Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b23fe7-3028-434f-a2eb-b629b7a00128/1/crhgLZFUZi76qADnwIc3uPeroG0.roa
File: crhgLZFUZi76qADnwIc3uPeroG0.roa (raw, json)
Hash identifier: Po2zoYbwJNmFepHgAQRNVZYBWWCMS1Ty+Wa7eBleaGo=
Subject key identifier: 72:B8:60:2D:91:54:66:2E:FA:A8:00:E7:C0:87:37:B8:F7:AB:A0:6D
Certificate issuer: /CN=2a8b209318ce0f479c4edadbb63c935b28dbb21b
Certificate serial: E8B1F7
Authority key identifier: 2A:8B:20:93:18:CE:0F:47:9C:4E:DA:DB:B6:3C:93:5B:28:DB:B2:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KosgkxjOD0ecTtrbtjyTWyjbshs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/b23fe7-3028-434f-a2eb-b629b7a00128/1/crhgLZFUZi76qADnwIc3uPeroG0.roa
Signing time: Fri 18 Feb 2022 20:46:30 +0000
ROA not before: Fri 18 Feb 2022 20:46:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48031
IP address blocks: 109.205.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15249911 (0xe8b1f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a8b209318ce0f479c4edadbb63c935b28dbb21b
Validity
Not Before: Feb 18 20:46:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72b8602d9154662efaa800e7c08737b8f7aba06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8e:ec:74:c0:ff:f6:12:bd:d5:1c:1a:28:a9:
5a:96:89:5f:ef:95:f3:36:9f:09:57:22:6e:19:47:
c8:c3:2e:0b:53:8a:61:8e:16:ac:c9:f9:c7:77:97:
05:1f:21:57:c6:33:f6:23:67:53:df:dd:0f:08:e3:
a2:9e:33:a3:51:ae:d9:d2:de:71:60:69:a3:3b:c3:
a5:6d:47:f1:92:9c:1b:af:21:75:be:68:77:ef:fd:
44:39:40:83:83:37:80:4c:8d:19:3c:fe:2d:54:e2:
a2:c2:cf:8f:4b:d6:d9:d8:8b:bd:a8:96:b0:5d:af:
3e:f3:1c:ce:7f:b4:8f:6e:d5:e6:60:3a:bf:c5:98:
7b:d6:f9:67:b0:82:a0:cf:2a:8b:fe:30:e2:41:c5:
06:bf:b5:13:fd:86:d1:6b:8f:88:96:c7:6b:af:61:
d2:3c:ab:05:e9:ee:f6:63:53:d2:c2:44:e1:01:1b:
48:b7:0b:3f:7e:1c:f7:a5:3e:3d:d9:3d:e4:0a:01:
ed:a0:10:d1:67:03:f6:c8:02:65:85:55:6b:d3:bf:
20:63:da:bf:14:b6:c2:2b:77:b1:19:68:a6:8d:4e:
1d:b8:a0:78:52:9a:8d:b7:dc:21:b4:fb:e4:7f:f5:
58:2a:55:f3:e4:ec:a2:94:a6:d9:ec:0a:df:69:e3:
08:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B8:60:2D:91:54:66:2E:FA:A8:00:E7:C0:87:37:B8:F7:AB:A0:6D
X509v3 Authority Key Identifier:
keyid:2A:8B:20:93:18:CE:0F:47:9C:4E:DA:DB:B6:3C:93:5B:28:DB:B2:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KosgkxjOD0ecTtrbtjyTWyjbshs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b23fe7-3028-434f-a2eb-b629b7a00128/1/crhgLZFUZi76qADnwIc3uPeroG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b23fe7-3028-434f-a2eb-b629b7a00128/1/KosgkxjOD0ecTtrbtjyTWyjbshs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.188.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:1d:f1:1d:37:ce:04:f9:25:38:30:16:fd:cb:91:7f:15:d7:
