Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/2n0xzvwl_FtUuPNyeg-umzASI9g.roa
File: 2n0xzvwl_FtUuPNyeg-umzASI9g.roa (raw, json)
Hash identifier: b9Sm45p9PLbtDUskmQw7UGXAgs1M+4GU32DNcoKO8io=
Subject key identifier: DA:7D:31:CE:FC:25:FC:5B:54:B8:F3:72:7A:0F:AE:9B:30:12:23:D8
Certificate issuer: /CN=50ba5b744e8df503d94f41fb29024289c6fa5e5b
Certificate serial: 018446996A0F15688B60C61D09D6580A8DCE
Authority key identifier: 50:BA:5B:74:4E:8D:F5:03:D9:4F:41:FB:29:02:42:89:C6:FA:5E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULpbdE6N9QPZT0H7KQJCicb6Xls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/2n0xzvwl_FtUuPNyeg-umzASI9g.roa
Signing time: Sat 05 Nov 2022 07:02:49 +0000
ROA not before: Sat 05 Nov 2022 07:02:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211440
IP address blocks: 109.122.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:46:99:6a:0f:15:68:8b:60:c6:1d:09:d6:58:0a:8d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50ba5b744e8df503d94f41fb29024289c6fa5e5b
Validity
Not Before: Nov 5 07:02:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da7d31cefc25fc5b54b8f3727a0fae9b301223d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6f:d0:fb:15:0e:98:04:67:30:27:fb:ab:de:
53:9b:b1:50:67:bc:9b:2b:c6:f7:a9:a1:33:1b:72:
42:f3:68:64:9a:d9:52:a8:c1:24:01:55:0c:23:b6:
09:b6:77:85:f0:4b:d1:98:fe:2a:04:bf:ae:a8:c9:
64:7a:00:96:52:f7:ec:1f:03:fb:4e:e1:be:8d:27:
0e:7b:46:95:2b:35:0e:58:c3:2a:da:02:d6:1f:47:
e6:da:e5:e3:05:74:32:21:83:02:c5:cc:3a:3c:5a:
03:75:80:30:fe:85:fb:c0:f2:f5:21:03:58:99:d6:
cb:c9:4e:c0:a2:b7:31:3f:bf:8a:a7:8c:d7:3f:c6:
84:3c:26:94:02:41:2c:73:61:10:9e:35:0e:29:2c:
a0:17:f8:91:f5:d0:36:ec:a0:70:29:02:37:9c:2f:
37:44:d1:10:fd:ba:d5:57:c1:70:fd:e1:15:d4:de:
c9:00:02:19:ee:5b:bf:d2:d9:82:3d:0c:2f:a7:0e:
72:bd:e1:29:20:ef:de:0c:13:0a:e9:dd:be:af:44:
43:67:b5:c6:7d:fb:35:f4:60:49:c6:e7:1d:08:9d:
a8:74:dd:47:a6:f5:12:14:61:87:a5:d3:bc:6c:6b:
3e:b9:c3:12:9a:61:d2:a1:42:ce:95:8f:cd:ca:4b:
ef:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7D:31:CE:FC:25:FC:5B:54:B8:F3:72:7A:0F:AE:9B:30:12:23:D8
X509v3 Authority Key Identifier:
keyid:50:BA:5B:74:4E:8D:F5:03:D9:4F:41:FB:29:02:42:89:C6:FA:5E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULpbdE6N9QPZT0H7KQJCicb6Xls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/2n0xzvwl_FtUuPNyeg-umzASI9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/ULpbdE6N9QPZT0H7KQJCicb6Xls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.202.0/24
