Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/giP_kbaKA33-yfPlTqfm68J69Z4.roa
File: giP_kbaKA33-yfPlTqfm68J69Z4.roa (raw, json)
Hash identifier: +w759WWcfaQsBaHh8/uZ7i7ZPGq7BNuEUOxbbJqHoWU=
Subject key identifier: 82:23:FF:91:B6:8A:03:7D:FE:C9:F3:E5:4E:A7:E6:EB:C2:7A:F5:9E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824D45C0F47E91EC5EA37821F1F79A7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/giP_kbaKA33-yfPlTqfm68J69Z4.roa
Signing time: Thu 02 Jan 2025 17:51:29 +0000
ROA not before: Thu 02 Jan 2025 17:51:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216181
IP address blocks: 87.121.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:d4:5c:0f:47:e9:1e:c5:ea:37:82:1f:1f:79:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8223ff91b68a037dfec9f3e54ea7e6ebc27af59e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2c:ef:89:b3:c7:0b:7b:14:97:76:47:67:91:
78:f6:4b:7e:09:0a:e6:4b:08:bb:d3:01:a4:9e:7e:
3e:28:29:bf:27:a8:81:75:c2:27:1f:9d:cb:af:06:
b9:6c:86:f8:df:1f:9b:08:de:29:95:2b:40:97:1e:
e3:39:49:87:85:bf:db:fc:04:a4:d8:2a:63:a9:89:
bd:59:b0:4c:54:3f:b3:b8:b3:30:b1:49:fe:23:8d:
d3:e9:bc:f2:cf:18:66:d2:a6:91:b6:d5:79:04:8f:
ed:94:af:28:3b:91:44:a0:36:44:9b:02:69:27:69:
31:fb:d0:50:e0:26:1c:f9:1e:8f:77:df:6e:9f:02:
7c:fa:28:56:4d:59:fb:8b:e5:e4:61:71:df:20:9f:
37:58:d8:2d:c4:19:16:e5:97:20:7f:02:4a:5f:02:
eb:a6:61:20:0d:03:b1:ba:0d:72:7e:4b:e5:76:94:
70:6d:d9:c9:dd:15:83:f1:80:d3:9e:9e:3a:5e:5e:
f5:88:ac:cf:7b:d7:c3:4a:67:02:8d:04:7f:91:fe:
59:16:0c:df:76:d3:df:c4:ba:6a:7c:03:62:9e:8e:
07:a8:09:85:cf:d4:61:c8:3e:47:83:5c:0b:aa:f0:
d0:26:b2:4a:ff:c3:31:ab:77:c8:bc:e1:0b:33:b9:
d8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:23:FF:91:B6:8A:03:7D:FE:C9:F3:E5:4E:A7:E6:EB:C2:7A:F5:9E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/giP_kbaKA33-yfPlTqfm68J69Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.220.0/24
Signature Algorithm: sha256WithRSAEncryption
72:aa:1d:bb:d7:e6:c3:67:f0:11:69:6a:53:cd:1e:b3:6f:c9:
e3:25:68:a1:c8:a2:3d:1c:5d:13:78:17:b1:c0:08:8b:a6:f0:
41:05:2f:d7:d9:3a:bd:9d:b7:87:a6:d3:a4:5a:b7:68:61:2a:
7b:ba:a5:1e:1d:9c:bd:e7:3f:1e:8b:9e:53:24:98:2f:19:47:
fc:df:7f:95:59:aa:2a:d7:95:0c:b8:13:7e:70:13:b3:e8:66:
0c:08:59:ea:f9:96:b4:12:53:74:d4:4c:7f:65:2e:c2:56:7c:
21:35:0b:67:54:bc:c4:d5:26:ef:45:42:7b:32:61:8a:4c:af:
33:d3:d6:39:2e:a6:b3:46:44:38:dd:b8:81:0d:11:90:39:78:
53:ce:d3:ad:68:d5:43:a4:17:21:7e:d7:d9:c3:25:cd:05:fe:
77:d3:01:02:a4:4f:7c:42:41:f4:5b:5f:95:66:5f:97:3d:b9:
5e:fc:39:5b:63:8d:b7:32:98:d9:eb:50:2b:6a:68:17:dc:c7:
c6:7c:29:80:ec:a2:cc:37:78:2a:71:cd:bd:b8:cb:13:2d:a3:
a2:6f:44:a7:5e:d8:dd:5d:7a:c6:c3:d7:f4:4e:98:c9:c3:99:
2e:2b:46:ec:30:1b:e2:35:1e:b0:da:10:f7:52:5b:ca:f2:90:
fe:ec:23:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJNRcD0fpHsXqN4IfH3mnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjIzZmY5MWI2OGEwMzdkZmVjOWYzZTU0ZWE3ZTZlYmMyN2FmNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2izvibPHC3sUl3ZHZ5F49kt+CQrm
Swi70wGknn4+KCm/J6iBdcInH53Lrwa5bIb43x+bCN4plStAlx7jOUmHhb/b/ASk
2CpjqYm9WbBMVD+zuLMwsUn+I43T6bzyzxhm0qaRttV5BI/tlK8oO5FEoDZEmwJp
J2kx+9BQ4CYc+R6Pd99unwJ8+ihWTVn7i+XkYXHfIJ83WNgtxBkW5ZcgfwJKXwLr
pmEgDQOxug1yfkvldpRwbdnJ3RWD8YDTnp46Xl71iKzPe9fDSmcCjQR/kf5ZFgzf
dtPfxLpqfANino4HqAmFz9RhyD5Hg1wLqvDQJrJK/8Mxq3fIvOELM7nY1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIj/5G2igN9/snz5U6n5uvCevWeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZ2lQX2tiYUtBMzMteWZQbFRxZm02OEo2OVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3ncMA0G
CSqGSIb3DQEBCwUAA4IBAQByqh271+bDZ/ARaWpTzR6zb8njJWihyKI9HF0TeBex
wAiLpvBBBS/X2Tq9nbeHptOkWrdoYSp7uqUeHZy95z8ei55TJJgvGUf833+VWaoq
15UMuBN+cBOz6GYMCFnq+Za0ElN01Ex/ZS7CVnwhNQtnVLzE1SbvRUJ7MmGKTK8z
09Y5LqazRkQ43biBDRGQOXhTztOtaNVDpBchftfZwyXNBf530wECpE98QkH0W1+V
Zl+XPble/DlbY423MpjZ61AramgX3MfGfCmA7KLMN3gqcc29uMsTLaOib0SnXtjd
XXrGw9f0TpjJw5kuK0bsMBviNR6w2hD3UlvK8pD+7CMW
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:20 2025 by rpki-client