Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gN00iWVZ4X9ImdixtPXeB88eR_k.roa
File: gN00iWVZ4X9ImdixtPXeB88eR_k.roa (raw, json)
Hash identifier: DPVgneYPbYS00UaxJyd5C7zkqYJRRcPWgn4xBTn6bHk=
Subject key identifier: 80:DD:34:89:65:59:E1:7F:48:99:D8:B1:B4:F5:DE:07:CF:1E:47:F9
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019422FC08218CF869A9439E5B170C3B6147
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gN00iWVZ4X9ImdixtPXeB88eR_k.roa
Signing time: Wed 01 Jan 2025 17:48:50 +0000
ROA not before: Wed 01 Jan 2025 17:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 109.72.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:08:21:8c:f8:69:a9:43:9e:5b:17:0c:3b:61:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 17:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80dd34896559e17f4899d8b1b4f5de07cf1e47f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:79:47:1a:d9:93:50:f4:a2:d8:3b:d4:31:2f:
a9:97:7c:68:2f:ef:51:70:56:45:8a:5e:b7:cf:56:
f7:2a:22:c6:a3:f1:8f:b8:00:27:1d:c2:ef:27:51:
b1:e0:db:1f:97:09:e6:af:28:7e:b2:62:be:1c:e5:
6b:3e:6f:dd:18:59:1f:ab:6f:2d:24:14:41:89:bb:
51:ea:9e:89:4d:fe:a9:ef:e4:07:83:af:82:55:37:
1a:18:74:c7:37:3e:77:68:8b:04:fd:f8:e0:d6:c5:
50:5c:38:e6:26:49:d7:55:e9:09:c6:a0:a4:75:bc:
43:61:07:22:46:a5:11:49:a2:21:9e:94:17:e2:e5:
c5:b1:ac:92:d7:94:45:de:fa:9f:62:ca:84:49:37:
79:cb:00:d3:48:49:f2:58:4b:b7:21:38:33:2d:83:
1a:d0:ba:f8:0a:fe:94:74:29:23:4f:fa:bc:e9:29:
91:10:3c:e8:43:43:3f:6b:98:58:eb:6a:66:c8:18:
df:0d:2e:64:1f:ef:fe:87:f8:83:e8:e8:e7:1b:68:
26:d2:02:f3:75:4a:b4:80:6e:7c:0e:13:3b:b5:08:
05:cb:21:b4:6a:5d:e2:18:99:f2:1c:c1:2b:63:73:
e1:9c:79:dc:4c:11:95:6c:d1:9d:24:23:52:92:ac:
68:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DD:34:89:65:59:E1:7F:48:99:D8:B1:B4:F5:DE:07:CF:1E:47:F9
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gN00iWVZ4X9ImdixtPXeB88eR_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.112.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:4a:00:57:56:a9:4d:04:43:d4:6e:09:61:ec:63:0b:d8:b8:
c3:d3:db:d9:03:8e:80:ee:05:58:e6:14:9b:cc:30:c9:21:6a:
b9:04:f5:4e:71:f7:c7:91:58:e4:9a:6b:4a:55:81:22:4e:a8:
84:72:2c:4b:fb:f9:26:89:03:8d:88:7b:8a:b4:6b:03:fc:57:
19:f0:de:46:45:1f:5d:23:0c:88:f4:60:a3:06:3f:dd:e1:7e:
07:a2:14:ef:2f:e3:47:21:78:eb:09:ab:9f:72:ac:fe:98:33:
87:ee:e8:25:69:45:d9:0c:87:07:f1:70:fd:19:73:a9:34:8d:
7a:e1:29:0e:ef:db:2c:67:af:77:a3:fb:38:e4:71:62:8a:a9:
c0:f5:a9:5a:28:42:5a:18:eb:d0:07:1a:dc:e8:57:04:b0:94:
1c:e8:55:f0:88:54:b0:68:cb:2b:b0:f8:b4:15:57:1c:4b:e1:
67:22:2c:6f:6b:29:66:90:34:ea:13:d4:5c:bc:a7:df:8f:d9:
31:b0:a3:4c:98:97:c2:3f:26:89:74:37:fb:46:9a:d3:c6:5c:
34:aa:bd:ac:be:b8:b0:0c:2a:30:ed:bd:73:2d:6e:9b:d3:89:
64:90:c6:17:23:bf:1a:47:bd:a5:2d:f7:a4:a3:8b:08:a6:58:
fc:2a:88:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/AghjPhpqUOeWxcMO2FHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwMTAxMTc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGRkMzQ4OTY1NTllMTdmNDg5OWQ4YjFiNGY1ZGUwN2NmMWU0N2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHlHGtmTUPSi2DvUMS+pl3xoL+9R
cFZFil63z1b3KiLGo/GPuAAnHcLvJ1Gx4Nsflwnmryh+smK+HOVrPm/dGFkfq28t
JBRBibtR6p6JTf6p7+QHg6+CVTcaGHTHNz53aIsE/fjg1sVQXDjmJknXVekJxqCk
dbxDYQciRqURSaIhnpQX4uXFsayS15RF3vqfYsqESTd5ywDTSEnyWEu3ITgzLYMa
0Lr4Cv6UdCkjT/q86SmREDzoQ0M/a5hY62pmyBjfDS5kH+/+h/iD6OjnG2gm0gLz
dUq0gG58DhM7tQgFyyG0al3iGJnyHMErY3PhnHncTBGVbNGdJCNSkqxoOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDdNIllWeF/SJnYsbT13gfPHkf5MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZ04wMGlXVlo0WDlJbWRpeHRQWGVCODhlUl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUhwMA0G
CSqGSIb3DQEBCwUAA4IBAQAtSgBXVqlNBEPUbglh7GML2LjD09vZA46A7gVY5hSb
zDDJIWq5BPVOcffHkVjkmmtKVYEiTqiEcixL+/kmiQONiHuKtGsD/FcZ8N5GRR9d
IwyI9GCjBj/d4X4HohTvL+NHIXjrCaufcqz+mDOH7uglaUXZDIcH8XD9GXOpNI16
4SkO79ssZ693o/s45HFiiqnA9alaKEJaGOvQBxrc6FcEsJQc6FXwiFSwaMsrsPi0
FVccS+FnIixvaylmkDTqE9RcvKffj9kxsKNMmJfCPyaJdDf7RprTxlw0qr2svriw
DCow7b1zLW6b04lkkMYXI78aR72lLfeko4sIplj8Kohl
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:03:09 2025 by rpki-client