Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/1-lNjknVKdfy9Kr1VsI-qDbAP2aw.roa
File: 1-lNjknVKdfy9Kr1VsI-qDbAP2aw.roa (raw, json)
Hash identifier: 81TSb8t74pv7DR8FuAUOgo5v0MatY/lqN25mCeKA5Y4=
Subject key identifier: FA:53:63:92:75:4A:75:FC:BD:2A:BD:55:B0:8F:AA:0D:B0:0F:D9:AC
Certificate issuer: /CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Certificate serial: 019425FDB1D86ABA23D92280396DEFD0CC36
Authority key identifier: D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/1-lNjknVKdfy9Kr1VsI-qDbAP2aw.roa
Signing time: Thu 02 Jan 2025 07:49:30 +0000
ROA not before: Thu 02 Jan 2025 07:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25577
IP address blocks: 109.68.64.0/23 maxlen: 23
109.68.68.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b1:d8:6a:ba:23:d9:22:80:39:6d:ef:d0:cc:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Validity
Not Before: Jan 2 07:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa536392754a75fcbd2abd55b08faa0db00fd9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d4:b3:bb:c3:cb:d4:3e:a3:03:1e:c5:b7:e6:
5b:b9:df:51:c5:d4:d0:9f:94:85:32:2a:9b:da:42:
73:5a:65:d6:5f:17:18:af:db:4a:91:df:fd:2e:de:
c6:e3:aa:8e:b7:7b:8b:7b:55:5d:ee:f9:73:27:7f:
78:97:5b:56:b5:04:65:35:95:68:83:82:95:7d:4c:
1c:ca:93:be:c0:c0:71:26:c7:d8:36:70:de:0c:75:
cb:af:ba:22:61:dc:9d:d8:2f:b3:fd:be:d2:a9:96:
38:6c:79:77:8b:e1:83:55:c4:bf:38:35:15:5c:d3:
76:0c:d3:f8:2b:df:74:fa:17:23:36:a3:09:9c:8f:
93:b2:23:44:d6:6b:51:4e:a1:30:52:ef:e6:f8:52:
92:0d:19:60:75:97:41:2a:f9:b9:3d:01:86:46:c0:
f5:1f:80:f2:ef:20:39:6e:d4:e4:e2:36:17:3d:0a:
02:ae:05:2c:21:c6:d2:3d:3b:e1:88:96:2b:b0:8d:
00:f3:8b:b3:e2:52:d4:20:59:37:21:ba:7b:f9:6d:
e4:8c:59:5a:da:5f:f9:a8:4b:8c:b2:99:0b:c8:27:
52:b4:21:79:29:3d:6d:57:61:54:47:22:52:a5:dd:
3f:5c:83:5c:37:71:7c:94:be:d7:ba:cf:f4:34:d1:
a5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:53:63:92:75:4A:75:FC:BD:2A:BD:55:B0:8F:AA:0D:B0:0F:D9:AC
X509v3 Authority Key Identifier:
keyid:D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/1-lNjknVKdfy9Kr1VsI-qDbAP2aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.64.0/23
109.68.68.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:8f:48:1f:50:ae:32:fb:8e:16:ce:16:84:93:db:35:ad:5d:
2e:4b:1d:37:1c:0c:94:e4:31:8e:1e:aa:64:fe:f6:01:0b:d3:
fc:d6:ba:94:48:ef:7e:a4:aa:37:5a:bc:54:b1:7a:08:af:ad:
16:91:40:92:f4:5b:db:99:12:6d:27:73:24:f5:9a:97:2c:90:
31:1f:f9:f5:4e:e6:f0:95:5c:d6:c3:9e:1c:c2:2d:87:ea:86:
94:75:af:1f:b3:74:de:3d:5e:e1:e0:c3:1f:cf:99:59:d1:d8:
f4:da:ff:7e:e5:98:cc:d9:a7:3c:86:68:29:05:2e:c0:b8:e0:
02:21:2e:74:92:3a:8a:e7:09:82:3a:9f:e7:cf:2f:ba:11:c7:
c1:fb:2c:7a:e2:19:8c:0d:fc:d4:0b:79:6e:71:1f:4f:8d:c9:
ca:76:a2:7e:8d:9b:5f:71:02:36:2b:d6:55:92:d2:27:00:9f:
a5:ac:a5:da:a7:ee:3c:61:00:d6:11:1b:71:1e:3b:23:35:a0:
f8:3c:8a:10:fb:2a:02:a9:da:55:c0:2c:98:3d:8a:b3:c7:bf:
c5:00:53:db:b8:4b:6c:e1:f5:2b:68:0b:38:3c:dc:7f:d7:b4:
a1:c7:e9:20:fc:40:f9:3c:97:9c:6b:aa:cd:ee:e2:6f:cd:44:
0a:ea:2f:ac
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQl/bHYaroj2SKAOW3v0Mw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MjZjYTVkNTNjMWI1MzA4ZTJjOWM3OTFjNjMwYTBmMjIz
Mzc5NDMwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTUzNjM5Mjc1NGE3NWZjYmQyYWJkNTViMDhmYWEwZGIwMGZkOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndSzu8PL1D6jAx7Ft+Zbud9RxdTQ
n5SFMiqb2kJzWmXWXxcYr9tKkd/9Lt7G46qOt3uLe1Vd7vlzJ394l1tWtQRlNZVo
g4KVfUwcypO+wMBxJsfYNnDeDHXLr7oiYdyd2C+z/b7SqZY4bHl3i+GDVcS/ODUV
XNN2DNP4K990+hcjNqMJnI+TsiNE1mtRTqEwUu/m+FKSDRlgdZdBKvm5PQGGRsD1
H4Dy7yA5btTk4jYXPQoCrgUsIcbSPTvhiJYrsI0A84uz4lLUIFk3Ibp7+W3kjFla
2l/5qEuMspkLyCdStCF5KT1tV2FURyJSpd0/XINcN3F8lL7Xus/0NNGlawIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPpTY5J1SnX8vSq9VbCPqg2wD9msMB8GA1UdIwQY
MBaAFNgmyl1TwbUwjiyceRxjCg8iM3lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGIt
NThkMmVlOTgyODc5LzEvMS1sTmprblZLZGZ5OUtyMVZzSS1xRGJBUDJhdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvNGI1NDRlLTY1MzUtNGFmOC1iYmRiLTU4ZDJlZTk4Mjg3
OS8xLzJDYktYVlBCdFRDT0xKeDVIR01LRHlJemVVTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAW1EQAME
AW1ERDANBgkqhkiG9w0BAQsFAAOCAQEAjI9IH1CuMvuOFs4WhJPbNa1dLksdNxwM
lOQxjh6qZP72AQvT/Na6lEjvfqSqN1q8VLF6CK+tFpFAkvRb25kSbSdzJPWalyyQ
MR/59U7m8JVc1sOeHMIth+qGlHWvH7N03j1e4eDDH8+ZWdHY9Nr/fuWYzNmnPIZo
KQUuwLjgAiEudJI6iucJgjqf588vuhHHwfsseuIZjA381At5bnEfT43Jynaifo2b
X3ECNivWVZLSJwCfpayl2qfuPGEA1hEbcR47IzWg+DyKEPsqAqnaVcAsmD2Ks8e/
xQBT27hLbOH1K2gLODzcf9e0ocfpIPxA+TyXnGuqze7ib81ECuovrA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:02:52 2025 by rpki-client