Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/3debfc-df2e-49d4-bdc6-6d54bf44995e/1/iKc6-PNMmixTZ3C9ADRGttRpF4I.roa
File: iKc6-PNMmixTZ3C9ADRGttRpF4I.roa (raw, json)
Hash identifier: TYwRti1xsgOmMduC9EDVLP2xBLZwF78uk6ysgVeo7G0=
Subject key identifier: 88:A7:3A:F8:F3:4C:9A:2C:53:67:70:BD:00:34:46:B6:D4:69:17:82
Certificate issuer: /CN=f4e2e9b5fb967a7d3d78d0fbb930c080ec9d91e5
Certificate serial: 018B428BE6FD2C2313F6EC9902D6817E2EFB
Authority key identifier: F4:E2:E9:B5:FB:96:7A:7D:3D:78:D0:FB:B9:30:C0:80:EC:9D:91:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OLptfuWen09eND7uTDAgOydkeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/3debfc-df2e-49d4-bdc6-6d54bf44995e/1/iKc6-PNMmixTZ3C9ADRGttRpF4I.roa
Signing time: Wed 18 Oct 2023 11:29:06 +0000
ROA not before: Wed 18 Oct 2023 11:29:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 109.122.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:8b:e6:fd:2c:23:13:f6:ec:99:02:d6:81:7e:2e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e2e9b5fb967a7d3d78d0fbb930c080ec9d91e5
Validity
Not Before: Oct 18 11:29:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a73af8f34c9a2c536770bd003446b6d4691782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fb:b7:52:ea:cb:eb:8f:7f:b5:74:06:c2:9d:
79:6a:70:3f:58:c9:8f:73:f6:1b:f0:61:8b:ad:08:
03:51:33:ee:1a:e8:ed:03:8d:e6:e5:87:0f:6e:4c:
08:09:48:87:a8:7d:ab:b5:30:34:ba:34:ce:30:f2:
0a:e4:50:2e:1d:65:53:70:9c:3a:7f:7d:5e:ad:97:
e5:6c:5d:b6:a6:bb:0d:34:2a:f4:66:c5:91:0d:2c:
de:11:1f:fc:9d:23:ee:52:d8:be:04:31:72:5b:00:
bc:a1:9f:41:16:72:b8:16:6d:98:dc:64:d1:0c:90:
f3:ae:2c:ca:5f:24:6e:58:39:5c:4c:32:df:8f:91:
17:fa:56:04:2a:d2:6c:e4:ee:29:da:c1:a3:4d:79:
e7:71:cb:1a:eb:69:96:eb:e0:be:1d:9b:97:83:12:
48:e8:96:0a:0a:76:36:81:ca:2e:ac:17:dc:8a:c6:
5b:cc:63:a9:6c:73:55:97:54:a7:6e:2b:aa:f5:84:
cf:a8:20:12:1f:fc:50:19:0b:42:c2:84:cd:2c:2c:
f1:95:49:4a:9b:b9:da:88:2b:fc:da:7f:4f:09:39:
4b:b6:b6:6a:24:da:45:9a:db:04:fb:a7:96:f2:6b:
7d:fa:4f:d3:d0:e0:4c:90:ee:46:6b:f1:bd:1e:bc:
c8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A7:3A:F8:F3:4C:9A:2C:53:67:70:BD:00:34:46:B6:D4:69:17:82
X509v3 Authority Key Identifier:
keyid:F4:E2:E9:B5:FB:96:7A:7D:3D:78:D0:FB:B9:30:C0:80:EC:9D:91:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OLptfuWen09eND7uTDAgOydkeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3debfc-df2e-49d4-bdc6-6d54bf44995e/1/iKc6-PNMmixTZ3C9ADRGttRpF4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3debfc-df2e-49d4-bdc6-6d54bf44995e/1/9OLptfuWen09eND7uTDAgOydkeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.56.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:21:d0:8e:a7:e9:2d:85:cc:98:48:ac:02:ae:ad:fb:4b:af:
