Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/15fee7-d411-4c1d-a7cd-570d17f9f2a5/1/diGFBknLdwh-HCGfBtKOS8e6uJM.roa
File: diGFBknLdwh-HCGfBtKOS8e6uJM.roa (raw, json)
Hash identifier: cB3gm8p9TxqmEEhTV6yxgTgaXbm1raO7jRrFe5J7IiI=
Subject key identifier: 76:21:85:06:49:CB:77:08:7E:1C:21:9F:06:D2:8E:4B:C7:BA:B8:93
Certificate issuer: /CN=62cbfa24a488327b730775e329d51a1921612531
Certificate serial: 019427B69B277B8974A65E8F4EECD36523BB
Authority key identifier: 62:CB:FA:24:A4:88:32:7B:73:07:75:E3:29:D5:1A:19:21:61:25:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ysv6JKSIMntzB3XjKdUaGSFhJTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/15fee7-d411-4c1d-a7cd-570d17f9f2a5/1/diGFBknLdwh-HCGfBtKOS8e6uJM.roa
Signing time: Thu 02 Jan 2025 15:51:06 +0000
ROA not before: Thu 02 Jan 2025 15:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196956
IP address blocks: 109.71.232.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:9b:27:7b:89:74:a6:5e:8f:4e:ec:d3:65:23:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62cbfa24a488327b730775e329d51a1921612531
Validity
Not Before: Jan 2 15:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7621850649cb77087e1c219f06d28e4bc7bab893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f3:ea:ea:cd:86:14:0c:ff:6d:36:d0:3f:d4:
1a:52:b2:74:74:ff:b3:32:55:e2:0f:be:60:7d:d4:
59:17:6e:35:a7:6d:12:4a:26:ba:77:21:be:6b:9a:
ad:c9:97:8f:ef:74:8f:41:9e:66:8c:b6:72:72:03:
ae:d0:91:f9:bf:8a:9e:b7:bd:88:cd:ee:6d:e7:4a:
ad:ff:9e:cf:cc:da:c5:8a:c8:0b:f5:cd:58:c3:20:
a2:db:ee:31:ae:60:0d:0d:83:af:18:a1:e6:02:13:
de:75:66:0b:47:ee:a7:c2:af:d1:93:41:af:84:cd:
6c:bc:b3:a0:ce:b0:6c:c5:b5:e5:82:86:05:c4:d7:
8a:86:4d:0e:f1:06:32:4f:92:2c:aa:6a:3e:cc:be:
09:4e:67:58:30:8b:71:e0:7b:3a:c4:a7:38:a0:60:
d9:6e:24:a2:49:46:03:e8:c3:33:58:10:0c:b2:c1:
ae:0a:a3:d9:83:ad:af:65:d3:70:26:36:c0:6e:9e:
ae:b3:f7:83:cb:84:11:88:d5:4a:da:17:83:50:a5:
f3:13:d6:55:c3:77:69:6d:a4:ba:39:20:43:c4:f4:
77:29:7a:f6:5e:1b:19:fb:c3:94:ef:cf:1a:92:22:
10:e9:b1:18:32:26:0d:1c:a6:e9:07:c1:19:93:5a:
b8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:21:85:06:49:CB:77:08:7E:1C:21:9F:06:D2:8E:4B:C7:BA:B8:93
X509v3 Authority Key Identifier:
keyid:62:CB:FA:24:A4:88:32:7B:73:07:75:E3:29:D5:1A:19:21:61:25:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ysv6JKSIMntzB3XjKdUaGSFhJTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/15fee7-d411-4c1d-a7cd-570d17f9f2a5/1/diGFBknLdwh-HCGfBtKOS8e6uJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/15fee7-d411-4c1d-a7cd-570d17f9f2a5/1/Ysv6JKSIMntzB3XjKdUaGSFhJTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.232.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:ef:b3:1c:d0:77:f4:b6:59:9d:06:34:87:3e:85:9b:6a:31:
f7:c6:91:ac:b5:2d:36:65:1c:82:f5:49:83:56:90:78:73:95:
5f:46:72:c2:89:f1:9f:f5:aa:74:83:16:6e:05:7f:2d:fa:16:
dc:30:cd:88:50:fc:d4:f2:94:01:e1:2b:28:b2:ec:e7:c6:f3:
c3:2f:13:ea:7a:96:89:92:02:9a:24:f6:e3:c4:61:57:e2:ea:
1a:47:84:78:36:bf:cd:6e:d3:a7:c5:0f:ef:0f:9b:81:51:39:
80:5b:3f:f0:57:6a:41:12:88:67:b1:60:5e:c0:2f:77:2b:c9:
6d:7f:10:66:2b:90:b3:15:19:bf:76:b6:40:97:a4:94:a9:db:
a7:1e:06:5f:c2:39:d9:74:05:0e:53:dc:38:eb:38:d3:b9:29:
1e:8e:47:de:d8:f4:2b:aa:d0:e0:db:60:6c:97:11:38:ae:15:
5e:c0:4d:1a:f0:b2:1b:06:ed:be:f5:7a:c6:f6:de:9b:7c:cb:
fc:85:ac:eb:e4:cb:ff:ef:3a:a4:bc:71:d5:e8:77:61:6f:d2:
70:76:58:56:6d:cf:9b:20:60:a4:2c:5c:65:75:8e:e4:9e:40:
8b:12:29:0e:74:a8:36:ce:cd:ea:90:26:ed:22:af:74:94:7c:
bf:1f:24:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntpsne4l0pl6PTuzTZSO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyY2JmYTI0YTQ4ODMyN2I3MzA3NzVlMzI5ZDUxYTE5MjE2
MTI1MzEwHhcNMjUwMTAyMTU1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjIxODUwNjQ5Y2I3NzA4N2UxYzIxOWYwNmQyOGU0YmM3YmFiODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vPq6s2GFAz/bTbQP9QaUrJ0dP+z
MlXiD75gfdRZF241p20SSia6dyG+a5qtyZeP73SPQZ5mjLZycgOu0JH5v4qet72I
ze5t50qt/57PzNrFisgL9c1YwyCi2+4xrmANDYOvGKHmAhPedWYLR+6nwq/Rk0Gv
hM1svLOgzrBsxbXlgoYFxNeKhk0O8QYyT5Isqmo+zL4JTmdYMItx4Hs6xKc4oGDZ
biSiSUYD6MMzWBAMssGuCqPZg62vZdNwJjbAbp6us/eDy4QRiNVK2heDUKXzE9ZV
w3dpbaS6OSBDxPR3KXr2XhsZ+8OU788akiIQ6bEYMiYNHKbpB8EZk1q4kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYhhQZJy3cIfhwhnwbSjkvHuriTMB8GA1UdIwQY
MBaAFGLL+iSkiDJ7cwd14ynVGhkhYSUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXN2NkpLU0lNbnR6QjNYaktkVWFHU0ZoSlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xNWZlZTctZDQxMS00YzFkLWE3Y2Qt
NTcwZDE3ZjlmMmE1LzEvZGlHRkJrbkxkd2gtSENHZkJ0S09TOGU2dUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xNWZlZTctZDQxMS00YzFkLWE3Y2QtNTcwZDE3ZjlmMmE1
LzEvWXN2NkpLU0lNbnR6QjNYaktkVWFHU0ZoSlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbUfoMA0G
CSqGSIb3DQEBCwUAA4IBAQBL77Mc0Hf0tlmdBjSHPoWbajH3xpGstS02ZRyC9UmD
VpB4c5VfRnLCifGf9ap0gxZuBX8t+hbcMM2IUPzU8pQB4SsosuznxvPDLxPqepaJ
kgKaJPbjxGFX4uoaR4R4Nr/NbtOnxQ/vD5uBUTmAWz/wV2pBEohnsWBewC93K8lt
fxBmK5CzFRm/drZAl6SUqdunHgZfwjnZdAUOU9w46zjTuSkejkfe2PQrqtDg22Bs
lxE4rhVewE0a8LIbBu2+9XrG9t6bfMv8hazr5Mv/7zqkvHHV6Hdhb9JwdlhWbc+b
IGCkLFxldY7knkCLEikOdKg2zs3qkCbtIq90lHy/HyT5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:35 2025 by rpki-client