Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c9619d-1b3b-49db-89c2-a70bc30a33c3/1/epx5ZtV1DmNUOssTw71RpRlPSQg.roa
File: epx5ZtV1DmNUOssTw71RpRlPSQg.roa (raw, json)
Hash identifier: Mn6EWImg2YFEUwlk4S0gZpe8CjG2vGuON1o03HQf5Lw=
Subject key identifier: 7A:9C:79:66:D5:75:0E:63:54:3A:CB:13:C3:BD:51:A5:19:4F:49:08
Certificate issuer: /CN=444fd414bbbb50c9ffb5e8cf06654f79fb5876cc
Certificate serial: 0194244556BA0E8F1C967059578225F03B0F
Authority key identifier: 44:4F:D4:14:BB:BB:50:C9:FF:B5:E8:CF:06:65:4F:79:FB:58:76:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RE_UFLu7UMn_tejPBmVPeftYdsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c9619d-1b3b-49db-89c2-a70bc30a33c3/1/epx5ZtV1DmNUOssTw71RpRlPSQg.roa
Signing time: Wed 01 Jan 2025 23:48:31 +0000
ROA not before: Wed 01 Jan 2025 23:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210603
IP address blocks: 109.107.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:56:ba:0e:8f:1c:96:70:59:57:82:25:f0:3b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=444fd414bbbb50c9ffb5e8cf06654f79fb5876cc
Validity
Not Before: Jan 1 23:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a9c7966d5750e63543acb13c3bd51a5194f4908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7c:27:3b:52:ba:1c:f1:3d:3a:62:ea:a7:9f:
1c:13:10:d8:6e:f6:c0:f3:d8:63:fe:84:60:61:26:
8a:7a:af:bb:5b:bb:c9:af:65:71:fe:40:57:cb:ff:
95:9d:2a:e3:d7:81:de:45:d4:1a:bd:2e:17:fb:94:
11:50:0d:f9:47:65:71:90:73:02:e0:ae:2c:30:69:
1d:e2:29:8a:ed:8a:28:5a:1c:f5:c3:bf:46:3d:0d:
5d:fb:0e:72:6f:a8:55:94:11:c0:e7:81:83:5c:69:
43:b2:a2:8b:28:d7:fc:93:37:2f:1a:8e:f5:ac:a7:
6a:00:54:74:57:5d:e3:b6:7a:ef:ed:dc:ab:d8:83:
46:7b:d6:fb:14:5e:b6:1a:d1:f1:eb:ea:bf:69:37:
92:5c:39:ff:19:08:5b:6c:ce:2f:b4:06:3b:f4:18:
a3:99:dd:61:91:73:fc:db:d3:7a:04:48:f5:2b:11:
c5:16:94:3d:f6:28:af:89:5b:ec:f9:57:a4:3f:b4:
3f:24:66:0e:50:79:fe:ed:fb:f9:a2:ef:74:88:7f:
e2:19:15:ab:25:b4:ab:85:b5:e1:23:0d:43:a4:af:
74:57:ca:0a:ba:00:12:a5:b0:d7:87:e8:d3:e7:6c:
06:d7:30:50:8b:4a:f3:f4:d2:d2:af:a4:73:91:a2:
5d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9C:79:66:D5:75:0E:63:54:3A:CB:13:C3:BD:51:A5:19:4F:49:08
X509v3 Authority Key Identifier:
keyid:44:4F:D4:14:BB:BB:50:C9:FF:B5:E8:CF:06:65:4F:79:FB:58:76:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RE_UFLu7UMn_tejPBmVPeftYdsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c9619d-1b3b-49db-89c2-a70bc30a33c3/1/epx5ZtV1DmNUOssTw71RpRlPSQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c9619d-1b3b-49db-89c2-a70bc30a33c3/1/RE_UFLu7UMn_tejPBmVPeftYdsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.131.0/24
