Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/aVKFK0wz2sjp4oIHJ7bvgpmj5Ps.roa
File: aVKFK0wz2sjp4oIHJ7bvgpmj5Ps.roa (raw, json)
Hash identifier: jYANj7lFuepk7MCeJ3sdnqsFL066bddW6pmGrkgE2G0=
Subject key identifier: 69:52:85:2B:4C:33:DA:C8:E9:E2:82:07:27:B6:EF:82:99:A3:E4:FB
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0195A5ED570ED66A051352D73664C91C5D45
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/aVKFK0wz2sjp4oIHJ7bvgpmj5Ps.roa
Signing time: Mon 17 Mar 2025 21:05:49 +0000
ROA not before: Mon 17 Mar 2025 21:05:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 188.209.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a5:ed:57:0e:d6:6a:05:13:52:d7:36:64:c9:1c:5d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 17 21:05:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6952852b4c33dac8e9e2820727b6ef8299a3e4fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cd:03:83:70:0d:17:cf:dc:3a:4e:30:79:e9:
63:35:30:4b:85:ed:9f:64:d6:58:3c:66:ae:4c:87:
a0:b8:37:51:37:22:ee:7a:dc:59:a8:16:66:ea:a3:
ea:f2:0c:a0:6a:e4:4c:67:ce:05:51:7f:8d:3a:57:
42:c3:cd:2e:48:6b:39:bd:11:c5:ff:34:b8:dc:f7:
56:84:0f:9b:63:1d:5e:ce:46:4c:d5:6a:1f:4c:18:
2b:af:d6:ad:51:79:e6:bc:74:27:6d:64:4f:8c:68:
09:a1:5d:68:8e:a9:9d:bc:91:24:3d:19:20:2a:e5:
84:49:73:eb:df:13:cd:42:41:c4:99:d0:29:11:2e:
4d:1a:8e:f2:e2:7f:a0:8e:6c:68:5f:fe:92:e3:10:
d9:ba:ef:b2:cc:9b:ab:e9:1f:63:53:ea:fa:96:de:
1e:23:52:b2:90:6e:56:b1:6b:6a:dd:9e:4e:46:6b:
fa:9e:91:65:15:64:a2:61:3e:6d:4b:3b:ae:98:74:
0f:47:38:7e:30:89:92:62:55:fc:7a:ec:01:10:b1:
85:ef:2e:c2:6b:21:9a:62:aa:58:90:57:27:5c:d7:
b7:17:87:0c:1a:fd:5a:06:40:8d:ea:3a:43:59:c0:
ce:45:a1:c3:f4:fd:4e:78:a4:3b:5e:cf:19:3b:9e:
a9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:52:85:2B:4C:33:DA:C8:E9:E2:82:07:27:B6:EF:82:99:A3:E4:FB
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/aVKFK0wz2sjp4oIHJ7bvgpmj5Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.140.0/24
Signature Algorithm: sha256WithRSAEncryption
67:b6:db:f9:20:f6:9b:73:ce:aa:c4:e3:26:86:c4:b5:47:c1:
33:b0:8d:fa:de:3a:44:cf:0f:d0:b4:96:52:21:4a:da:80:e7:
5a:45:66:8a:ec:4c:bc:36:0a:b5:ab:1a:4e:f7:84:01:b7:72:
14:b6:ca:ec:28:17:99:55:69:e4:06:a0:71:16:75:16:98:25:
e8:84:d9:b8:9a:33:15:1f:14:23:82:cb:d9:8c:43:0e:07:fd:
6f:76:9f:ab:b3:92:3c:5b:5e:be:22:b0:e4:2d:73:b6:05:94:
8b:ff:0a:0d:76:d9:3c:f2:13:35:6b:a4:ca:f7:54:ab:22:3a:
89:4e:93:7b:e8:5a:97:32:cc:33:55:c4:1d:57:62:68:6a:f9:
5f:a6:9f:e3:26:d2:5d:b4:da:7b:c2:2b:36:0b:d4:f7:5d:cc:
c1:88:82:ac:1f:51:cb:0f:cb:1f:38:17:dc:cb:19:73:33:e3:
c0:7e:8b:43:0b:f0:f1:17:dd:bc:ae:c4:81:f4:06:61:4f:e1:
a8:0e:ff:ad:c3:e3:65:ae:b9:96:e7:23:b4:31:38:be:15:81:
d4:b4:ae:d8:b0:bf:e9:83:69:9e:20:b7:86:4b:a4:6f:4f:ac:
9e:0a:36:c5:ac:fa:52:2a:79:b3:89:d1:40:e8:b3:0e:2a:e2:
42:f3:78:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWl7VcO1moFE1LXNmTJHF1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzE3MjEwNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTUyODUyYjRjMzNkYWM4ZTllMjgyMDcyN2I2ZWY4Mjk5YTNlNGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc0Dg3ANF8/cOk4weeljNTBLhe2f
ZNZYPGauTIeguDdRNyLuetxZqBZm6qPq8gygauRMZ84FUX+NOldCw80uSGs5vRHF
/zS43PdWhA+bYx1ezkZM1WofTBgrr9atUXnmvHQnbWRPjGgJoV1ojqmdvJEkPRkg
KuWESXPr3xPNQkHEmdApES5NGo7y4n+gjmxoX/6S4xDZuu+yzJur6R9jU+r6lt4e
I1KykG5WsWtq3Z5ORmv6npFlFWSiYT5tSzuumHQPRzh+MImSYlX8euwBELGF7y7C
ayGaYqpYkFcnXNe3F4cMGv1aBkCN6jpDWcDORaHD9P1OeKQ7Xs8ZO56pFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGlShStMM9rI6eKCBye274KZo+T7MB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvYVZLRkswd3oyc2pwNG9JSEo3YnZncG1qNVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGMMA0G
CSqGSIb3DQEBCwUAA4IBAQBnttv5IPabc86qxOMmhsS1R8EzsI363jpEzw/QtJZS
IUragOdaRWaK7Ey8Ngq1qxpO94QBt3IUtsrsKBeZVWnkBqBxFnUWmCXohNm4mjMV
HxQjgsvZjEMOB/1vdp+rs5I8W16+IrDkLXO2BZSL/woNdtk88hM1a6TK91SrIjqJ
TpN76FqXMswzVcQdV2Joavlfpp/jJtJdtNp7wis2C9T3XczBiIKsH1HLD8sfOBfc
yxlzM+PAfotDC/DxF928rsSB9AZhT+GoDv+tw+NlrrmW5yO0MTi+FYHUtK7YsL/p
g2meILeGS6RvT6yeCjbFrPpSKnmzidFA6LMOKuJC83gu
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:52:09 2025 by rpki-client