Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/kgEB0ytcGhSgHcmngIUqvdjBhAs.roa
File: kgEB0ytcGhSgHcmngIUqvdjBhAs.roa (raw, json)
Hash identifier: VgVj7bpSg+1WlpjkHC2VEmw4d6y9T1Rfe4xlrDKx4/Y=
Subject key identifier: 92:01:01:D3:2B:5C:1A:14:A0:1D:C9:A7:80:85:2A:BD:D8:C1:84:0B
Certificate issuer: /CN=50ba5b744e8df503d94f41fb29024289c6fa5e5b
Certificate serial: 01856F4B57B73E0D3180E9F15B147E8B54F8
Authority key identifier: 50:BA:5B:74:4E:8D:F5:03:D9:4F:41:FB:29:02:42:89:C6:FA:5E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULpbdE6N9QPZT0H7KQJCicb6Xls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/kgEB0ytcGhSgHcmngIUqvdjBhAs.roa
Signing time: Sun 01 Jan 2023 21:44:46 +0000
ROA not before: Sun 01 Jan 2023 21:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134176
IP address blocks: 109.122.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:57:b7:3e:0d:31:80:e9:f1:5b:14:7e:8b:54:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50ba5b744e8df503d94f41fb29024289c6fa5e5b
Validity
Not Before: Jan 1 21:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=920101d32b5c1a14a01dc9a780852abdd8c1840b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:45:7b:8f:e7:cd:44:90:e7:dd:46:ff:32:19:
a8:61:bd:b1:27:94:05:8f:fe:e1:53:f4:2c:3d:49:
f9:8c:3e:5c:83:6c:4c:aa:02:a2:35:77:ad:2a:c4:
ba:6b:42:b9:14:9b:ac:c7:d9:11:cd:e8:63:c3:e1:
43:00:47:36:00:98:05:76:db:a6:3d:2e:86:de:56:
d3:b6:00:18:20:db:c0:91:e4:9c:36:7b:aa:b8:43:
65:8f:c0:24:e1:1a:3c:bd:6f:ea:5e:8f:b6:32:eb:
74:3f:d0:5e:2c:ba:4c:27:7c:52:1b:06:3f:f1:3a:
a5:0e:80:bd:ba:95:f0:f3:31:2a:f4:07:d2:e0:c8:
bd:20:bd:eb:1b:f7:80:e1:3f:68:8f:e9:80:15:93:
71:fe:fb:53:0b:68:91:86:18:cc:37:d2:11:53:19:
a1:57:35:6d:d2:17:dc:fb:f9:9f:a3:fb:89:c1:b3:
ac:8a:a9:1f:d7:1b:2d:f0:c9:bb:64:f1:3d:e6:9d:
90:04:61:62:b3:b4:86:1a:d1:3d:bf:44:4e:49:9b:
64:bb:e5:68:ab:14:44:18:50:79:da:e4:49:31:22:
18:74:5c:b9:93:fc:47:c0:e3:ce:05:c7:22:ec:81:
32:8b:54:78:2d:35:22:f3:29:ab:ad:45:e1:ef:3b:
78:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:01:01:D3:2B:5C:1A:14:A0:1D:C9:A7:80:85:2A:BD:D8:C1:84:0B
X509v3 Authority Key Identifier:
keyid:50:BA:5B:74:4E:8D:F5:03:D9:4F:41:FB:29:02:42:89:C6:FA:5E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULpbdE6N9QPZT0H7KQJCicb6Xls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/kgEB0ytcGhSgHcmngIUqvdjBhAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/ULpbdE6N9QPZT0H7KQJCicb6Xls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.223.0/24
