Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/JO4UPUj5haCybqrTAS-lQz6GZec.roa
File: JO4UPUj5haCybqrTAS-lQz6GZec.roa (raw, json)
Hash identifier: C9BvyNB9qkFs/AKKtWykcFtVk/erydh/weqpM8VD3RE=
Subject key identifier: 24:EE:14:3D:48:F9:85:A0:B2:6E:AA:D3:01:2F:A5:43:3E:86:65:E7
Certificate issuer: /CN=50ba5b744e8df503d94f41fb29024289c6fa5e5b
Certificate serial: 01856F4B56E5D3AE1DC6206628A2E7ABA557
Authority key identifier: 50:BA:5B:74:4E:8D:F5:03:D9:4F:41:FB:29:02:42:89:C6:FA:5E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULpbdE6N9QPZT0H7KQJCicb6Xls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/JO4UPUj5haCybqrTAS-lQz6GZec.roa
Signing time: Sun 01 Jan 2023 21:44:46 +0000
ROA not before: Sun 01 Jan 2023 21:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132335
IP address blocks: 109.122.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:56:e5:d3:ae:1d:c6:20:66:28:a2:e7:ab:a5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50ba5b744e8df503d94f41fb29024289c6fa5e5b
Validity
Not Before: Jan 1 21:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24ee143d48f985a0b26eaad3012fa5433e8665e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ae:f6:ea:bb:37:e1:a8:d3:60:d9:ef:79:01:
58:a4:c0:c8:d5:4d:6a:47:1b:3b:c6:2e:3e:fd:c8:
f5:e7:f0:d5:0a:22:c8:76:1c:fa:68:5f:71:4f:41:
2b:10:20:f4:95:5b:3c:fe:95:be:2a:d8:7f:40:c8:
7e:18:b4:28:09:73:a6:dd:68:16:ce:02:f0:24:d4:
ed:9f:2b:e6:55:7a:32:0b:65:73:dd:64:bd:19:50:
5c:e1:f6:e5:23:01:73:97:62:d1:37:74:68:8d:99:
d7:00:20:27:c0:d9:fb:eb:6e:dd:74:0b:70:b8:a8:
37:62:5a:d9:d4:9c:cb:cc:7a:26:3e:9d:48:72:f8:
0b:c5:de:9b:6b:90:b0:4a:54:f8:0f:20:ec:83:45:
8e:ad:3f:ba:f0:3a:d7:4e:5a:e9:e1:21:f0:b3:c5:
bf:07:22:24:a0:ba:4b:63:88:e7:dc:1b:33:c4:59:
d4:cc:78:ce:18:6e:ca:4d:14:fa:6c:24:00:f6:ac:
8a:56:29:03:52:0a:c4:e1:54:0a:a0:67:75:e1:b3:
5a:8e:01:3e:a1:6e:21:c5:1b:0b:fc:e0:9b:1b:71:
cd:95:05:cb:f9:f0:75:fd:ad:51:72:99:6e:27:16:
24:c3:1c:ad:70:9d:6d:7e:30:c7:8e:6e:69:29:8b:
67:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EE:14:3D:48:F9:85:A0:B2:6E:AA:D3:01:2F:A5:43:3E:86:65:E7
X509v3 Authority Key Identifier:
keyid:50:BA:5B:74:4E:8D:F5:03:D9:4F:41:FB:29:02:42:89:C6:FA:5E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULpbdE6N9QPZT0H7KQJCicb6Xls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/JO4UPUj5haCybqrTAS-lQz6GZec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/ULpbdE6N9QPZT0H7KQJCicb6Xls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.200.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:82:90:6e:4f:86:90:35:ab:f7:99:f6:76:ec:39:a8:70:9d:
cd:79:1e:e6:eb:cf:3b:03:0c:fd:4f:19:67:7d:20:be:bc:ae:
35:91:12:5b:e1:87:b0:4d:14:77:cf:aa:ed:4a:ef:e3:60:c0:
8f:fe:d3:50:37:6e:57:d4:12:b4:ac:fa:88:00:09:ca:58:08:
c3:ee:0c:ef:8c:76:fd:ca:6e:d7:16:df:70:d1:be:3a:7d:55:
26:3f:5b:83:0e:11:33:ef:f6:b0:e3:cf:99:a4:1a:74:14:81:
35:e4:5c:b5:1d:eb:40:53:e7:4d:b8:72:d2:fb:e1:08:09:33:
ad:ad:f0:11:d8:8a:31:02:23:db:97:b8:71:c9:24:aa:d7:ea:
fe:6a:57:1e:20:ec:4f:92:34:02:79:ec:4a:c2:56:f1:b4:40:
95:0c:41:87:ba:fe:a5:a9:5a:11:8d:28:6e:93:9e:e5:6c:d3:
8c:b2:52:32:36:c7:c5:1c:c0:df:9a:2d:af:d9:20:2d:6e:89:
5f:33:72:4b:52:1f:d4:a7:87:28:5e:74:ce:3e:fd:cb:fd:79:
b8:f3:95:6a:4f:68:b6:82:f0:bc:f8:8f:9f:92:24:eb:4b:0a:
3c:16:34:22:31:15:5e:70:40:62:d4:26:2a:cf:89:e1:9b:e1:
1d:4a:98:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS1bl064dxiBmKKLnq6VXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYmE1Yjc0NGU4ZGY1MDNkOTRmNDFmYjI5MDI0Mjg5YzZm
YTVlNWIwHhcNMjMwMTAxMjE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVlMTQzZDQ4Zjk4NWEwYjI2ZWFhZDMwMTJmYTU0MzNlODY2NWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6726rs34ajTYNnveQFYpMDI1U1q
Rxs7xi4+/cj15/DVCiLIdhz6aF9xT0ErECD0lVs8/pW+Kth/QMh+GLQoCXOm3WgW
zgLwJNTtnyvmVXoyC2Vz3WS9GVBc4fblIwFzl2LRN3RojZnXACAnwNn7627ddAtw
uKg3YlrZ1JzLzHomPp1IcvgLxd6ba5CwSlT4DyDsg0WOrT+68DrXTlrp4SHws8W/
ByIkoLpLY4jn3BszxFnUzHjOGG7KTRT6bCQA9qyKVikDUgrE4VQKoGd14bNajgE+
oW4hxRsL/OCbG3HNlQXL+fB1/a1RcpluJxYkwxytcJ1tfjDHjm5pKYtnbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTuFD1I+YWgsm6q0wEvpUM+hmXnMB8GA1UdIwQY
MBaAFFC6W3ROjfUD2U9B+ykCQonG+l5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUxwYmRFNk45UVBaVDBIN0tRSkNpY2I2WGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi83YWZmNjgtYmFlNi00OThhLTlmNTgt
ZjU1OWNkYThkNDlmLzEvSk80VVBVajVoYUN5YnFyVEFTLWxRejZHWmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi83YWZmNjgtYmFlNi00OThhLTlmNTgtZjU1OWNkYThkNDlm
LzEvVUxwYmRFNk45UVBaVDBIN0tRSkNpY2I2WGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrIMA0G
CSqGSIb3DQEBCwUAA4IBAQAagpBuT4aQNav3mfZ27DmocJ3NeR7m6887Awz9Txln
fSC+vK41kRJb4YewTRR3z6rtSu/jYMCP/tNQN25X1BK0rPqIAAnKWAjD7gzvjHb9
ym7XFt9w0b46fVUmP1uDDhEz7/aw48+ZpBp0FIE15Fy1HetAU+dNuHLS++EICTOt
rfAR2IoxAiPbl7hxySSq1+r+alceIOxPkjQCeexKwlbxtECVDEGHuv6lqVoRjShu
k57lbNOMslIyNsfFHMDfmi2v2SAtbolfM3JLUh/Up4coXnTOPv3L/Xm485VqT2i2
gvC8+I+fkiTrSwo8FjQiMRVecEBi1CYqz4nhm+EdSpiN
-----END CERTIFICATE-----
Generated at Tue May 13 21:04:21 2025 by rpki-client