Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/dO9TrDQwyOr4PZtyioJGOjg4P84.roa
File: dO9TrDQwyOr4PZtyioJGOjg4P84.roa (raw, json)
Hash identifier: mF0RSzPhRRpIBlg4fSR03qCtk/vAItYC87SW2LLwti0=
Subject key identifier: 74:EF:53:AC:34:30:C8:EA:F8:3D:9B:72:8A:82:46:3A:38:38:3F:CE
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01931B3B486DF2E26FBED5F4CA3F5F643A14
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/dO9TrDQwyOr4PZtyioJGOjg4P84.roa
Signing time: Mon 11 Nov 2024 12:38:10 +0000
ROA not before: Mon 11 Nov 2024 12:38:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 188.209.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:3b:48:6d:f2:e2:6f:be:d5:f4:ca:3f:5f:64:3a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Nov 11 12:38:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74ef53ac3430c8eaf83d9b728a82463a38383fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f4:22:db:83:c3:76:5e:ba:b0:68:92:8b:1d:
94:37:58:f5:73:a3:a2:d2:12:fa:fa:02:cd:30:c4:
82:cc:10:47:a9:9e:04:f7:c9:43:28:50:4b:d2:8d:
3b:14:c3:ba:c0:f9:31:fc:ce:9f:6c:8b:99:81:81:
9a:c2:bb:e8:c9:d3:16:1d:e1:47:b6:53:8c:12:c1:
14:27:e1:76:6d:b7:cf:fd:14:3a:de:49:c4:49:16:
5c:5d:06:ca:fc:a4:22:dc:ed:c0:b1:f7:b1:eb:58:
3c:e6:95:2e:e3:84:41:76:d7:cf:a5:42:a6:cc:8d:
06:08:9d:73:6f:5a:04:b5:c6:08:6a:7b:99:ad:c4:
0e:6a:d1:f3:33:fa:80:e2:9f:16:25:66:6e:4b:3e:
ae:52:46:6d:e4:f6:d6:53:21:a1:4f:00:f0:41:87:
1e:4c:43:2a:27:aa:11:45:65:0c:77:7c:b6:aa:94:
5e:89:96:3b:a0:f2:0a:58:ac:0d:9a:9f:e7:46:14:
66:39:c4:d6:72:5a:2d:2a:ef:a8:28:01:f6:c4:78:
a7:ac:1d:8f:ef:93:7c:37:d5:76:37:a3:14:93:8d:
88:08:34:d2:ca:c9:06:f0:60:2f:11:57:9c:2f:a7:
98:e6:c1:3e:80:da:5d:ee:93:0a:6d:fb:d8:30:8a:
0c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EF:53:AC:34:30:C8:EA:F8:3D:9B:72:8A:82:46:3A:38:38:3F:CE
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/dO9TrDQwyOr4PZtyioJGOjg4P84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
58:af:57:25:ca:48:c8:e9:18:9e:d7:6a:13:9a:2d:6f:ad:6c:
51:ab:9f:05:db:0d:5c:86:54:53:a1:ec:87:77:b4:fc:ed:fb:
93:80:3b:0c:ac:1c:9d:6f:ae:6a:d4:0f:e1:f4:31:48:7c:dc:
1e:34:5b:64:a3:91:97:a7:5b:ac:d0:8a:05:40:4c:c1:d3:83:
02:d2:3a:17:57:09:fb:12:ee:37:a4:11:7f:fa:d4:b2:38:32:
df:fb:01:ef:b5:61:1a:62:8a:41:96:49:52:b5:51:b4:fd:17:
7e:dd:d5:12:67:c4:63:b2:fe:e3:72:b5:bc:e3:c1:3a:0c:dc:
b9:eb:e0:83:bc:ee:ae:7b:3d:f6:f8:0a:56:b6:3d:c3:42:87:
2f:94:d9:1e:d5:53:66:c7:9f:92:fc:23:21:e1:dc:73:d6:e2:
1c:72:37:cd:1c:61:69:d3:74:d1:47:e2:79:52:a8:cd:48:09:
18:2c:59:77:68:db:06:59:a8:a7:a1:34:78:5a:dd:9f:a7:70:
cf:48:e1:3c:d9:5d:ae:f9:b6:2a:50:a6:1f:77:26:28:51:2c:
6d:5e:2f:75:6b:93:85:a0:c5:59:dd:42:aa:ff:53:2a:74:a3:
ab:17:5b:fc:6d:5c:2b:fa:18:b2:a4:f4:94:f3:89:13:4e:e2:
c0:85:5c:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMbO0ht8uJvvtX0yj9fZDoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQxMTExMTIzODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGVmNTNhYzM0MzBjOGVhZjgzZDliNzI4YTgyNDYzYTM4MzgzZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/Qi24PDdl66sGiSix2UN1j1c6Oi
0hL6+gLNMMSCzBBHqZ4E98lDKFBL0o07FMO6wPkx/M6fbIuZgYGawrvoydMWHeFH
tlOMEsEUJ+F2bbfP/RQ63knESRZcXQbK/KQi3O3Asfex61g85pUu44RBdtfPpUKm
zI0GCJ1zb1oEtcYIanuZrcQOatHzM/qA4p8WJWZuSz6uUkZt5PbWUyGhTwDwQYce
TEMqJ6oRRWUMd3y2qpReiZY7oPIKWKwNmp/nRhRmOcTWclotKu+oKAH2xHinrB2P
75N8N9V2N6MUk42ICDTSyskG8GAvEVecL6eY5sE+gNpd7pMKbfvYMIoMbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTvU6w0MMjq+D2bcoqCRjo4OD/OMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvZE85VHJEUXd5T3I0UFp0eWlvSkdPamc0UDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGHMA0G
CSqGSIb3DQEBCwUAA4IBAQBYr1clykjI6Rie12oTmi1vrWxRq58F2w1chlRToeyH
d7T87fuTgDsMrBydb65q1A/h9DFIfNweNFtko5GXp1us0IoFQEzB04MC0joXVwn7
Eu43pBF/+tSyODLf+wHvtWEaYopBlklStVG0/Rd+3dUSZ8Rjsv7jcrW848E6DNy5
6+CDvO6uez32+ApWtj3DQocvlNke1VNmx5+S/CMh4dxz1uIccjfNHGFp03TRR+J5
UqjNSAkYLFl3aNsGWainoTR4Wt2fp3DPSOE82V2u+bYqUKYfdyYoUSxtXi91a5OF
oMVZ3UKq/1MqdKOrF1v8bVwr+hiypPSU84kTTuLAhVzm
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:27:06 2025 by rpki-client