Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/R8GgH67MzGYrmtUBlZ44LYdM_44.roa
File: R8GgH67MzGYrmtUBlZ44LYdM_44.roa (raw, json)
Hash identifier: eNGVD5qiBokWARwlEPYWPW2sMCzs8hQrScOks2RkSK0=
Subject key identifier: 47:C1:A0:1F:AE:CC:CC:66:2B:9A:D5:01:95:9E:38:2D:87:4C:FF:8E
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 019423697E1B68228C1DA2E1865C9DE7C79C
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/R8GgH67MzGYrmtUBlZ44LYdM_44.roa
Signing time: Wed 01 Jan 2025 19:48:23 +0000
ROA not before: Wed 01 Jan 2025 19:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58153
IP address blocks: 188.213.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:7e:1b:68:22:8c:1d:a2:e1:86:5c:9d:e7:c7:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: Jan 1 19:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47c1a01faecccc662b9ad501959e382d874cff8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4a:bd:e4:85:0e:36:05:e9:6b:d9:a8:5d:40:
60:04:2d:b4:a0:22:e3:03:33:73:d8:06:3e:00:57:
29:8c:cb:c1:6c:a0:64:e3:dd:d3:01:e8:39:58:b5:
11:89:d4:9e:6d:f6:c8:6e:51:aa:8d:58:27:43:03:
72:0f:b4:6e:ff:38:ee:46:4f:12:a5:3b:a3:d1:96:
55:3b:c2:34:1d:aa:db:82:9e:8f:0d:8e:96:e6:1f:
58:bb:7a:44:cb:b3:11:fc:e4:88:e4:26:9f:06:2b:
c6:42:ac:2e:4c:4a:08:60:43:a7:72:d5:6e:72:50:
d9:75:21:b0:0e:c5:91:22:ac:74:d4:b9:84:64:60:
b3:c8:0b:8a:e8:f7:f2:0f:c9:3e:b9:6f:61:21:0e:
82:2f:9e:a7:27:28:d4:19:c9:a2:47:2c:db:26:29:
b6:16:42:13:fb:49:c0:be:5c:6c:9a:4b:74:43:bb:
1c:30:1c:8f:db:f1:2c:8e:70:ef:50:85:9c:17:0f:
35:7a:95:81:fa:7d:4a:28:f4:97:1e:40:f9:6c:70:
68:9f:d1:85:b0:19:00:9f:96:c1:66:d9:07:46:82:
bc:34:a3:81:e7:7f:3f:ec:ca:13:d4:e7:bd:1d:ff:
c4:4b:14:65:71:42:d1:6c:64:0a:d9:cb:15:17:2d:
f3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C1:A0:1F:AE:CC:CC:66:2B:9A:D5:01:95:9E:38:2D:87:4C:FF:8E
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/R8GgH67MzGYrmtUBlZ44LYdM_44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.213.17.0/24
Signature Algorithm: sha256WithRSAEncryption
15:1d:28:eb:56:ae:b8:39:1d:6c:2f:6a:da:1a:bd:0f:8e:20:
38:35:ad:e7:9c:d1:0e:73:bc:3a:83:09:ba:99:ff:a0:ab:50:
81:1a:f7:cc:ed:28:17:22:75:15:47:fc:ee:c2:69:d4:42:78:
99:92:e1:f2:83:23:5f:98:ed:d1:76:5d:7e:22:94:87:d3:d8:
9e:c8:43:e5:97:1f:bd:9c:96:6c:2c:e1:34:00:db:97:0f:40:
c1:ae:01:a1:28:53:57:90:50:ab:6e:4b:f7:b4:f3:32:da:07:
59:12:84:63:52:87:7b:be:9c:2d:96:f1:e0:1a:75:a1:40:c9:
9a:4e:09:a6:28:e1:2b:54:30:2a:86:cb:36:e9:b0:fa:fe:54:
27:8a:18:cf:a9:5c:be:3e:c2:6a:09:99:e4:af:88:a2:6b:87:
11:f4:1f:58:6f:95:4e:3c:2f:00:89:e8:7f:4e:bc:aa:b0:5b:
4e:98:49:e4:2e:4a:8f:62:86:22:99:a1:c3:cf:3b:f2:6f:53:
85:71:b6:dc:9c:0a:37:52:59:8d:a6:80:83:b1:71:4f:7f:8c:
f9:df:99:4a:07:4e:40:49:72:21:c1:1a:f6:33:6f:2e:e6:28:
9d:b5:62:77:61:06:15:f5:72:f8:30:37:4c:ba:46:35:c1:41:
93:dc:db:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaX4baCKMHaLhhlyd58ecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjYxNzk4ZGQxODk2NWMwMjdhZmE3ZjkzYWUwMzBmZjVl
MWQ3NmUwHhcNMjUwMTAxMTk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2MxYTAxZmFlY2NjYzY2MmI5YWQ1MDE5NTllMzgyZDg3NGNmZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Uq95IUONgXpa9moXUBgBC20oCLj
AzNz2AY+AFcpjMvBbKBk493TAeg5WLURidSebfbIblGqjVgnQwNyD7Ru/zjuRk8S
pTuj0ZZVO8I0Harbgp6PDY6W5h9Yu3pEy7MR/OSI5CafBivGQqwuTEoIYEOnctVu
clDZdSGwDsWRIqx01LmEZGCzyAuK6PfyD8k+uW9hIQ6CL56nJyjUGcmiRyzbJim2
FkIT+0nAvlxsmkt0Q7scMByP2/EsjnDvUIWcFw81epWB+n1KKPSXHkD5bHBon9GF
sBkAn5bBZtkHRoK8NKOB538/7MoT1Oe9Hf/ESxRlcULRbGQK2csVFy3ztQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfBoB+uzMxmK5rVAZWeOC2HTP+OMB8GA1UdIwQY
MBaAFAr2F5jdGJZcAnr6f5OuAw/14dduMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEt
ZDZlMWUzNDdmOWM3LzEvUjhHZ0g2N016R1lybXRVQmxaNDRMWWRNXzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEtZDZlMWUzNDdmOWM3
LzEvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNURMA0G
CSqGSIb3DQEBCwUAA4IBAQAVHSjrVq64OR1sL2raGr0PjiA4Na3nnNEOc7w6gwm6
mf+gq1CBGvfM7SgXInUVR/zuwmnUQniZkuHygyNfmO3Rdl1+IpSH09ieyEPllx+9
nJZsLOE0ANuXD0DBrgGhKFNXkFCrbkv3tPMy2gdZEoRjUod7vpwtlvHgGnWhQMma
TgmmKOErVDAqhss26bD6/lQnihjPqVy+PsJqCZnkr4iia4cR9B9Yb5VOPC8Aieh/
TryqsFtOmEnkLkqPYoYimaHDzzvyb1OFcbbcnAo3UlmNpoCDsXFPf4z535lKB05A
SXIhwRr2M28u5iidtWJ3YQYV9XL4MDdMukY1wUGT3Nv0
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:14:53 2025 by rpki-client