Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aG0k8y-YXdj9HY9x_zJSl1zWIPo.roa
File: aG0k8y-YXdj9HY9x_zJSl1zWIPo.roa (raw, json)
Hash identifier: Dld9rfwFN5At/oa4rg9WqwuYdCDjbLj9fU3FuHF27+I=
Subject key identifier: 68:6D:24:F3:2F:98:5D:D8:FD:1D:8F:71:FF:32:52:97:5C:D6:20:FA
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01942445244781A6FA18F7EAEF856A1A0C78
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aG0k8y-YXdj9HY9x_zJSl1zWIPo.roa
Signing time: Wed 01 Jan 2025 23:48:18 +0000
ROA not before: Wed 01 Jan 2025 23:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57523
IP address blocks: 152.89.198.0/24 maxlen: 24
194.26.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:24:47:81:a6:fa:18:f7:ea:ef:85:6a:1a:0c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=686d24f32f985dd8fd1d8f71ff3252975cd620fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ed:e2:e0:3f:03:cf:bd:7b:bd:d0:48:90:40:
23:94:43:7d:59:ee:89:53:8e:2c:6c:d8:d6:9c:43:
8e:81:0f:55:30:28:08:87:5d:01:2b:bc:2a:d8:d5:
36:a5:b2:90:3d:dd:2d:d6:43:5b:2f:73:85:fd:52:
3a:5f:d0:1b:d8:14:c0:ff:23:6d:b4:b3:75:a3:ea:
fd:91:03:b7:70:66:9c:d6:f1:e1:55:9b:53:b4:3b:
bc:bb:00:30:a0:8e:3b:8d:c1:9e:e7:82:76:1e:27:
f8:c1:97:8d:55:50:23:91:d5:e0:e9:4e:22:74:61:
60:93:87:55:34:a1:f3:27:a7:e0:3d:01:43:26:65:
3d:ac:ac:44:7f:8e:c8:54:9e:22:6f:1c:83:a7:72:
e9:95:53:45:3f:0d:e5:16:5f:63:f1:a3:62:e2:29:
52:b9:a0:d5:3c:91:db:97:ce:61:56:af:0e:71:1c:
4a:83:2f:b3:ae:b1:08:db:a0:17:c0:6e:10:5e:c3:
90:15:ab:66:9c:38:71:9e:94:a5:bf:15:ac:3b:cf:
09:be:3b:3a:86:e1:a3:9d:47:8f:97:cd:70:af:12:
d0:5e:c7:68:26:9d:c1:d7:ce:4e:24:8e:68:84:31:
89:f6:34:48:1f:27:e7:6d:28:40:dc:c2:81:a4:ab:
ed:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6D:24:F3:2F:98:5D:D8:FD:1D:8F:71:FF:32:52:97:5C:D6:20:FA
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aG0k8y-YXdj9HY9x_zJSl1zWIPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.198.0/24
194.26.135.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:7d:be:2e:91:49:49:c6:5e:9b:b2:0e:31:dc:10:ca:78:66:
8d:47:27:fe:26:2a:12:03:2f:78:4b:10:86:d8:34:21:38:e8:
ce:fd:f8:d1:8f:7a:c9:39:fc:10:4e:2b:2b:66:94:25:e5:74:
97:95:1f:ad:67:a3:ce:5a:9b:03:9a:74:c3:f0:4a:22:d9:54:
a3:92:c0:d0:62:5d:c5:62:7d:c2:04:af:6f:83:ef:82:3c:c0:
a3:62:75:82:06:39:25:41:cd:bf:75:d7:63:2b:a2:bb:2e:70:
35:7b:08:f4:d0:18:04:d3:53:08:4a:99:ce:f7:fc:6e:a2:a7:
9f:43:38:ae:c9:57:69:7c:1d:b3:2a:51:41:c5:63:2a:a4:cb:
7e:7a:20:05:42:27:98:14:04:39:73:b9:db:1b:6d:91:b2:d5:
38:c6:ee:ef:14:2e:11:a7:0c:6a:48:a3:d4:92:74:09:a0:3f:
cc:be:fa:5c:87:91:0e:f4:c7:e0:4e:95:9b:59:85:1c:4b:b0:
80:94:f7:a0:05:03:88:68:10:c3:21:21:53:58:0d:22:45:65:
81:b7:c2:85:b6:e2:ee:a9:04:da:16:e4:6f:d7:c3:12:55:a1:
f7:de:08:00:2b:00:1d:8a:1d:84:a2:ce:95:fc:24:45:9c:82:
b8:36:23:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRSRHgab6GPfq74VqGgx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZkMjRmMzJmOTg1ZGQ4ZmQxZDhmNzFmZjMyNTI5NzVjZDYyMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+3i4D8Dz717vdBIkEAjlEN9We6J
U44sbNjWnEOOgQ9VMCgIh10BK7wq2NU2pbKQPd0t1kNbL3OF/VI6X9Ab2BTA/yNt
tLN1o+r9kQO3cGac1vHhVZtTtDu8uwAwoI47jcGe54J2Hif4wZeNVVAjkdXg6U4i
dGFgk4dVNKHzJ6fgPQFDJmU9rKxEf47IVJ4ibxyDp3LplVNFPw3lFl9j8aNi4ilS
uaDVPJHbl85hVq8OcRxKgy+zrrEI26AXwG4QXsOQFatmnDhxnpSlvxWsO88Jvjs6
huGjnUePl81wrxLQXsdoJp3B185OJI5ohDGJ9jRIHyfnbShA3MKBpKvteQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGhtJPMvmF3Y/R2Pcf8yUpdc1iD6MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvYUcwazh5LVlYZGo5SFk5eF96SlNsMXpXSVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmFnGAwQA
whqHMA0GCSqGSIb3DQEBCwUAA4IBAQAcfb4ukUlJxl6bsg4x3BDKeGaNRyf+JioS
Ay94SxCG2DQhOOjO/fjRj3rJOfwQTisrZpQl5XSXlR+tZ6POWpsDmnTD8Eoi2VSj
ksDQYl3FYn3CBK9vg++CPMCjYnWCBjklQc2/dddjK6K7LnA1ewj00BgE01MISpnO
9/xuoqefQziuyVdpfB2zKlFBxWMqpMt+eiAFQieYFAQ5c7nbG22RstU4xu7vFC4R
pwxqSKPUknQJoD/Mvvpch5EO9MfgTpWbWYUcS7CAlPegBQOIaBDDISFTWA0iRWWB
t8KFtuLuqQTaFuRv18MSVaH33ggAKwAdih2Eos6V/CRFnIK4NiM+
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:58:23 2025 by rpki-client