Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/sZOw6ZmAV-eW5usk1RjXBfJwu3k.roa
File: sZOw6ZmAV-eW5usk1RjXBfJwu3k.roa (raw, json)
Hash identifier: xYRWDuxjHSuoMKKmk6k/DnQlZPxerY0wU1cLVyqv9fE=
Subject key identifier: B1:93:B0:E9:99:80:57:E7:96:E6:EB:24:D5:18:D7:05:F2:70:BB:79
Certificate issuer: /CN=1e9a2f083f471dfb9507b4c973cb5c3acd49759d
Certificate serial: 01942368D67BB18491BE9569EFF9D7A92B2F
Authority key identifier: 1E:9A:2F:08:3F:47:1D:FB:95:07:B4:C9:73:CB:5C:3A:CD:49:75:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpovCD9HHfuVB7TJc8tcOs1JdZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/sZOw6ZmAV-eW5usk1RjXBfJwu3k.roa
Signing time: Wed 01 Jan 2025 19:47:40 +0000
ROA not before: Wed 01 Jan 2025 19:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 109.232.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d6:7b:b1:84:91:be:95:69:ef:f9:d7:a9:2b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9a2f083f471dfb9507b4c973cb5c3acd49759d
Validity
Not Before: Jan 1 19:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b193b0e9998057e796e6eb24d518d705f270bb79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d4:9d:63:f2:45:3c:ac:24:f1:ec:87:4c:04:
58:74:4b:99:ed:85:87:2b:75:4c:07:58:94:a1:41:
25:4c:91:c3:c8:60:f4:42:ab:98:2f:3c:09:e6:1c:
ce:6c:ce:42:d3:9f:51:f5:d3:32:79:dc:56:60:eb:
86:49:7e:49:c4:67:8a:83:a3:8e:39:24:7c:a8:fc:
35:e7:ac:49:da:50:3d:d0:95:c9:ad:e3:45:49:a5:
90:7f:db:ed:01:76:c4:d2:d9:b6:fc:aa:10:5e:da:
e4:9d:5e:74:d6:38:7d:f4:b4:55:33:7f:78:80:c0:
7a:84:0c:90:ac:9d:97:9f:cf:74:52:82:78:c2:df:
44:94:85:84:10:72:8f:65:78:fa:a0:4c:e7:2f:ed:
a4:14:a3:35:6d:46:34:83:af:16:96:97:49:41:b7:
81:f0:42:66:02:37:8f:0c:6f:0f:9e:bf:c9:43:7b:
65:ae:7b:d8:02:3d:3a:6f:75:93:a1:da:f7:3b:a9:
e3:66:8a:b0:ad:08:79:cc:8e:64:6b:f8:77:09:16:
58:ee:e2:df:5e:33:a9:b4:73:af:89:92:63:93:2c:
d7:b4:10:c7:ae:11:ae:fe:76:7d:52:6c:91:b8:4c:
25:81:d1:86:52:6e:d2:ab:79:ed:44:59:65:4e:cf:
ff:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:93:B0:E9:99:80:57:E7:96:E6:EB:24:D5:18:D7:05:F2:70:BB:79
X509v3 Authority Key Identifier:
keyid:1E:9A:2F:08:3F:47:1D:FB:95:07:B4:C9:73:CB:5C:3A:CD:49:75:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpovCD9HHfuVB7TJc8tcOs1JdZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/sZOw6ZmAV-eW5usk1RjXBfJwu3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/HpovCD9HHfuVB7TJc8tcOs1JdZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.88.0/21
Signature Algorithm: sha256WithRSAEncryption