7a:01:2b:db:cb:48:f2:87:2d:fc:87:ce:a5:63:a8:ae:43:bd:
20:2a:b8:2e:47:66:e8:da:8e:ec:45:85:05:77:7c:1f:92:0e:
a7:44:b9:4a:97:a7:f5:d9:f5:e1:26:15:3e:ac:b0:98:12:5b:
45:1a:2c:46:98:78:ff:6f:a2:44:0e:95:28:a1:1e:a2:15:40:
41:09:41:e3:c0:4a:03:21:02:a9:cc:6b:31:62:c0:c6:30:51:
ce:22:64:26:7a:9c:cf:f1:60:e3:5b:75:c7:ca:2a:87:b1:a8:
9e:91:ce:6f:82:9c:f2:ea:36:02:4a:f3:a3:e9:12:c0:98:ba:
07:07:ef:cd:c9:00:f6:b1:a5:e2:bc:35:e0:43:40:2e:77:4d:
fb:09:a6:a4:58:39:6b:37:e8:12:04:09:fe:22:8b:07:e1:71:
a6:54:b8:89:8c:9f:24:b8:92:7b:3b:34:77:eb:b4:aa:07:8b:
8e:25:76:88:71:2e:88:31:36:5f:c6:1e:e4:4a:15:10:aa:2f:
9b:cd:54:bd:3e:55:45:df:c0:fe:d8:d3:88:ca:f6:d0:07:3e:
ad:54:0b:63:43:22:f9:5e:c0:d2:85:3d:f3:f2:d8:d1:48:02:
17:3e:2f:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtCi+b9LCMT9uyZAtaBfi77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTJlOWI1ZmI5NjdhN2QzZDc4ZDBmYmI5MzBjMDgwZWM5
ZDkxZTUwHhcNMjMxMDE4MTEyOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE3M2FmOGYzNGM5YTJjNTM2NzcwYmQwMDM0NDZiNmQ0NjkxNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvu3UurL649/tXQGwp15anA/WMmP
c/Yb8GGLrQgDUTPuGujtA43m5YcPbkwICUiHqH2rtTA0ujTOMPIK5FAuHWVTcJw6
f31erZflbF22prsNNCr0ZsWRDSzeER/8nSPuUti+BDFyWwC8oZ9BFnK4Fm2Y3GTR
DJDzrizKXyRuWDlcTDLfj5EX+lYEKtJs5O4p2sGjTXnnccsa62mW6+C+HZuXgxJI
6JYKCnY2gcourBfcisZbzGOpbHNVl1Snbiuq9YTPqCASH/xQGQtCwoTNLCzxlUlK
m7naiCv82n9PCTlLtrZqJNpFmtsE+6eW8mt9+k/T0OBMkO5Ga/G9HrzI+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIinOvjzTJosU2dwvQA0RrbUaReCMB8GA1UdIwQY
MBaAFPTi6bX7lnp9PXjQ+7kwwIDsnZHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9McHRmdVdlbjA5ZU5EN3VUREFnT3lka2VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zZGViZmMtZGYyZS00OWQ0LWJkYzYt
NmQ1NGJmNDQ5OTVlLzEvaUtjNi1QTk1taXhUWjNDOUFEUkd0dFJwRjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zZGViZmMtZGYyZS00OWQ0LWJkYzYtNmQ1NGJmNDQ5OTVl
LzEvOU9McHRmdVdlbjA5ZU5EN3VUREFnT3lka2VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbXo4MA0G
CSqGSIb3DQEBCwUAA4IBAQBeIdCOp+kthcyYSKwCrq37S696ASvby0jyhy38h86l
Y6iuQ70gKrguR2bo2o7sRYUFd3wfkg6nRLlKl6f12fXhJhU+rLCYEltFGixGmHj/
b6JEDpUooR6iFUBBCUHjwEoDIQKpzGsxYsDGMFHOImQmepzP8WDjW3XHyiqHsaie
kc5vgpzy6jYCSvOj6RLAmLoHB+/NyQD2saXivDXgQ0Aud037CaakWDlrN+gSBAn+
IosH4XGmVLiJjJ8kuJJ7OzR367SqB4uOJXaIcS6IMTZfxh7kShUQqi+bzVS9PlVF
38D+2NOIyvbQBz6tVAtjQyL5XsDShT3z8tjRSAIXPi8f
-----END CERTIFICATE-----
Generated at Tue May 13 16:19:44 2025 by rpki-client