Signature Algorithm: sha256WithRSAEncryption
64:c0:0a:29:2b:33:f5:f4:5f:64:67:45:76:57:81:9a:aa:00:
ac:ac:ce:ee:30:42:7b:1a:2b:0e:fe:0e:3a:79:44:72:a5:ed:
e6:0b:42:eb:12:fb:64:20:3c:44:ab:f9:98:44:2e:e7:60:e3:
34:0d:6e:f6:a4:cc:65:69:a7:6f:cf:1f:b4:c5:38:86:90:af:
c6:e6:dd:bf:5a:55:de:09:8e:d1:13:3c:8e:d8:8f:40:3e:71:
59:57:71:3d:b0:48:d1:67:a6:c1:ae:9c:8f:27:df:fe:13:6d:
0e:6e:e5:ce:35:45:c6:b2:6c:17:02:40:ac:6c:5e:1d:da:5a:
37:57:90:14:d4:3a:c5:f3:eb:01:e6:5c:03:ee:b7:bb:fc:45:
a3:0d:59:6a:90:20:70:fd:85:27:e5:3d:6f:45:c3:73:fd:3e:
f2:8f:6e:d5:d8:96:a4:2a:a0:49:54:dc:f0:6c:c4:d5:bc:b6:
04:70:0a:c9:6a:10:22:9a:b6:6e:2d:f9:17:88:0e:c2:ee:8e:
ee:d6:fe:dc:2a:67:bc:8c:12:e3:83:9d:a2:ab:96:3d:29:84:
91:09:db:fc:b8:3f:f6:e2:5c:26:63:b1:f3:66:40:3c:41:c4:
83:32:95:c4:cf:51:bb:cd:79:bf:db:49:4d:3e:9e:2d:9f:d0:
85:a0:e8:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRVa6Do8clnBZV4Il8DsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NGZkNDE0YmJiYjUwYzlmZmI1ZThjZjA2NjU0Zjc5ZmI1
ODc2Y2MwHhcNMjUwMTAxMjM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTljNzk2NmQ1NzUwZTYzNTQzYWNiMTNjM2JkNTFhNTE5NGY0OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nwnO1K6HPE9OmLqp58cExDYbvbA
89hj/oRgYSaKeq+7W7vJr2Vx/kBXy/+VnSrj14HeRdQavS4X+5QRUA35R2VxkHMC
4K4sMGkd4imK7YooWhz1w79GPQ1d+w5yb6hVlBHA54GDXGlDsqKLKNf8kzcvGo71
rKdqAFR0V13jtnrv7dyr2INGe9b7FF62GtHx6+q/aTeSXDn/GQhbbM4vtAY79Bij
md1hkXP829N6BEj1KxHFFpQ99iiviVvs+VekP7Q/JGYOUHn+7fv5ou90iH/iGRWr
JbSrhbXhIw1DpK90V8oKugASpbDXh+jT52wG1zBQi0rz9NLSr6RzkaJdAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqceWbVdQ5jVDrLE8O9UaUZT0kIMB8GA1UdIwQY
MBaAFERP1BS7u1DJ/7XozwZlT3n7WHbMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVfVUZMdTdVTW5fdGVqUEJtVlBlZnRZZHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jOTYxOWQtMWIzYi00OWRiLTg5YzIt
YTcwYmMzMGEzM2MzLzEvZXB4NVp0VjFEbU5VT3NzVHc3MVJwUmxQU1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jOTYxOWQtMWIzYi00OWRiLTg5YzItYTcwYmMzMGEzM2Mz
LzEvUkVfVUZMdTdVTW5fdGVqUEJtVlBlZnRZZHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuDMA0G
CSqGSIb3DQEBCwUAA4IBAQBkwAopKzP19F9kZ0V2V4GaqgCsrM7uMEJ7GisO/g46
eURype3mC0LrEvtkIDxEq/mYRC7nYOM0DW72pMxlaadvzx+0xTiGkK/G5t2/WlXe
CY7REzyO2I9APnFZV3E9sEjRZ6bBrpyPJ9/+E20ObuXONUXGsmwXAkCsbF4d2lo3
V5AU1DrF8+sB5lwD7re7/EWjDVlqkCBw/YUn5T1vRcNz/T7yj27V2JakKqBJVNzw
bMTVvLYEcArJahAimrZuLfkXiA7C7o7u1v7cKme8jBLjg52iq5Y9KYSRCdv8uD/2
4lwmY7HzZkA8QcSDMpXEz1G7zXm/20lNPp4tn9CFoOhs
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:47 2025 by rpki-client on console.sobornost.net