Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/rAyW0TP-vGc73Omwbt5tXG5Tfr0.roa
File: rAyW0TP-vGc73Omwbt5tXG5Tfr0.roa (raw, json)
Hash identifier: 5nh1erpOS3lLyg2wz81Za6vItHnPOnIJ07yWuIvXvjs=
Subject key identifier: AC:0C:96:D1:33:FE:BC:67:3B:DC:E9:B0:6E:DE:6D:5C:6E:53:7E:BD
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 01941FFAB9766316607E88FDA926176AB2D7
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/rAyW0TP-vGc73Omwbt5tXG5Tfr0.roa
Signing time: Wed 01 Jan 2025 03:48:32 +0000
ROA not before: Wed 01 Jan 2025 03:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58224
IP address blocks: 109.95.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b9:76:63:16:60:7e:88:fd:a9:26:17:6a:b2:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jan 1 03:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac0c96d133febc673bdce9b06ede6d5c6e537ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:71:37:b6:a0:92:83:a6:b2:03:9c:6f:32:ac:
b6:c2:7f:76:9e:d4:9b:75:96:da:e6:4d:57:a6:61:
00:ea:fc:e5:87:82:ab:7e:5a:c8:6a:47:11:31:37:
2e:ea:17:3f:28:db:60:3f:51:41:83:3e:19:93:f4:
2a:cb:53:bd:04:a9:f6:48:04:29:25:a3:bc:94:1d:
18:a9:56:6f:78:ea:03:70:7b:ac:01:38:9b:3e:53:
99:b1:c8:7e:d9:94:32:3d:d2:1f:e5:a9:50:bf:f4:
a9:6e:86:e0:f1:cf:c7:da:0e:1f:7d:8c:25:ac:07:
65:dd:d3:30:3b:3c:08:e4:e9:3e:cd:f6:07:0d:64:
a1:63:59:c6:c6:50:af:2d:ba:31:d4:43:02:84:53:
bd:2b:f8:27:c4:e9:10:8b:12:89:be:be:76:f6:38:
72:b7:ce:0e:ca:d7:e0:68:15:15:20:1f:76:04:3b:
b2:a6:f9:c9:21:49:2a:5c:39:c1:fa:b8:70:de:74:
de:29:13:15:ca:98:b6:0e:e6:8f:38:18:72:a4:91:
01:52:89:bf:8d:e2:8b:e5:76:ec:39:ee:31:c9:56:
ee:98:d0:03:9c:4f:4a:87:30:f5:55:3f:2c:95:9a:
9d:d3:4e:89:48:de:7a:95:5e:a2:d8:e8:06:05:5e:
f4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0C:96:D1:33:FE:BC:67:3B:DC:E9:B0:6E:DE:6D:5C:6E:53:7E:BD
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/rAyW0TP-vGc73Omwbt5tXG5Tfr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.66.0/24
Signature Algorithm: sha256WithRSAEncryption
50:96:61:ed:ee:5a:10:b3:05:90:63:32:ff:40:37:c7:5e:5c:
11:dc:6a:96:27:f9:47:93:76:ed:d8:2e:f9:03:6a:1d:01:fb:
ae:b3:6f:6c:20:b2:81:d0:f2:c0:d1:27:a4:97:97:40:f6:53:
41:c4:a2:78:99:e7:aa:65:c1:9f:cf:08:72:d5:69:00:59:ce:
8a:b2:b4:a1:80:73:54:98:24:44:5d:ea:cd:78:f3:c5:b4:a7:
eb:3f:f1:20:fb:eb:7c:cc:14:b8:0a:a2:31:b5:cb:50:a5:a7:
9e:1a:a2:61:1c:3e:29:75:59:16:60:8c:9d:b0:19:bd:a5:0a:
53:e3:7c:4b:4a:66:d5:a9:ed:45:76:a6:b5:d5:da:b1:ba:62:
bb:6d:88:55:a1:bf:91:7b:df:9c:4a:08:ab:ef:da:83:7d:98:
d7:6b:a8:43:fb:b2:a2:06:e6:29:9a:46:fd:a2:90:7f:76:08:
7a:78:ce:0f:11:0c:76:13:54:6d:67:c8:1c:38:2d:c1:bd:a3:
b7:10:d3:cc:72:6e:66:02:f9:20:33:1c:31:08:70:5a:f0:aa:
fb:f9:f1:91:e8:c4:13:aa:76:15:e2:b2:dd:f1:1a:07:66:e0:
f8:01:19:c2:87:60:b9:2d:f7:25:b3:1f:5b:64:eb:fa:a8:93:
d2:31:9f:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+rl2YxZgfoj9qSYXarLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjUwMTAxMDM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzBjOTZkMTMzZmViYzY3M2JkY2U5YjA2ZWRlNmQ1YzZlNTM3ZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XE3tqCSg6ayA5xvMqy2wn92ntSb
dZba5k1XpmEA6vzlh4KrflrIakcRMTcu6hc/KNtgP1FBgz4Zk/Qqy1O9BKn2SAQp
JaO8lB0YqVZveOoDcHusATibPlOZsch+2ZQyPdIf5alQv/Spbobg8c/H2g4ffYwl
rAdl3dMwOzwI5Ok+zfYHDWShY1nGxlCvLbox1EMChFO9K/gnxOkQixKJvr529jhy
t84OytfgaBUVIB92BDuypvnJIUkqXDnB+rhw3nTeKRMVypi2DuaPOBhypJEBUom/
jeKL5XbsOe4xyVbumNADnE9KhzD1VT8slZqd006JSN56lV6i2OgGBV702QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwMltEz/rxnO9zpsG7ebVxuU369MB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvckF5VzBUUC12R2M3M09td2J0NXRYRzVUZnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbV9CMA0G
CSqGSIb3DQEBCwUAA4IBAQBQlmHt7loQswWQYzL/QDfHXlwR3GqWJ/lHk3bt2C75
A2odAfuus29sILKB0PLA0Sekl5dA9lNBxKJ4meeqZcGfzwhy1WkAWc6KsrShgHNU
mCREXerNePPFtKfrP/Eg++t8zBS4CqIxtctQpaeeGqJhHD4pdVkWYIydsBm9pQpT
43xLSmbVqe1Fdqa11dqxumK7bYhVob+Re9+cSgir79qDfZjXa6hD+7KiBuYpmkb9
opB/dgh6eM4PEQx2E1RtZ8gcOC3BvaO3ENPMcm5mAvkgMxwxCHBa8Kr7+fGR6MQT
qnYV4rLd8RoHZuD4ARnCh2C5Lfclsx9bZOv6qJPSMZ8a
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:25:52 2025 by rpki-client