Signature Algorithm: sha256WithRSAEncryption
65:b3:b3:04:30:9c:16:3e:5c:5d:0e:de:c0:e2:9e:5a:67:f8:
8a:84:e2:ec:3e:09:67:84:65:a7:00:1b:66:58:74:e2:7c:e4:
cd:d6:f7:01:e8:9b:a8:1d:93:61:85:9a:63:e4:d7:15:a1:08:
9a:8f:b9:02:b2:db:bc:6c:a3:04:4d:9f:aa:16:99:c7:24:aa:
36:8f:e5:db:9b:2a:be:e3:8f:7b:77:8e:91:bf:18:1d:c7:6b:
3e:fa:a0:33:fc:06:b0:3b:ac:5f:1f:05:11:a2:76:53:c5:c1:
b2:c7:a8:80:d4:8c:3a:04:d9:76:37:23:b5:05:55:3d:f6:51:
2d:26:5d:9c:d2:43:15:d8:1d:e4:19:17:27:57:82:0d:24:18:
43:69:5f:4f:67:a5:47:c7:d0:fc:18:6e:50:87:b2:5e:71:a3:
ae:5e:78:94:ca:64:97:6b:8f:ab:da:88:30:48:a2:f6:67:9b:
e5:11:79:96:f6:e8:eb:10:e7:c6:10:2a:94:29:f9:7a:91:c6:
7c:03:a1:37:34:4d:25:33:97:c2:17:f6:3e:dc:4e:38:4e:ce:
ad:fd:66:fd:13:54:32:ac:8a:73:5a:63:ca:b0:ad:33:ac:db:
1a:9d:ad:47:df:6d:55:09:60:3a:83:e1:18:3d:85:4b:88:21:
9b:92:d9:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRGmWoPFWiLYMYdCdZYCo3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYmE1Yjc0NGU4ZGY1MDNkOTRmNDFmYjI5MDI0Mjg5YzZm
YTVlNWIwHhcNMjIxMTA1MDcwMjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTdkMzFjZWZjMjVmYzViNTRiOGYzNzI3YTBmYWU5YjMwMTIyM2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2/Q+xUOmARnMCf7q95Tm7FQZ7yb
K8b3qaEzG3JC82hkmtlSqMEkAVUMI7YJtneF8EvRmP4qBL+uqMlkegCWUvfsHwP7
TuG+jScOe0aVKzUOWMMq2gLWH0fm2uXjBXQyIYMCxcw6PFoDdYAw/oX7wPL1IQNY
mdbLyU7AorcxP7+Kp4zXP8aEPCaUAkEsc2EQnjUOKSygF/iR9dA27KBwKQI3nC83
RNEQ/brVV8Fw/eEV1N7JAAIZ7lu/0tmCPQwvpw5yveEpIO/eDBMK6d2+r0RDZ7XG
ffs19GBJxucdCJ2odN1HpvUSFGGHpdO8bGs+ucMSmmHSoULOlY/NykvvOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNp9Mc78JfxbVLjzcnoPrpswEiPYMB8GA1UdIwQY
MBaAFFC6W3ROjfUD2U9B+ykCQonG+l5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUxwYmRFNk45UVBaVDBIN0tRSkNpY2I2WGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi83YWZmNjgtYmFlNi00OThhLTlmNTgt
ZjU1OWNkYThkNDlmLzEvMm4weHp2d2xfRnRVdVBOeWVnLXVtekFTSTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi83YWZmNjgtYmFlNi00OThhLTlmNTgtZjU1OWNkYThkNDlm
LzEvVUxwYmRFNk45UVBaVDBIN0tRSkNpY2I2WGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrKMA0G
CSqGSIb3DQEBCwUAA4IBAQBls7MEMJwWPlxdDt7A4p5aZ/iKhOLsPglnhGWnABtm
WHTifOTN1vcB6JuoHZNhhZpj5NcVoQiaj7kCstu8bKMETZ+qFpnHJKo2j+Xbmyq+
4497d46Rvxgdx2s++qAz/AawO6xfHwURonZTxcGyx6iA1Iw6BNl2NyO1BVU99lEt
Jl2c0kMV2B3kGRcnV4INJBhDaV9PZ6VHx9D8GG5Qh7JecaOuXniUymSXa4+r2ogw
SKL2Z5vlEXmW9ujrEOfGECqUKfl6kcZ8A6E3NE0lM5fCF/Y+3E44Ts6t/Wb9E1Qy
rIpzWmPKsK0zrNsana1H321VCWA6g+EYPYVLiCGbktnS
-----END CERTIFICATE-----
Generated at Tue May 13 20:18:09 2025 by rpki-client