-a764-42bd92f30a97/1/_F8TtMCr-GrK1-WadHxYHdaqsV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5fec55-4d4a-4fa5-a764-42bd92f30a97/1/55GFFoC3LJaRIl4b82xHJg6iRPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.104.0/22
Signature Algorithm: sha256WithRSAEncryption
81:0c:09:67:1f:4c:76:80:da:61:d3:55:16:62:bb:2c:c0:87:
c3:42:d4:15:73:0d:85:f2:17:64:39:03:4c:a9:a0:25:6c:a9:
6f:af:99:7e:47:14:5b:fa:0b:37:e7:ce:6b:6d:33:11:e0:46:
be:73:d6:d3:7e:b8:92:97:39:b5:7b:8b:01:7d:54:5e:2c:14:
57:12:81:27:fd:01:dd:4d:d1:3f:89:2f:90:54:4f:94:7f:39:
09:4c:e7:0e:fe:cb:54:8a:97:07:3b:42:b1:bd:e1:55:1a:bd:
bc:28:e2:7d:11:cb:d0:c5:d9:96:7f:0f:44:1f:7b:6d:f2:be:
27:db:67:9d:22:c5:fd:6e:01:ad:44:e0:38:8d:0b:7c:1b:48:
aa:61:98:b5:5f:59:1e:0c:8a:e4:4e:88:f8:1e:1f:8d:ca:49:
ec:e5:3c:c2:dc:c3:3c:89:a3:5a:c5:7f:03:a1:a9:b8:b0:f8:
e7:e9:8b:04:3e:1c:4f:54:0e:c4:ee:7c:84:ab:49:f6:03:35:
4e:83:d8:16:be:1c:86:2a:0f:72:d3:ec:29:0f:fc:b6:89:ee:
7f:84:3a:3f:76:ba:ae:7d:20:dd:1c:3c:ed:86:8e:e0:0d:a6:
da:a2:61:48:98:24:af:ce:59:57:bd:f1:37:20:10:3a:15:4b:
3d:a4:37:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaW8kVbXQNZcRaq6pt/ZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTE4NTE2ODBiNzJjOTY5MTIyNWUxYmYzNmM0NzI2MGVh
MjQ0ZmEwHhcNMjUwMTAxMTk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzVmMTNiNGMwYWJmODZhY2FkN2U1OWE3NDdjNTgxZGQ2YWFiMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoSJ1T6W8HryeF9LLMvIR8zOzwFS
I//BdMHUWAvvJRyClPmlPkINUeuUoXohCPly+3DnGq0i1ZL47i14Lz8rc/CY8cEB
LnDUdWbxtd6DgmBZ9Hc0IAj9CkOr0dmbHMwsKAyiMv+yO0blUPfSuVLAym2qhsqI
ucgQtNRqbAW8Zj5vJE/8jLaXRTFe1h1SFL49t8AwuuB+Xni4Vrwy6M3BmTGQtD0Z
YH8Wb31TnvdrUipuanMV0L7cJQPkU2rpcyHtdq295M2aX8eclrnpsJc4R819PEzE
mRrZbeeCDVYvoySM04eLjbn7WK1Y23nCViQPIh2E0XVxVmV0oD5X7dWzwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxfE7TAq/hqytflmnR8WB3WqrFfMB8GA1UdIwQY
MBaAFOeRhRaAtyyWkSJeG/NsRyYOokT6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTVHRkZvQzNMSmFSSWw0YjgyeEhKZzZpUlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS81ZmVjNTUtNGQ0YS00ZmE1LWE3NjQt
NDJiZDkyZjMwYTk3LzEvX0Y4VHRNQ3ItR3JLMS1XYWRIeFlIZGFxc1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS81ZmVjNTUtNGQ0YS00ZmE1LWE3NjQtNDJiZDkyZjMwYTk3
LzEvNTVHRkZvQzNMSmFSSWw0YjgyeEhKZzZpUlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbUdoMA0G
CSqGSIb3DQEBCwUAA4IBAQCBDAlnH0x2gNph01UWYrsswIfDQtQVcw2F8hdkOQNM
qaAlbKlvr5l+RxRb+gs3585rbTMR4Ea+c9bTfriSlzm1e4sBfVReLBRXEoEn/QHd
TdE/iS+QVE+UfzkJTOcO/stUipcHO0KxveFVGr28KOJ9EcvQxdmWfw9EH3tt8r4n
22edIsX9bgGtROA4jQt8G0iqYZi1X1keDIrkToj4Hh+Nykns5TzC3MM8iaNaxX8D
oam4sPjn6YsEPhxPVA7E7nyEq0n2AzVOg9gWvhyGKg9y0+wpD/y2ie5/hDo/drqu
fSDdHDztho7gDabaomFImCSvzllXvfE3IBA6FUs9pDfV
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:29 2025 by rpki-client