87:d3:33:fb:2c:33:f9:71:21:ab:24:98:8e:aa:d1:09:ca:98:
a3:a9:ec:58:fa:a3:71:42:18:b5:17:f5:f2:1a:b8:2f:93:8d:
b5:b6:fb:9a:6b:36:fa:20:75:a0:9d:d9:e9:8c:3d:15:e7:09:
b7:8d:7e:ef:ea:01:1c:37:31:d5:99:ee:e9:2e:12:66:f0:b0:
fb:db:2d:85:32:6c:92:32:0a:4b:97:17:a8:2a:2c:40:3a:a8:
c5:dc:5d:3c:08:ec:b9:8b:ce:c5:60:a0:09:21:57:ce:7a:2e:
80:dc:af:07:79:ce:bd:ed:96:c5:29:8d:86:3f:a4:93:c4:c3:
41:c4:69:8f:fa:da:85:7f:c3:af:58:91:a5:86:ae:bd:97:e9:
dd:96:e9:86:6a:50:d2:49:78:68:9a:a0:25:57:70:64:a9:8d:
37:1d:bd:92:45:5c:f4:8d:0b:51:87:a3:5e:a9:d1:59:31:29:
cd:d4:c9:49:05:5c:38:dc:f8:22:71:a9:92:d3:fb:f4:5c:aa:
5a:b4:d6:fc:c9:a0:e1:14:1f:58:be:e8:ba:6d:28:54:fd:57:
d9:40:6f:05:f5:8e:5d:9d:72:cb:f7:b8:11:d5:9c:f5:8d:dd:
4e:47:c3:ce:ce:cb:fa:41:b7:ab:17:40:35:6b:8c:9d:2b:ae:
c8:ad:27:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaNZ7sYSRvpVp7/nXqSsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWEyZjA4M2Y0NzFkZmI5NTA3YjRjOTczY2I1YzNhY2Q0
OTc1OWQwHhcNMjUwMTAxMTk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTkzYjBlOTk5ODA1N2U3OTZlNmViMjRkNTE4ZDcwNWYyNzBiYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NSdY/JFPKwk8eyHTARYdEuZ7YWH
K3VMB1iUoUElTJHDyGD0QquYLzwJ5hzObM5C059R9dMyedxWYOuGSX5JxGeKg6OO
OSR8qPw156xJ2lA90JXJreNFSaWQf9vtAXbE0tm2/KoQXtrknV501jh99LRVM394
gMB6hAyQrJ2Xn890UoJ4wt9ElIWEEHKPZXj6oEznL+2kFKM1bUY0g68WlpdJQbeB
8EJmAjePDG8Pnr/JQ3tlrnvYAj06b3WTodr3O6njZoqwrQh5zI5ka/h3CRZY7uLf
XjOptHOviZJjkyzXtBDHrhGu/nZ9UmyRuEwlgdGGUm7Sq3ntRFllTs//jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGTsOmZgFfnlubrJNUY1wXycLt5MB8GA1UdIwQY
MBaAFB6aLwg/Rx37lQe0yXPLXDrNSXWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBvdkNEOUhIZnVWQjdUSmM4dGNPczFKZFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82Mjc3YTctMjkwZi00OTk0LWIyODYt
MjVkNmU4NjEzZGM0LzEvc1pPdzZabUFWLWVXNXVzazFSalhCZkp3dTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82Mjc3YTctMjkwZi00OTk0LWIyODYtMjVkNmU4NjEzZGM0
LzEvSHBvdkNEOUhIZnVWQjdUSmM4dGNPczFKZFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbehYMA0G
CSqGSIb3DQEBCwUAA4IBAQCH0zP7LDP5cSGrJJiOqtEJypijqexY+qNxQhi1F/Xy
Grgvk421tvuaazb6IHWgndnpjD0V5wm3jX7v6gEcNzHVme7pLhJm8LD72y2FMmyS
MgpLlxeoKixAOqjF3F08COy5i87FYKAJIVfOei6A3K8Hec697ZbFKY2GP6STxMNB
xGmP+tqFf8OvWJGlhq69l+ndlumGalDSSXhomqAlV3BkqY03Hb2SRVz0jQtRh6Ne
qdFZMSnN1MlJBVw43PgicamS0/v0XKpatNb8yaDhFB9Yvui6bShU/VfZQG8F9Y5d
nXLL97gR1Zz1jd1OR8POzsv6QberF0A1a4ydK67IrScN
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:55:45 2025 by rpki-client