Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/1-GIE1ZNs_a58uffTHyRFm6JVqgA.roa
File: 1-GIE1ZNs_a58uffTHyRFm6JVqgA.roa (raw, json)
Hash identifier: gy76Xlf9casHiqbf8OmkekUAgQNXTcj0O5qhx7aDk8A=
Subject key identifier: F8:62:04:D5:93:6C:FD:AE:7C:B9:F7:D3:1F:24:45:9B:A2:55:AA:00
Certificate issuer: /CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Certificate serial: 019425FC0D4678F609EDD8888B93FFCA670E
Authority key identifier: 32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/1-GIE1ZNs_a58uffTHyRFm6JVqgA.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 147.189.20.0/24 maxlen: 24
147.189.238.0/24 maxlen: 24
147.189.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0d:46:78:f6:09:ed:d8:88:8b:93:ff:ca:67:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f86204d5936cfdae7cb9f7d31f24459ba255aa00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cd:41:bb:63:e0:d8:88:fd:06:ba:3b:94:17:
f5:5b:64:65:16:7b:db:00:a4:ea:2c:1b:0d:69:c3:
67:cb:18:97:1c:a5:09:2d:3a:5e:10:17:74:77:fe:
0f:a3:a3:a2:4e:79:24:c4:9c:3a:33:eb:76:5c:4d:
5b:9e:b0:93:68:62:70:eb:c7:a7:8f:e6:c2:5b:f0:
c8:d9:37:b5:49:c7:1a:ae:5a:32:03:30:4a:e3:50:
67:df:f8:a3:cb:1b:4a:ac:1f:2c:4d:b6:79:1a:7d:
7f:4d:4e:a2:34:1a:75:bb:ec:18:f0:d4:0a:51:2b:
fa:61:0e:2a:46:ec:31:c2:70:54:22:e9:8f:e0:72:
a0:b9:75:5e:54:25:fd:ef:c7:ad:ea:ac:e0:d5:12:
b3:d9:3e:69:d8:1e:26:c7:53:92:93:4c:a4:76:60:
b1:7a:a9:59:df:ae:bf:ba:cb:bd:0e:58:cb:4b:10:
e7:39:21:29:34:f8:46:52:6d:d9:f9:f1:ab:c9:13:
be:17:49:e9:bb:b7:5e:af:ae:0d:d6:e1:cc:4b:9c:
ad:a5:7c:bb:e2:ac:9b:52:c5:b8:39:a5:34:a1:24:
16:c5:63:18:91:f1:a6:7a:f5:a0:f7:3e:39:5f:19:
0c:1b:58:67:2f:c6:9b:c6:ee:49:4c:17:ef:d8:84:
e8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:62:04:D5:93:6C:FD:AE:7C:B9:F7:D3:1F:24:45:9B:A2:55:AA:00
X509v3 Authority Key Identifier:
keyid:32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/1-GIE1ZNs_a58uffTHyRFm6JVqgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.20.0/24
147.189.238.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:f4:ce:6d:0b:38:79:56:91:c0:07:cc:2d:63:ff:54:27:5b:
f0:dc:8b:4d:6a:fc:4f:5d:98:b6:51:9b:d3:32:be:d8:83:d5:
fa:75:c3:e4:b2:89:9f:8c:bd:4d:f6:08:7a:65:38:d1:bb:7b:
c4:93:ed:42:29:52:1a:3e:f4:0b:ab:c4:56:c7:b0:91:ce:a7:
8f:3c:c8:c8:17:04:0b:25:ff:91:b8:a2:c3:84:bf:07:08:87:
a7:95:71:3c:b8:cd:7b:36:26:ca:51:39:23:f4:66:44:14:3b:
73:f6:47:41:7b:42:ed:03:e2:8b:94:32:7e:00:a6:77:cb:cd:
ef:72:e3:2b:97:53:7c:eb:46:f2:f6:19:91:1b:3b:55:35:20:
cc:16:04:7a:e7:4d:e6:2d:95:6e:71:bf:3c:0d:de:74:fc:a6:
ad:d5:6a:7d:a8:ae:7d:b7:dc:34:de:b1:39:83:4d:80:33:0e:
36:da:c3:bf:6d:d1:f3:a7:28:6c:f3:2e:e9:54:76:86:eb:15:
7b:38:60:79:bf:91:d3:8b:dd:f9:eb:e2:4d:08:d0:bb:92:ac:
0c:6a:49:e9:c9:1b:6c:12:0b:f0:6d:12:6f:53:cd:5d:32:ad:
40:94:f3:ac:62:53:57:99:ef:cd:34:0d:0c:7b:36:29:16:2b:
95:43:35:58
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQl/A1GePYJ7diIi5P/ymcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYWQ4MGQ0MTFhY2I5MzY4NWY1NThhYTdlMTJmNDZiZDE3
MGE3ZmIwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODYyMDRkNTkzNmNmZGFlN2NiOWY3ZDMxZjI0NDU5YmEyNTVhYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc1Bu2Pg2Ij9Bro7lBf1W2RlFnvb
AKTqLBsNacNnyxiXHKUJLTpeEBd0d/4Po6OiTnkkxJw6M+t2XE1bnrCTaGJw68en
j+bCW/DI2Te1SccarloyAzBK41Bn3/ijyxtKrB8sTbZ5Gn1/TU6iNBp1u+wY8NQK
USv6YQ4qRuwxwnBUIumP4HKguXVeVCX978et6qzg1RKz2T5p2B4mx1OSk0ykdmCx
eqlZ366/usu9DljLSxDnOSEpNPhGUm3Z+fGryRO+F0npu7der64N1uHMS5ytpXy7
4qybUsW4OaU0oSQWxWMYkfGmevWg9z45XxkMG1hnL8abxu5JTBfv2ITo3QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPhiBNWTbP2ufLn30x8kRZuiVaoAMB8GA1UdIwQY
MBaAFDKtgNQRrLk2hfVYqn4S9GvRcKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAt
ZGMwZTgxYTlkN2I0LzEvMS1HSUUxWk5zX2E1OHVmZlRIeVJGbTZKVnFnQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDEvOWMyNTA4LWY2OWItNDQ0Yi1iODYwLWRjMGU4MWE5ZDdi
NC8xL01xMkExQkdzdVRhRjlWaXFmaEwwYTlGd3Bfcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJO9FAME
AZO97jANBgkqhkiG9w0BAQsFAAOCAQEAXPTObQs4eVaRwAfMLWP/VCdb8NyLTWr8
T12YtlGb0zK+2IPV+nXD5LKJn4y9TfYIemU40bt7xJPtQilSGj70C6vEVsewkc6n
jzzIyBcECyX/kbiiw4S/BwiHp5VxPLjNezYmylE5I/RmRBQ7c/ZHQXtC7QPii5Qy
fgCmd8vN73LjK5dTfOtG8vYZkRs7VTUgzBYEeudN5i2VbnG/PA3edPymrdVqfaiu
fbfcNN6xOYNNgDMONtrDv23R86cobPMu6VR2husVezhgeb+R04vd+eviTQjQu5Ks
DGpJ6ckbbBIL8G0Sb1PNXTKtQJTzrGJTV5nvzTQNDHs2KRYrlUM1WA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:47:58 2025 by rpki-client