Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/rcMK08AznTNl69yZpwkwANSHMTs.roa
File: rcMK08AznTNl69yZpwkwANSHMTs.roa (raw, json)
Hash identifier: WjK6cVczVGVfAOrWdWkI76D5GTBKIyYggYnNHyTSPTM=
Subject key identifier: AD:C3:0A:D3:C0:33:9D:33:65:EB:DC:99:A7:09:30:00:D4:87:31:3B
Certificate issuer: /CN=018b20ff098e6b7cbc8b6af0d680065e6b90600b
Certificate serial: 019424B2952BBC8E028141430FC4DEFD50D9
Authority key identifier: 01:8B:20:FF:09:8E:6B:7C:BC:8B:6A:F0:D6:80:06:5E:6B:90:60:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYsg_wmOa3y8i2rw1oAGXmuQYAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/rcMK08AznTNl69yZpwkwANSHMTs.roa
Signing time: Thu 02 Jan 2025 01:47:50 +0000
ROA not before: Thu 02 Jan 2025 01:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210598
IP address blocks: 109.107.152.0/24 maxlen: 24
2a11:d2c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:95:2b:bc:8e:02:81:41:43:0f:c4:de:fd:50:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=018b20ff098e6b7cbc8b6af0d680065e6b90600b
Validity
Not Before: Jan 2 01:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adc30ad3c0339d3365ebdc99a7093000d487313b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:27:98:bc:7b:e8:99:21:41:c4:8f:3d:87:80:
ce:fc:9b:68:21:f2:ad:36:79:53:b9:3c:30:56:81:
c0:27:03:6a:35:dc:59:30:81:d8:ac:a8:5e:a9:5c:
2c:9b:17:7e:eb:16:1d:06:a1:44:38:43:c9:cb:b5:
d7:fb:40:69:5a:d1:26:97:8e:ed:66:f3:63:ae:ab:
af:4b:8f:4f:84:8a:47:f9:68:b9:61:74:dd:11:ff:
fa:4e:26:48:11:63:9d:74:27:8f:74:e5:5a:54:c1:
bb:12:d4:37:f4:81:7c:68:6c:08:e6:e8:c2:04:f3:
31:bb:9a:d6:a1:a0:df:1b:2d:87:df:ec:38:03:0b:
ea:cc:36:96:af:4c:b1:8a:c1:f6:8d:07:70:be:51:
86:55:55:33:bb:74:88:2c:f7:d1:73:05:47:0e:da:
5b:bb:26:b7:8b:5e:f0:78:9a:b3:33:78:0a:e7:d7:
ce:a8:80:49:4f:50:a0:13:d7:3a:96:18:16:1a:97:
55:c7:bb:15:c6:f8:f9:51:6d:38:8f:8a:4c:f3:f2:
05:fc:e1:6b:53:86:94:a5:a4:1a:bc:45:1c:e3:2f:
0d:4d:6d:f8:8a:04:d3:69:2f:ad:a8:3c:b9:58:27:
1b:04:b2:a9:81:9e:4b:c4:d6:4e:3a:bd:2a:a4:86:
3c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C3:0A:D3:C0:33:9D:33:65:EB:DC:99:A7:09:30:00:D4:87:31:3B
X509v3 Authority Key Identifier:
keyid:01:8B:20:FF:09:8E:6B:7C:BC:8B:6A:F0:D6:80:06:5E:6B:90:60:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYsg_wmOa3y8i2rw1oAGXmuQYAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/rcMK08AznTNl69yZpwkwANSHMTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a69b42-0f9d-4f3c-a931-9127f429a48d/1/AYsg_wmOa3y8i2rw1oAGXmuQYAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.152.0/24
IPv6:
2a11:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:20:96:d2:a6:60:1f:fa:00:1b:07:bb:8a:e2:03:d8:56:99:
2a:71:1b:6c:4c:bb:4a:49:ff:80:40:90:2b:c3:ec:27:78:ac:
c1:d6:74:e3:b9:d2:02:79:05:83:32:7a:bf:8d:48:b0:f7:7b:
45:96:19:60:f0:27:4d:e8:74:04:5d:ab:12:fd:10:28:2d:5a:
cc:07:67:98:8f:39:46:08:07:99:ca:48:81:b5:cc:42:a6:e2:
91:82:da:88:a6:c1:cf:54:83:30:e9:e9:87:f3:a1:76:82:fc:
b7:34:72:57:ca:0c:86:32:8a:53:94:40:3e:bf:cd:09:83:7b:
ad:89:29:56:b7:14:c9:d4:65:97:40:b8:95:39:b4:ce:f8:2e:
e1:5d:c4:bc:03:b9:c2:e5:4c:db:44:4a:1a:b8:d2:62:7c:1c:
ef:1b:ee:56:9f:7c:32:52:b1:75:76:67:b4:78:40:a2:23:f2:
b9:18:4a:2e:3b:1b:6d:33:9f:bc:90:e7:e6:c0:b4:5c:f3:61:
f9:21:d0:e9:c7:1f:36:65:eb:e2:96:77:2c:75:0e:eb:f7:70:
58:01:31:c9:89:da:88:59:ef:c2:2d:44:77:75:d8:bb:4f:a8:
8a:8b:d1:27:50:39:8c:06:f2:be:6d:91:00:0f:8f:1d:69:64:
c3:f2:ad:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkspUrvI4CgUFDD8Te/VDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOGIyMGZmMDk4ZTZiN2NiYzhiNmFmMGQ2ODAwNjVlNmI5
MDYwMGIwHhcNMjUwMTAyMDE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGMzMGFkM2MwMzM5ZDMzNjVlYmRjOTlhNzA5MzAwMGQ0ODczMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSeYvHvomSFBxI89h4DO/JtoIfKt
NnlTuTwwVoHAJwNqNdxZMIHYrKheqVwsmxd+6xYdBqFEOEPJy7XX+0BpWtEml47t
ZvNjrquvS49PhIpH+Wi5YXTdEf/6TiZIEWOddCePdOVaVMG7EtQ39IF8aGwI5ujC
BPMxu5rWoaDfGy2H3+w4AwvqzDaWr0yxisH2jQdwvlGGVVUzu3SILPfRcwVHDtpb
uya3i17weJqzM3gK59fOqIBJT1CgE9c6lhgWGpdVx7sVxvj5UW04j4pM8/IF/OFr
U4aUpaQavEUc4y8NTW34igTTaS+tqDy5WCcbBLKpgZ5LxNZOOr0qpIY8bwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK3DCtPAM50zZevcmacJMADUhzE7MB8GA1UdIwQY
MBaAFAGLIP8Jjmt8vItq8NaABl5rkGALMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlzZ193bU9hM3k4aTJydzFvQUdYbXVRWUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9hNjliNDItMGY5ZC00ZjNjLWE5MzEt
OTEyN2Y0MjlhNDhkLzEvcmNNSzA4QXpuVE5sNjl5WnB3a3dBTlNITVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9hNjliNDItMGY5ZC00ZjNjLWE5MzEtOTEyN2Y0MjlhNDhk
LzEvQVlzZ193bU9hM3k4aTJydzFvQUdYbXVRWUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbWuYMA0E
AgACMAcDBQMqEdLAMA0GCSqGSIb3DQEBCwUAA4IBAQA6IJbSpmAf+gAbB7uK4gPY
VpkqcRtsTLtKSf+AQJArw+wneKzB1nTjudICeQWDMnq/jUiw93tFlhlg8CdN6HQE
XasS/RAoLVrMB2eYjzlGCAeZykiBtcxCpuKRgtqIpsHPVIMw6emH86F2gvy3NHJX
ygyGMopTlEA+v80Jg3utiSlWtxTJ1GWXQLiVObTO+C7hXcS8A7nC5UzbREoauNJi
fBzvG+5Wn3wyUrF1dme0eECiI/K5GEouOxttM5+8kOfmwLRc82H5IdDpxx82Zevi
lncsdQ7r93BYATHJidqIWe/CLUR3ddi7T6iKi9EnUDmMBvK+bZEAD48daWTD8q0G
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:18 2025 by rpki-client on console.sobornost.net