Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/aFpvNJ7rLevniHJ9ls2pNWBxIiw.roa
File: aFpvNJ7rLevniHJ9ls2pNWBxIiw.roa (raw, json)
Hash identifier: w+yXUGnjwcrGETScov/go/5PSor9cO8GGMBVPlVWqyo=
Subject key identifier: 68:5A:6F:34:9E:EB:2D:EB:E7:88:72:7D:96:CD:A9:35:60:71:22:2C
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018382728B84D6C1F903490AE3AAD9C15DBF
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/aFpvNJ7rLevniHJ9ls2pNWBxIiw.roa
Signing time: Wed 28 Sep 2022 04:54:48 +0000
ROA not before: Wed 28 Sep 2022 04:54:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 393427
IP address blocks: 109.160.40.0/24 maxlen: 24
109.160.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:82:72:8b:84:d6:c1:f9:03:49:0a:e3:aa:d9:c1:5d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Sep 28 04:54:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=685a6f349eeb2debe788727d96cda9356071222c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e2:54:c1:0c:a0:e3:68:3c:f8:51:01:ec:f0:
2c:d7:4a:f4:d6:8d:bd:1b:11:f2:33:e6:b0:9d:38:
a5:5d:d0:8a:01:6d:57:e0:fd:ad:44:0e:fc:29:78:
29:bb:1c:45:a4:03:ca:05:94:3a:aa:37:94:89:2f:
7e:17:68:27:a5:c6:df:f1:a1:7a:f2:32:f3:ee:0f:
3e:ff:08:ef:56:10:5c:f6:95:5b:b4:d8:0c:b0:ad:
b9:83:37:a8:7e:77:b5:0e:89:e0:30:34:7f:b9:30:
6a:fe:a5:9f:a5:07:f4:54:87:ff:2d:22:07:50:59:
a0:15:4c:57:54:c4:e4:95:5c:58:70:57:3a:0f:2e:
5b:e1:fe:be:d5:31:11:4f:d9:8c:50:27:d4:e2:0a:
31:e2:f6:8e:65:aa:57:4e:14:24:56:a3:7b:18:a7:
8e:84:31:65:1b:76:d0:0c:d8:a4:77:09:0a:db:a0:
c5:f5:37:5d:66:36:69:53:c0:1f:97:0c:18:24:c5:
66:b4:1f:49:e8:81:2b:1f:9a:36:e3:98:ce:fa:5c:
23:63:f6:30:8c:aa:53:d1:6c:01:e2:1f:4f:13:25:
07:49:26:8a:11:4d:22:d2:61:a7:2f:c1:6b:e6:7a:
4d:a6:08:ef:f0:a5:3f:9f:97:6b:c6:a7:5e:3e:dd:
f3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5A:6F:34:9E:EB:2D:EB:E7:88:72:7D:96:CD:A9:35:60:71:22:2C
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/aFpvNJ7rLevniHJ9ls2pNWBxIiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.40.0/23
Signature Algorithm: sha256WithRSAEncryption
19:a6:20:f8:13:b2:ac:59:99:9e:ba:59:ea:f6:00:8e:86:5b:
80:74:73:da:35:aa:b9:7b:fd:8b:62:8d:57:fe:68:30:89:74:
85:fb:cf:fa:85:36:a9:41:b5:f6:86:15:00:65:b5:c4:d3:65:
33:e3:bd:b2:a9:58:8f:8c:9c:c6:e4:62:7c:a3:19:49:99:8f:
4e:99:eb:56:ac:a1:a0:47:55:48:0e:91:4a:a6:61:59:6d:30:
65:fc:51:14:6f:a5:76:f4:3e:66:e1:8f:61:99:4f:b9:ea:87:
8c:67:9e:b3:11:9f:0e:7e:41:2e:70:23:5f:61:7b:78:57:8e:
ce:8a:1d:77:d5:4e:e1:de:bc:29:6d:f1:c7:cb:0c:78:d4:97:
c6:ec:95:8c:67:95:97:6f:77:60:6e:59:47:24:4c:46:73:6b:
f5:31:29:9e:41:82:c6:b8:f8:f8:1c:53:de:31:d6:d4:e2:23:
52:cc:39:ed:ab:e8:bd:1b:af:8b:ba:3a:83:71:82:81:9b:2d:
70:4e:35:a5:3d:33:0c:b9:64:15:0e:7b:7e:27:71:70:2f:e2:
19:2d:e9:83:ff:13:84:18:6a:ed:9b:c7:ed:e8:2a:37:4b:30:
98:39:a7:74:1c:62:7f:8f:3b:d9:16:3f:e5:4f:81:b5:f2:26:
ba:d4:b0:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOCcouE1sH5A0kK46rZwV2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIwOTI4MDQ1NDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVhNmYzNDllZWIyZGViZTc4ODcyN2Q5NmNkYTkzNTYwNzEyMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOJUwQyg42g8+FEB7PAs10r01o29
GxHyM+awnTilXdCKAW1X4P2tRA78KXgpuxxFpAPKBZQ6qjeUiS9+F2gnpcbf8aF6
8jLz7g8+/wjvVhBc9pVbtNgMsK25gzeofne1DongMDR/uTBq/qWfpQf0VIf/LSIH
UFmgFUxXVMTklVxYcFc6Dy5b4f6+1TERT9mMUCfU4gox4vaOZapXThQkVqN7GKeO
hDFlG3bQDNikdwkK26DF9TddZjZpU8AflwwYJMVmtB9J6IErH5o245jO+lwjY/Yw
jKpT0WwB4h9PEyUHSSaKEU0i0mGnL8Fr5npNpgjv8KU/n5drxqdePt3zYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhabzSe6y3r54hyfZbNqTVgcSIsMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvYUZwdk5KN3JMZXZuaUhKOWxzMnBOV0J4SWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaAoMA0G
CSqGSIb3DQEBCwUAA4IBAQAZpiD4E7KsWZmeulnq9gCOhluAdHPaNaq5e/2LYo1X
/mgwiXSF+8/6hTapQbX2hhUAZbXE02Uz472yqViPjJzG5GJ8oxlJmY9OmetWrKGg
R1VIDpFKpmFZbTBl/FEUb6V29D5m4Y9hmU+56oeMZ56zEZ8OfkEucCNfYXt4V47O
ih131U7h3rwpbfHHywx41JfG7JWMZ5WXb3dgbllHJExGc2v1MSmeQYLGuPj4HFPe
MdbU4iNSzDntq+i9G6+LujqDcYKBmy1wTjWlPTMMuWQVDnt+J3FwL+IZLemD/xOE
GGrtm8ft6Co3SzCYOad0HGJ/jzvZFj/lT4G18ia61LCl
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:04:13 2025 by rpki-client