Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/spimqMKhC9PB1IAAapTxgzK4qRM.roa
File: spimqMKhC9PB1IAAapTxgzK4qRM.roa (raw, json)
Hash identifier: Uoz42yC9AHKp3g+1i18MCMkNcCBemOpgqQDvUXFhvIs=
Subject key identifier: B2:98:A6:A8:C2:A1:0B:D3:C1:D4:80:00:6A:94:F1:83:32:B8:A9:13
Certificate issuer: /CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Certificate serial: 019421B22D2EB561E51E7C1FBD6CABFF6678
Authority key identifier: 22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/spimqMKhC9PB1IAAapTxgzK4qRM.roa
Signing time: Wed 01 Jan 2025 11:48:32 +0000
ROA not before: Wed 01 Jan 2025 11:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24725
IP address blocks: 109.70.104.0/24 maxlen: 24
109.70.105.0/24 maxlen: 24
109.70.106.0/24 maxlen: 24
109.70.107.0/24 maxlen: 24
2001:4130::/32 maxlen: 48
2001:4130::/34 maxlen: 48
2001:4130::/48 maxlen: 48
2001:4130:18::/48 maxlen: 48
2001:4130:107::/48 maxlen: 48
2001:4130:50f2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2d:2e:b5:61:e5:1e:7c:1f:bd:6c:ab:ff:66:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Validity
Not Before: Jan 1 11:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b298a6a8c2a10bd3c1d480006a94f18332b8a913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:c8:b1:26:d8:91:2d:a5:b6:f8:63:37:98:
6c:45:c4:24:f2:c0:eb:63:cf:bf:16:0e:77:99:8b:
eb:bc:dd:14:ae:ca:b2:2a:ec:9e:b7:81:08:9d:ac:
79:e2:35:cc:32:f3:36:20:7d:13:73:d7:a7:d4:7b:
97:aa:c7:64:be:e6:8a:21:f1:1a:d0:c5:48:a3:e8:
2f:48:bd:5b:6c:08:6c:75:8c:a8:67:f8:e2:1c:f5:
c5:d1:5b:08:d5:48:45:0d:01:98:f0:b9:3b:de:4c:
34:07:f8:f8:81:98:3a:13:bd:2e:05:1f:24:84:47:
c4:c3:25:bd:90:3e:f1:26:7f:8a:71:76:3f:d6:2a:
43:a2:6e:65:9d:16:74:41:09:71:29:0b:5f:d0:92:
06:9c:16:cd:15:93:95:52:75:f0:6f:bb:c3:ec:b8:
5d:25:3b:99:93:41:86:65:95:18:59:02:5e:1b:56:
bb:30:ee:db:f8:7e:e8:cf:47:31:40:ed:59:7b:ef:
0c:59:3f:e9:71:b1:ae:49:54:b4:7a:80:a4:e6:73:
70:40:bb:57:61:70:71:88:fd:85:f1:cd:00:98:26:
66:f2:74:7e:1c:19:5f:b2:6b:a8:b5:59:c2:36:18:
0d:88:04:55:32:f5:f4:1c:6c:75:b9:9f:75:80:f3:
60:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:98:A6:A8:C2:A1:0B:D3:C1:D4:80:00:6A:94:F1:83:32:B8:A9:13
X509v3 Authority Key Identifier:
keyid:22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/spimqMKhC9PB1IAAapTxgzK4qRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/IjayuK-mA20sjoMXc2-qpy2AxPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.104.0/22
IPv6:
2001:4130::/32
Signature Algorithm: sha256WithRSAEncryption
