Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/kJbZ-Ut69ppMm-sZp7zrr9UmAhk.roa
File: kJbZ-Ut69ppMm-sZp7zrr9UmAhk.roa (raw, json)
Hash identifier: HMDpcdqtwxOrac0klxMIUUD1PKZIhYdtHAKOsMQgu78=
Subject key identifier: 90:96:D9:F9:4B:7A:F6:9A:4C:9B:EB:19:A7:BC:EB:AF:D5:26:02:19
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369D6A09D059AC93328A5EB1B3293CE
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/kJbZ-Ut69ppMm-sZp7zrr9UmAhk.roa
Signing time: Wed 01 Jan 2025 19:48:46 +0000
ROA not before: Wed 01 Jan 2025 19:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201211
IP address blocks: 109.196.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d6:a0:9d:05:9a:c9:33:28:a5:eb:1b:32:93:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9096d9f94b7af69a4c9beb19a7bcebafd5260219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3d:36:4e:74:72:68:cf:7c:81:df:1f:0d:bf:
bf:43:b4:e8:42:b8:17:bc:90:06:44:f6:56:71:7e:
9f:e5:f6:94:8f:75:df:de:d5:1b:e4:77:6c:93:45:
2f:b6:c2:7d:4b:1d:90:34:27:b7:24:04:b4:4d:44:
69:f6:26:77:ef:d9:46:19:99:44:df:d8:99:3f:e2:
02:a9:f3:ad:92:0d:60:1d:f5:6f:64:7a:af:13:f3:
bf:b5:89:f0:bd:cb:79:10:ff:88:de:4f:cf:18:f5:
5a:70:6a:b1:93:b2:38:75:c2:6d:ee:a8:22:62:0e:
25:6c:49:82:78:ce:05:95:ec:9f:4d:6b:83:0d:02:
b8:26:ee:b4:9b:90:4d:8b:df:d8:41:a5:60:99:c9:
61:10:00:5c:22:95:7b:17:23:03:4a:73:d5:41:f4:
f8:94:d8:7a:bd:6b:95:1c:1f:06:c6:f7:59:d2:4a:
5e:e4:2d:e3:de:1e:1a:61:72:45:7f:46:08:f6:52:
85:0a:63:c5:94:92:07:7d:20:7a:42:10:48:39:14:
d5:df:81:23:b8:22:87:d4:9a:d2:91:a5:85:8d:e8:
66:d6:1b:a5:71:d1:7f:62:92:f3:c3:8d:ec:79:01:
c7:4a:1b:f0:a8:8a:f4:72:dc:1f:e6:87:30:db:e2:
01:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:96:D9:F9:4B:7A:F6:9A:4C:9B:EB:19:A7:BC:EB:AF:D5:26:02:19
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/kJbZ-Ut69ppMm-sZp7zrr9UmAhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.167.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:5e:24:f3:35:21:13:8a:b4:d5:48:6d:b7:6a:b3:23:74:3a:
bb:02:9f:e5:f9:89:1f:d4:c6:76:77:4d:53:14:94:0c:62:90:
d1:b7:6a:bc:ce:0f:ab:b3:a0:11:28:77:fb:ad:cf:3b:c0:d8:
56:e6:9a:69:d2:5b:df:08:d5:0e:4c:ca:3e:e6:ea:d9:b2:e4:
c7:ee:ca:8b:41:bd:cc:e2:9f:23:d1:ce:c7:38:58:46:d0:81:
d8:1f:22:a6:13:fc:7c:8f:0f:64:6c:85:d8:3b:e8:3e:8f:d2:
8f:42:db:66:82:b1:78:33:f8:55:47:85:b8:99:26:5b:83:d9:
42:e1:c5:f9:3e:e7:26:90:2b:92:67:c8:24:df:37:ef:14:23:
a9:75:53:96:74:23:2e:d6:42:a0:57:b4:2a:e7:6d:61:d4:f1:
9e:ce:3a:04:75:68:27:ae:a2:f0:c3:46:48:4e:a4:12:1c:9b:
c0:8e:85:91:60:84:f6:b8:0b:fe:46:8f:49:4a:32:0a:dd:58:
a5:04:08:4e:2d:49:9e:2d:ac:bb:26:64:a1:5f:c7:84:b1:ec:
dc:69:03:f5:8e:ce:a3:4e:e2:e5:11:52:fb:8f:9a:4d:10:49:
2b:cc:33:f0:5b:47:05:f7:9d:aa:53:76:e0:e7:24:85:94:43:
55:a6:1d:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjadagnQWayTMopesbMpPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDk2ZDlmOTRiN2FmNjlhNGM5YmViMTlhN2JjZWJhZmQ1MjYwMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD02TnRyaM98gd8fDb+/Q7ToQrgX
vJAGRPZWcX6f5faUj3Xf3tUb5Hdsk0UvtsJ9Sx2QNCe3JAS0TURp9iZ379lGGZlE
39iZP+ICqfOtkg1gHfVvZHqvE/O/tYnwvct5EP+I3k/PGPVacGqxk7I4dcJt7qgi
Yg4lbEmCeM4FleyfTWuDDQK4Ju60m5BNi9/YQaVgmclhEABcIpV7FyMDSnPVQfT4
lNh6vWuVHB8GxvdZ0kpe5C3j3h4aYXJFf0YI9lKFCmPFlJIHfSB6QhBIORTV34Ej
uCKH1JrSkaWFjehm1hulcdF/YpLzw43seQHHShvwqIr0ctwf5ocw2+IBqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCW2flLevaaTJvrGae866/VJgIZMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEva0piWi1VdDY5cHBNbS1zWnA3enJyOVVtQWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbcSnMA0G
CSqGSIb3DQEBCwUAA4IBAQAKXiTzNSETirTVSG23arMjdDq7Ap/l+Ykf1MZ2d01T
FJQMYpDRt2q8zg+rs6ARKHf7rc87wNhW5ppp0lvfCNUOTMo+5urZsuTH7sqLQb3M
4p8j0c7HOFhG0IHYHyKmE/x8jw9kbIXYO+g+j9KPQttmgrF4M/hVR4W4mSZbg9lC
4cX5PucmkCuSZ8gk3zfvFCOpdVOWdCMu1kKgV7Qq521h1PGezjoEdWgnrqLww0ZI
TqQSHJvAjoWRYIT2uAv+Ro9JSjIK3VilBAhOLUmeLay7JmShX8eEsezcaQP1js6j
TuLlEVL7j5pNEEkrzDPwW0cF952qU3bg5ySFlENVph1x
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:22 2025 by rpki-client