d1:c2:6b:95:6e:0a:f3:a7:05:04:6f:b9:d8:09:75:24:78:e5:
06:55:47:a2:40:f7:79:23:2e:5f:e4:24:1b:57:df:a4:1c:fe:
a3:aa:ad:19:45:46:ee:fd:d8:6d:6a:75:04:1d:de:6a:69:35:
73:d9:c0:87:b7:27:7e:9a:ba:19:61:12:80:13:1e:d0:55:12:
e3:cb:0f:08:34:0e:66:9f:75:16:c5:40:d2:ba:d8:96:bb:1d:
2e:84:b4:21:e8:78:62:da:83:0f:90:41:2f:31:04:e1:c4:ca:
a8:64:a0:6e:ce:d3:d5:dd:eb:8e:0f:89:d6:8b:cc:74:c6:4e:
68:7e:ad:4c:1a:e0:a1:1e:ab:85:4d:3e:ba:a7:19:4a:65:c8:
9f:e7:b2:8c:96:a8:e5:8d:cd:e2:db:80:24:11:a0:5f:e6:98:
1d:b0:cc:a7:11:54:8e:01:3a:33:43:f8:2b:1b:70:58:0f:e7:
76:0c:4a:d3:55:c3:db:9e:93:05:0d:d9:67:36:f0:38:8c:eb:
26:38:f9:57:e8:d3:8c:e8:06:8f:85:a2:c5:ac:ab:ac:95:b3:
79:f1:54:83:67:e7:df:6b:8f:ad:9a:db:ae:82:42:a3:12:2d:
5c:d4:05:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOix9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YThiMjA5MzE4Y2UwZjQ3OWM0ZWRhZGJiNjNjOTM1YjI4ZGJiMjFiMB4XDTIyMDIx
ODIwNDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJiODYwMmQ5MTU0
NjYyZWZhYTgwMGU3YzA4NzM3YjhmN2FiYTA2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuO7HTA//YSvdUcGiipWpaJX++V8zafCVcibhlHyMMuC1OK
YY4WrMn5x3eXBR8hV8Yz9iNnU9/dDwjjop4zo1Gu2dLecWBpozvDpW1H8ZKcG68h
db5od+/9RDlAg4M3gEyNGTz+LVTiosLPj0vW2diLvaiWsF2vPvMczn+0j27V5mA6
v8WYe9b5Z7CCoM8qi/4w4kHFBr+1E/2G0WuPiJbHa69h0jyrBenu9mNT0sJE4QEb
SLcLP34c96U+Pdk95AoB7aAQ0WcD9sgCZYVVa9O/IGPavxS2wit3sRlopo1OHbig
eFKajbfcIbT75H/1WCpV8+TsopSm2ewK32njCBcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRyuGAtkVRmLvqoAOfAhze496ugbTAfBgNVHSMEGDAWgBQqiyCTGM4PR5xO
2tu2PJNbKNuyGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tvc2dreGpPRDBlY1R0cmJ0anlUV3lqYnNocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvYjIzZmU3LTMwMjgtNDM0Zi1hMmViLWI2MjliN2EwMDEyOC8x
L2NyaGdMWkZVWmk3NnFBRG53SWMzdVBlcm9HMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
YjIzZmU3LTMwMjgtNDM0Zi1hMmViLWI2MjliN2EwMDEyOC8xL0tvc2dreGpPRDBl
Y1R0cmJ0anlUV3lqYnNocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3NvDANBgkqhkiG9w0BAQsFAAOC
AQEAXR3xHTfOBPklODAW/cuRfxXX0cJrlW4K86cFBG+52Al1JHjlBlVHokD3eSMu
X+QkG1ffpBz+o6qtGUVG7v3YbWp1BB3eamk1c9nAh7cnfpq6GWESgBMe0FUS48sP
CDQOZp91FsVA0rrYlrsdLoS0Ieh4YtqDD5BBLzEE4cTKqGSgbs7T1d3rjg+J1ovM
dMZOaH6tTBrgoR6rhU0+uqcZSmXIn+eyjJao5Y3N4tuAJBGgX+aYHbDMpxFUjgE6
M0P4KxtwWA/ndgxK01XD256TBQ3ZZzbwOIzrJjj5V+jTjOgGj4WixayrrJWzefFU
g2fn32uPrZrbroJCoxItXNQFYg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:32:42 2025 by rpki-client