Signature Algorithm: sha256WithRSAEncryption
20:85:d7:6c:98:a9:f5:af:a7:f1:53:85:b8:63:90:74:0e:e1:
3d:74:6a:31:17:7e:08:61:ec:ca:ff:17:a1:ee:eb:58:ec:5e:
34:46:ab:ef:10:cf:6c:99:18:5e:f2:37:dc:86:3f:e1:bb:1e:
13:2f:06:4c:67:09:a8:ad:00:41:7e:ae:eb:61:17:21:1b:d3:
05:db:4c:8e:34:0d:42:a7:b3:9a:e1:b1:f9:83:95:4b:fc:99:
9e:a0:e1:74:b6:c0:9c:00:b5:b2:65:92:14:ca:0c:9a:00:5a:
53:ee:4b:83:91:29:64:db:34:f2:cf:b8:a8:63:e7:bb:f7:9e:
70:37:21:1d:1b:25:1e:ec:66:aa:96:52:90:d8:37:3d:a3:d3:
97:8c:d3:59:6f:ea:a7:9c:9e:3e:ea:88:e2:94:85:51:f9:1f:
37:df:19:a2:6b:ff:7c:f9:cd:4f:14:68:27:60:4c:cc:bb:7a:
e8:20:70:15:6a:82:86:ac:51:cc:02:9e:f1:64:cf:73:4e:01:
f5:c1:b3:50:69:d8:40:fb:0c:f2:b1:c9:89:67:2e:e2:6e:72:
8c:96:67:1f:1f:25:15:5e:f0:2d:ef:1f:42:6a:dc:03:c2:ac:
45:24:aa:6d:e9:24:b8:e0:9c:6b:e3:97:8c:fe:52:aa:dd:90:
54:31:00:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS1e3Pg0xgOnxWxR+i1T4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYmE1Yjc0NGU4ZGY1MDNkOTRmNDFmYjI5MDI0Mjg5YzZm
YTVlNWIwHhcNMjMwMTAxMjE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjAxMDFkMzJiNWMxYTE0YTAxZGM5YTc4MDg1MmFiZGQ4YzE4NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0V7j+fNRJDn3Ub/MhmoYb2xJ5QF
j/7hU/QsPUn5jD5cg2xMqgKiNXetKsS6a0K5FJusx9kRzehjw+FDAEc2AJgFdtum
PS6G3lbTtgAYINvAkeScNnuquENlj8Ak4Ro8vW/qXo+2Mut0P9BeLLpMJ3xSGwY/
8TqlDoC9upXw8zEq9AfS4Mi9IL3rG/eA4T9oj+mAFZNx/vtTC2iRhhjMN9IRUxmh
VzVt0hfc+/mfo/uJwbOsiqkf1xst8Mm7ZPE95p2QBGFis7SGGtE9v0ROSZtku+Vo
qxREGFB52uRJMSIYdFy5k/xHwOPOBcci7IEyi1R4LTUi8ymrrUXh7zt4uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIBAdMrXBoUoB3Jp4CFKr3YwYQLMB8GA1UdIwQY
MBaAFFC6W3ROjfUD2U9B+ykCQonG+l5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUxwYmRFNk45UVBaVDBIN0tRSkNpY2I2WGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi83YWZmNjgtYmFlNi00OThhLTlmNTgt
ZjU1OWNkYThkNDlmLzEva2dFQjB5dGNHaFNnSGNtbmdJVXF2ZGpCaEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi83YWZmNjgtYmFlNi00OThhLTlmNTgtZjU1OWNkYThkNDlm
LzEvVUxwYmRFNk45UVBaVDBIN0tRSkNpY2I2WGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXrfMA0G
CSqGSIb3DQEBCwUAA4IBAQAghddsmKn1r6fxU4W4Y5B0DuE9dGoxF34IYezK/xeh
7utY7F40RqvvEM9smRhe8jfchj/hux4TLwZMZwmorQBBfq7rYRchG9MF20yONA1C
p7Oa4bH5g5VL/JmeoOF0tsCcALWyZZIUygyaAFpT7kuDkSlk2zTyz7ioY+e7955w
NyEdGyUe7GaqllKQ2Dc9o9OXjNNZb+qnnJ4+6ojilIVR+R833xmia/98+c1PFGgn
YEzMu3roIHAVaoKGrFHMAp7xZM9zTgH1wbNQadhA+wzyscmJZy7ibnKMlmcfHyUV
XvAt7x9CatwDwqxFJKpt6SS44Jxr45eM/lKq3ZBUMQAJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 08:24:48 2025 by rpki-client