Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/O_ALJBOJQOTpwnxYUqJoMCrPW1A.roa
File: O_ALJBOJQOTpwnxYUqJoMCrPW1A.roa (raw, json)
Hash identifier: Sur4OvACvljEuJ0Ch4HyVpl3y2ac1xpY9YsKbanDHu8=
Subject key identifier: 3B:F0:0B:24:13:89:40:E4:E9:C2:7C:58:52:A2:68:30:2A:CF:5B:50
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0187CC6B16BC72E4F538AFFEED3B65E1C338
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/O_ALJBOJQOTpwnxYUqJoMCrPW1A.roa
Signing time: Sat 29 Apr 2023 09:49:42 +0000
ROA not before: Sat 29 Apr 2023 09:49:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208046
IP address blocks: 109.205.211.0/24 maxlen: 24
109.205.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cc:6b:16:bc:72:e4:f5:38:af:fe:ed:3b:65:e1:c3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 29 09:49:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf00b24138940e4e9c27c5852a268302acf5b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a4:d5:ee:0b:32:5f:c1:82:82:08:be:83:72:
37:d2:87:ec:97:09:5c:8b:df:ca:6d:dc:e1:b2:e1:
98:03:06:f0:ba:a5:50:d5:46:94:1c:59:87:3b:8c:
4e:0c:5c:62:1f:ad:10:a4:c2:c4:73:1f:4c:a1:52:
32:0f:a3:38:97:f1:9f:55:42:e0:36:f6:91:88:db:
81:fb:2b:fe:72:f2:63:b9:51:b0:fa:a7:69:9b:53:
b5:e0:47:32:06:6e:c3:de:30:fd:1d:3c:95:1a:50:
ba:f1:8e:2e:4f:a0:0b:f8:9a:de:6b:d6:81:77:cf:
4a:f7:dd:af:2f:6c:9d:8c:85:42:c3:90:de:81:2b:
11:b2:f1:58:de:ea:8e:5d:ed:51:09:f6:da:03:b5:
ea:b3:4a:ee:89:df:df:1b:22:f3:ab:81:79:4d:56:
7a:48:20:3d:97:e7:0c:de:be:f3:78:ae:20:c2:32:
a1:4b:d1:e2:45:21:0d:1b:8c:7b:31:ac:46:50:56:
86:0c:44:7b:c2:69:11:13:7e:73:50:40:98:a5:4d:
b7:9b:90:43:aa:ca:ab:1d:87:4e:be:70:73:e6:f9:
27:35:fc:ca:f4:b4:ae:4d:5c:f2:14:25:07:fa:07:
61:4b:7b:71:af:dc:f7:fb:c8:02:f8:3e:0b:f6:ff:
d2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F0:0B:24:13:89:40:E4:E9:C2:7C:58:52:A2:68:30:2A:CF:5B:50
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/O_ALJBOJQOTpwnxYUqJoMCrPW1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.211.0/24
109.205.214.0/24
Signature Algorithm: sha256WithRSAEncryption
de:a0:99:0f:82:58:e6:9d:94:a9:9e:0a:57:32:45:0d:19:3e:
e8:f5:e9:4a:5c:48:cb:fa:91:3c:14:bd:7e:b0:86:80:88:0f:
5c:1c:68:78:a7:b1:c6:d0:28:53:57:27:df:1e:e6:6a:ec:06:
a8:34:f7:66:4b:27:6a:b3:f1:9a:79:d4:2d:94:4d:08:58:47:
51:6e:b2:45:3b:b6:31:97:35:3b:ee:88:ec:4c:20:06:a6:71:
9e:44:21:cc:66:cd:82:93:9c:ba:77:86:a1:d2:41:a4:87:e7:
c5:0c:29:d6:71:cf:69:b7:8f:83:c8:d6:a5:29:2f:bf:da:1e:
a6:22:e8:4a:8d:e5:0f:4a:e2:33:53:08:f8:0c:fc:cf:11:f4:
94:fc:c3:a2:0b:dc:d8:ae:4a:69:64:95:0a:dd:42:26:9f:5a:
de:85:78:a4:5d:45:83:28:8f:52:eb:72:74:5e:fc:a7:7c:32:
1b:4e:88:8d:f8:b5:c6:ad:28:12:51:8a:22:b4:76:7b:da:f4:
86:71:21:0f:30:c0:6d:cf:8a:66:ca:15:dd:07:f3:0a:ee:61:
5e:52:49:c1:1b:76:33:9c:ac:42:11:d2:a5:fc:56:af:89:ad:
05:f4:88:a6:6e:bc:66:a6:c6:f1:ca:cf:8b:9e:3b:b9:a9:d8:
3f:74:62:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfMaxa8cuT1OK/+7Ttl4cM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNDI5MDk0OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmYwMGIyNDEzODk0MGU0ZTljMjdjNTg1MmEyNjgzMDJhY2Y1YjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaTV7gsyX8GCggi+g3I30ofslwlc
i9/KbdzhsuGYAwbwuqVQ1UaUHFmHO4xODFxiH60QpMLEcx9MoVIyD6M4l/GfVULg
NvaRiNuB+yv+cvJjuVGw+qdpm1O14EcyBm7D3jD9HTyVGlC68Y4uT6AL+Jrea9aB
d89K992vL2ydjIVCw5DegSsRsvFY3uqOXe1RCfbaA7Xqs0ruid/fGyLzq4F5TVZ6
SCA9l+cM3r7zeK4gwjKhS9HiRSENG4x7MaxGUFaGDER7wmkRE35zUECYpU23m5BD
qsqrHYdOvnBz5vknNfzK9LSuTVzyFCUH+gdhS3txr9z3+8gC+D4L9v/SEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDvwCyQTiUDk6cJ8WFKiaDAqz1tQMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvT19BTEpCT0pRT1Rwd254WVVxSm9NQ3JQVzFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbc3TAwQA
bc3WMA0GCSqGSIb3DQEBCwUAA4IBAQDeoJkPgljmnZSpngpXMkUNGT7o9elKXEjL
+pE8FL1+sIaAiA9cHGh4p7HG0ChTVyffHuZq7AaoNPdmSydqs/GaedQtlE0IWEdR
brJFO7YxlzU77ojsTCAGpnGeRCHMZs2Ck5y6d4ah0kGkh+fFDCnWcc9pt4+DyNal
KS+/2h6mIuhKjeUPSuIzUwj4DPzPEfSU/MOiC9zYrkppZJUK3UImn1rehXikXUWD
KI9S63J0XvynfDIbToiN+LXGrSgSUYoitHZ72vSGcSEPMMBtz4pmyhXdB/MK7mFe
UknBG3YznKxCEdKl/Favia0F9Iimbrxmpsbxys+Lnju5qdg/dGJT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:42 2025 by rpki-client