Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8c89w0Wi8wMsoXrghW5qP2-hNS0.roa
File: 8c89w0Wi8wMsoXrghW5qP2-hNS0.roa (raw, json)
Hash identifier: D8vS3w3ktRdTzyzGgvoFRLHLzAmdAx/fg6SYcr4tnA0=
Subject key identifier: F1:CF:3D:C3:45:A2:F3:03:2C:A1:7A:E0:85:6E:6A:3F:6F:A1:35:2D
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 0194B875AA0C42794B78A8F0A896A3F70E2E
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8c89w0Wi8wMsoXrghW5qP2-hNS0.roa
Signing time: Thu 30 Jan 2025 18:25:06 +0000
ROA not before: Thu 30 Jan 2025 18:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58181
IP address blocks: 109.202.105.0/24 maxlen: 24
109.202.110.0/24 maxlen: 24
213.152.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b8:75:aa:0c:42:79:4b:78:a8:f0:a8:96:a3:f7:0e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Jan 30 18:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1cf3dc345a2f3032ca17ae0856e6a3f6fa1352d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3a:8b:1e:f8:c0:3d:43:16:66:77:ba:a3:5d:
e3:da:03:6e:17:aa:75:76:c8:91:7d:8e:b1:a1:6c:
4c:12:97:89:13:00:37:2d:4a:5b:16:ca:84:3c:39:
97:25:e9:ff:92:5d:51:ec:ef:cd:e9:e5:7e:c1:a6:
d7:87:20:79:69:5b:45:33:fb:cd:d0:04:0f:b0:27:
8d:9f:6a:cd:0e:ab:28:d5:db:36:b3:ca:42:b4:54:
46:23:49:43:74:e8:47:35:92:41:77:fc:85:45:35:
b0:0f:ec:61:d8:c3:b6:c5:12:69:80:38:0a:6c:65:
da:17:1d:11:16:9a:2b:5a:94:80:42:cd:6c:4c:fc:
ae:0e:ad:36:5e:53:00:db:10:fe:61:b8:37:07:b2:
fa:20:53:f8:cd:21:61:34:dc:38:ad:96:db:9d:88:
d4:89:03:0f:cc:30:d6:32:90:cb:cc:f6:53:f9:59:
13:73:9c:e0:c9:06:13:3a:c3:20:91:da:12:d3:ee:
ee:5d:29:d7:96:2d:73:07:30:38:16:f4:7f:12:fe:
4b:34:88:23:1b:06:7d:c1:7d:ea:a0:bd:66:32:9c:
0a:59:58:4c:53:b8:ba:b7:c3:6f:7d:1d:8f:39:cc:
1d:4f:b2:63:23:bb:73:2b:15:f6:e6:40:28:a8:c6:
d4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CF:3D:C3:45:A2:F3:03:2C:A1:7A:E0:85:6E:6A:3F:6F:A1:35:2D
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8c89w0Wi8wMsoXrghW5qP2-hNS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.105.0/24
109.202.110.0/24
213.152.175.0/24
Signature Algorithm: sha256WithRSAEncryption
67:ba:aa:08:d1:53:c4:45:f1:ea:14:7f:38:a5:43:d3:a3:a9:
2d:f5:58:30:9b:b5:bd:6f:89:75:b0:11:58:67:b3:c0:e7:f1:
7a:84:7e:4a:4f:82:e6:57:9d:00:92:cf:b4:6c:d7:4e:6b:b7:
ea:83:d9:ba:f7:cd:65:60:ee:0c:1a:d0:a9:63:b0:15:86:d3:
ee:6f:8a:b4:1a:5f:47:0b:8a:86:fd:82:39:b8:bf:e8:ae:6b:
77:29:3b:65:9a:9b:da:14:b0:48:44:6c:86:ed:8f:e1:6a:08:
e9:0a:c9:8e:84:d8:c4:bc:38:b4:9a:82:f5:26:3c:7b:18:90:
49:32:2d:3d:b1:32:d6:09:b5:bc:d6:9d:d8:4f:70:98:e0:3f:
9d:58:35:79:0b:ea:a2:b0:a3:c2:da:e3:e8:6e:b5:fa:74:c0:
e0:18:6b:12:b5:ea:9b:5f:dc:ac:08:2f:42:6a:b3:fd:b7:01:
5a:fc:dc:b4:8f:30:bf:42:fe:53:51:78:4d:81:74:26:04:1f:
59:ea:dd:45:bb:25:9a:31:79:29:87:91:d7:75:5a:95:ff:4e:
79:d3:b9:20:64:f9:51:ec:9f:b9:a2:bf:c1:14:6a:a6:91:c4:
1a:05:a3:3f:19:dc:57:52:54:6f:3d:04:3e:79:5c:5a:cc:8b:
7a:58:0b:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZS4daoMQnlLeKjwqJaj9w4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjUwMTMwMTgyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNmM2RjMzQ1YTJmMzAzMmNhMTdhZTA4NTZlNmEzZjZmYTEzNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDqLHvjAPUMWZne6o13j2gNuF6p1
dsiRfY6xoWxMEpeJEwA3LUpbFsqEPDmXJen/kl1R7O/N6eV+wabXhyB5aVtFM/vN
0AQPsCeNn2rNDqso1ds2s8pCtFRGI0lDdOhHNZJBd/yFRTWwD+xh2MO2xRJpgDgK
bGXaFx0RFporWpSAQs1sTPyuDq02XlMA2xD+Ybg3B7L6IFP4zSFhNNw4rZbbnYjU
iQMPzDDWMpDLzPZT+VkTc5zgyQYTOsMgkdoS0+7uXSnXli1zBzA4FvR/Ev5LNIgj
GwZ9wX3qoL1mMpwKWVhMU7i6t8NvfR2POcwdT7JjI7tzKxX25kAoqMbU0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPHPPcNFovMDLKF64IVuaj9voTUtMB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvOGM4OXcwV2k4d01zb1hyZ2hXNXFQMi1oTlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbcppAwQA
bcpuAwQA1ZivMA0GCSqGSIb3DQEBCwUAA4IBAQBnuqoI0VPERfHqFH84pUPTo6kt
9Vgwm7W9b4l1sBFYZ7PA5/F6hH5KT4LmV50Aks+0bNdOa7fqg9m6981lYO4MGtCp
Y7AVhtPub4q0Gl9HC4qG/YI5uL/ormt3KTtlmpvaFLBIRGyG7Y/hagjpCsmOhNjE
vDi0moL1Jjx7GJBJMi09sTLWCbW81p3YT3CY4D+dWDV5C+qisKPC2uPobrX6dMDg
GGsSteqbX9ysCC9CarP9twFa/Ny0jzC/Qv5TUXhNgXQmBB9Z6t1FuyWaMXkph5HX
dVqV/05507kgZPlR7J+5or/BFGqmkcQaBaM/GdxXUlRvPQQ+eVxazIt6WAvR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:13 2025 by rpki-client on console.sobornost.net