Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/5r1gjjGP0_96vFViAMGm3ojPlr0.roa
File: 5r1gjjGP0_96vFViAMGm3ojPlr0.roa (raw, json)
Hash identifier: za4xKL2AlIMqqZh3PeZGKugF8nyAvkaKxzO5WVkQ6h4=
Subject key identifier: E6:BD:60:8E:31:8F:D3:FF:7A:BC:55:62:00:C1:A6:DE:88:CF:96:BD
Certificate issuer: /CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Certificate serial: 0194F4791558FD8C4842226B7DA694B52340
Authority key identifier: 3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/5r1gjjGP0_96vFViAMGm3ojPlr0.roa
Signing time: Tue 11 Feb 2025 10:06:03 +0000
ROA not before: Tue 11 Feb 2025 10:06:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211014
IP address blocks: 86.109.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:79:15:58:fd:8c:48:42:22:6b:7d:a6:94:b5:23:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Validity
Not Before: Feb 11 10:06:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6bd608e318fd3ff7abc556200c1a6de88cf96bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f5:35:e6:c1:45:3d:a9:63:bc:87:1a:72:54:
fb:1c:be:f1:8d:f9:9f:ce:e2:45:4d:d5:d7:39:b8:
eb:fc:01:34:fa:e3:78:da:27:79:1e:14:6d:0f:54:
0d:6a:cb:3d:bf:b8:2c:11:5b:44:83:dc:e0:88:64:
df:08:f4:9c:0c:9e:13:b9:77:12:97:46:48:fe:e6:
1d:03:ea:ae:d2:bf:d1:63:c7:5a:2c:5b:a1:29:84:
ff:83:89:85:c6:d4:2b:94:bf:e5:32:8c:70:0e:bc:
5b:50:72:5b:07:13:d4:44:71:92:3d:36:91:57:02:
f4:cd:30:9f:8b:8e:1d:50:f1:8c:76:d0:64:ac:be:
55:d2:1a:24:83:65:07:4f:1d:9b:32:57:4a:e3:73:
7b:e3:43:11:b5:77:f6:b0:8f:ae:07:3c:40:e5:07:
3c:19:9a:8c:32:b5:26:a1:27:f2:a2:62:02:2d:85:
b5:76:2d:16:4c:11:27:36:09:a2:99:6c:82:0d:70:
9b:26:7f:0d:ca:2f:42:62:14:63:ba:14:ec:20:40:
0b:6b:64:a1:fa:ac:b6:89:4b:20:4b:f0:94:96:bf:
e6:6f:ad:65:bc:e3:39:5c:37:50:d0:14:b2:98:55:
dd:0c:1f:ee:bb:c5:2f:ec:13:4c:14:f3:ec:70:1a:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BD:60:8E:31:8F:D3:FF:7A:BC:55:62:00:C1:A6:DE:88:CF:96:BD
X509v3 Authority Key Identifier:
keyid:3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/5r1gjjGP0_96vFViAMGm3ojPlr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:35:12:57:7f:e6:d6:14:10:48:d4:e1:f6:c5:00:58:91:0a:
74:53:bb:25:b5:8f:58:5f:89:f7:dc:6d:52:5c:c5:56:34:f4:
79:ad:c2:ba:19:a6:eb:74:96:36:3b:3b:cf:65:ea:50:5f:1e:
70:a3:b7:4b:04:bc:7e:e0:e4:80:58:06:74:93:5b:c6:e8:13:
fd:ab:b5:5c:cb:ea:f7:78:b5:04:3b:55:49:3e:40:cb:27:90:
c0:f3:5e:a2:78:23:f1:4b:9b:51:8d:59:bb:96:cc:81:3a:1a:
82:ae:49:1f:1b:37:d6:be:8b:aa:65:f3:ea:53:7f:43:69:60:
0e:be:5a:81:73:2f:42:59:6a:b3:a2:a7:bf:95:a8:37:8c:58:
5c:19:42:a0:f8:37:17:c0:ab:89:45:41:e0:33:7a:b5:f3:24:
34:07:83:2a:31:9c:23:a4:ee:c2:7f:df:23:1f:d9:2b:7d:0f:
a1:27:c2:f0:23:37:a3:fe:6f:47:d1:f7:46:84:00:8e:24:32:
07:83:78:70:a7:c3:c1:36:ed:00:fc:96:79:c6:3f:23:00:46:
9a:f1:43:ce:dc:e3:b5:83:69:b6:fc:15:e5:15:94:79:b5:83:
ea:7a:04:a0:ca:08:4b:66:53:c9:99:8e:0f:55:bb:13:79:af:
ca:05:d4:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT0eRVY/YxIQiJrfaaUtSNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkN2I5ZGZmYWFlMzNlYzJjZjE5YjVhZDRlNDljMWU5ZWIx
ZDlkNjQwHhcNMjUwMjExMTAwNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmJkNjA4ZTMxOGZkM2ZmN2FiYzU1NjIwMGMxYTZkZTg4Y2Y5NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfU15sFFPaljvIcaclT7HL7xjfmf
zuJFTdXXObjr/AE0+uN42id5HhRtD1QNass9v7gsEVtEg9zgiGTfCPScDJ4TuXcS
l0ZI/uYdA+qu0r/RY8daLFuhKYT/g4mFxtQrlL/lMoxwDrxbUHJbBxPURHGSPTaR
VwL0zTCfi44dUPGMdtBkrL5V0hokg2UHTx2bMldK43N740MRtXf2sI+uBzxA5Qc8
GZqMMrUmoSfyomICLYW1di0WTBEnNgmimWyCDXCbJn8Nyi9CYhRjuhTsIEALa2Sh
+qy2iUsgS/CUlr/mb61lvOM5XDdQ0BSymFXdDB/uu8Uv7BNMFPPscBrRSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOa9YI4xj9P/erxVYgDBpt6Iz5a9MB8GA1UdIwQY
MBaAFD17nf+q4z7Czxm1rU5JwenrHZ1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2Ut
NDIyNTIzYzRlNjhiLzEvNXIxZ2pqR1AwXzk2dkZWaUFNR20zb2pQbHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2UtNDIyNTIzYzRlNjhi
LzEvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVm1cMA0G
CSqGSIb3DQEBCwUAA4IBAQCONRJXf+bWFBBI1OH2xQBYkQp0U7sltY9YX4n33G1S
XMVWNPR5rcK6GabrdJY2OzvPZepQXx5wo7dLBLx+4OSAWAZ0k1vG6BP9q7Vcy+r3
eLUEO1VJPkDLJ5DA816ieCPxS5tRjVm7lsyBOhqCrkkfGzfWvouqZfPqU39DaWAO
vlqBcy9CWWqzoqe/lag3jFhcGUKg+DcXwKuJRUHgM3q18yQ0B4MqMZwjpO7Cf98j
H9krfQ+hJ8LwIzej/m9H0fdGhACOJDIHg3hwp8PBNu0A/JZ5xj8jAEaa8UPO3OO1
g2m2/BXlFZR5tYPqegSgyghLZlPJmY4PVbsTea/KBdQO
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:32:38 2025 by rpki-client