73:22:57:00:96:31:9d:77:1d:8c:4a:22:55:56:fe:b2:83:33:
46:1c:e5:43:18:1b:99:9d:7d:40:21:d1:8f:96:15:0a:0c:73:
9c:2f:cb:10:3c:e9:6d:ca:4d:43:fa:a5:51:92:ac:5c:63:00:
f5:c5:84:5c:8f:b8:37:c2:54:1b:5d:24:3e:d1:c7:6a:06:75:
f9:30:ea:a6:15:05:63:74:33:5d:4c:2b:09:7d:0e:ac:d8:6c:
e2:52:75:cc:0b:fa:28:0d:99:68:cd:53:36:b8:25:26:a1:28:
33:79:3d:16:d5:6e:a5:86:b3:b8:1c:df:12:3c:0d:db:79:74:
60:5b:4a:73:66:de:b2:a6:11:b4:0a:16:7b:f7:26:b3:20:3f:
4c:80:3c:eb:87:ee:c2:59:b9:d6:7e:a4:48:16:32:7b:3f:28:
4f:61:3e:1c:08:6d:f3:a4:40:31:6f:fa:e9:c1:f7:f6:8d:a2:
37:c1:be:09:dc:2e:20:40:43:db:35:55:53:7f:f9:5a:aa:8c:
15:7a:f4:c4:27:46:2f:47:6a:ab:33:91:c7:22:84:34:b9:e9:
f1:47:cf:b5:e0:fc:f2:9f:27:04:ab:96:36:42:5d:a5:79:9f:
8d:a8:1a:73:12:9f:29:2d:9f:f8:bc:55:95:70:08:8f:50:4e:
5a:31:5e:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsi0utWHlHnwfvWyr/2Z4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZiMmI4YWZhNjAzNmQyYzhlODMxNzczNmZhYWE3MmQ4
MGM0ZjIwHhcNMjUwMTAxMTE0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk4YTZhOGMyYTEwYmQzYzFkNDgwMDA2YTk0ZjE4MzMyYjhhOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPbIsSbYkS2ltvhjN5hsRcQk8sDr
Y8+/Fg53mYvrvN0UrsqyKuyet4EInax54jXMMvM2IH0Tc9en1HuXqsdkvuaKIfEa
0MVIo+gvSL1bbAhsdYyoZ/jiHPXF0VsI1UhFDQGY8Lk73kw0B/j4gZg6E70uBR8k
hEfEwyW9kD7xJn+KcXY/1ipDom5lnRZ0QQlxKQtf0JIGnBbNFZOVUnXwb7vD7Lhd
JTuZk0GGZZUYWQJeG1a7MO7b+H7oz0cxQO1Ze+8MWT/pcbGuSVS0eoCk5nNwQLtX
YXBxiP2F8c0AmCZm8nR+HBlfsmuotVnCNhgNiARVMvX0HGx1uZ91gPNg0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLKYpqjCoQvTwdSAAGqU8YMyuKkTMB8GA1UdIwQY
MBaAFCI2srivpgNtLI6DF3NvqqctgMTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpheXVLLW1BMjBzam9NWGMyLXFweTJBeFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82Zjg5NWItNzk3Ny00NDVkLWI3MmMt
OGI1ZWY0MWQ4YzI1LzEvc3BpbXFNS2hDOVBCMUlBQWFwVHhneks0cVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82Zjg5NWItNzk3Ny00NDVkLWI3MmMtOGI1ZWY0MWQ4YzI1
LzEvSWpheXVLLW1BMjBzam9NWGMyLXFweTJBeFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCbUZoMA0E
AgACMAcDBQAgAUEwMA0GCSqGSIb3DQEBCwUAA4IBAQBzIlcAljGddx2MSiJVVv6y
gzNGHOVDGBuZnX1AIdGPlhUKDHOcL8sQPOltyk1D+qVRkqxcYwD1xYRcj7g3wlQb
XSQ+0cdqBnX5MOqmFQVjdDNdTCsJfQ6s2GziUnXMC/ooDZlozVM2uCUmoSgzeT0W
1W6lhrO4HN8SPA3beXRgW0pzZt6yphG0ChZ79yazID9MgDzrh+7CWbnWfqRIFjJ7
PyhPYT4cCG3zpEAxb/rpwff2jaI3wb4J3C4gQEPbNVVTf/laqowVevTEJ0YvR2qr
M5HHIoQ0uenxR8+14PzynycEq5Y2Ql2leZ+NqBpzEp8pLZ/4vFWVcAiPUE5aMV7H
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:06 2025 by rpki-client on console.sobornost.net