Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/s5P9ctGhSzInnfrzFBdgSAflUQE.roa
File: s5P9ctGhSzInnfrzFBdgSAflUQE.roa (raw, json)
Hash identifier: Nr4M4gbzBHTv7mEYzFH6emb+JxfIUW2vC3EEtI2jw7s=
Subject key identifier: B3:93:FD:72:D1:A1:4B:32:27:9D:FA:F3:14:17:60:48:07:E5:51:01
Certificate issuer: /CN=1acb8a70f909ae3e1fc1dbd6bdc425e08eec81b9
Certificate serial: 019425214089377669590B56053C4BB5E0D4
Authority key identifier: 1A:CB:8A:70:F9:09:AE:3E:1F:C1:DB:D6:BD:C4:25:E0:8E:EC:81:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GsuKcPkJrj4fwdvWvcQl4I7sgbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/s5P9ctGhSzInnfrzFBdgSAflUQE.roa
Signing time: Thu 02 Jan 2025 03:48:43 +0000
ROA not before: Thu 02 Jan 2025 03:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209211
IP address blocks: 92.118.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:40:89:37:76:69:59:0b:56:05:3c:4b:b5:e0:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb8a70f909ae3e1fc1dbd6bdc425e08eec81b9
Validity
Not Before: Jan 2 03:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b393fd72d1a14b32279dfaf31417604807e55101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:0d:8c:64:e0:22:92:f2:3c:9b:53:c9:a0:
14:9e:94:90:e0:46:9f:9b:64:92:14:cb:43:32:52:
6a:b4:6f:27:3e:0a:f9:51:58:e7:5a:4a:a5:57:fb:
83:e9:8e:11:f4:35:42:fd:38:cc:e9:90:f1:d0:4f:
af:fc:b2:11:0f:f0:45:37:11:1b:65:29:de:69:fc:
9c:0e:c4:9a:11:52:2a:ef:8d:b6:71:7a:61:e2:e8:
fe:53:e5:b6:c7:f0:bf:db:b6:69:d6:81:78:7f:51:
0b:ee:bc:ff:65:bf:4c:79:f4:b8:41:7a:60:e0:9d:
c0:52:5d:92:f6:72:ba:cf:f2:12:1b:86:f5:53:65:
f9:28:74:89:e1:f7:a3:85:62:56:9d:dc:c7:1d:72:
f6:a6:4d:be:5d:99:b2:0a:45:b7:f8:ef:2a:12:ba:
e3:0d:29:d2:d1:d0:2f:9c:4b:2f:d7:fe:72:fb:ab:
09:80:1c:21:7d:94:20:3c:ea:23:43:5e:aa:dc:fb:
99:d9:66:1f:80:ee:97:8c:a2:2c:bd:e3:a0:74:69:
13:df:47:0d:8c:37:7a:5d:dc:b6:b6:3b:1d:cc:0e:
55:fc:ad:fd:c4:79:4e:ee:19:9d:eb:c7:fb:f7:e3:
10:ad:52:86:c6:42:a1:f6:d8:1e:3d:96:bc:4e:79:
fb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:93:FD:72:D1:A1:4B:32:27:9D:FA:F3:14:17:60:48:07:E5:51:01
X509v3 Authority Key Identifier:
keyid:1A:CB:8A:70:F9:09:AE:3E:1F:C1:DB:D6:BD:C4:25:E0:8E:EC:81:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GsuKcPkJrj4fwdvWvcQl4I7sgbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/s5P9ctGhSzInnfrzFBdgSAflUQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/GsuKcPkJrj4fwdvWvcQl4I7sgbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.20.0/24
Signature Algorithm: sha256WithRSAEncryption
90:84:73:3e:00:a6:d7:be:a7:0e:99:20:d2:14:de:4e:a6:92:
5b:c8:c3:b5:80:e9:6d:94:da:1e:32:82:47:71:92:2e:09:b5:
ce:3e:8e:01:dc:78:b7:cc:94:9d:58:41:ec:99:b0:36:cf:bd:
d4:c4:2a:a2:23:ba:98:1f:08:e1:dd:67:f7:33:ed:d8:0c:52:
a6:5f:9d:e2:7b:be:53:f6:e0:35:cc:df:8b:11:98:0b:3d:a2:
e6:fb:4d:5d:93:2c:55:67:b3:c8:6c:fe:49:5d:56:1d:e5:66:
9b:72:2d:9f:89:09:1e:14:f0:45:37:ab:21:ae:35:b0:ed:99:
2e:4f:ea:ab:22:5f:1c:df:15:8e:98:21:56:cb:15:a3:28:14:
29:5f:42:b9:fc:c5:2c:8b:d4:01:68:19:b2:9a:d4:e6:3e:24:
19:fa:f1:59:a4:4d:80:eb:10:38:98:ce:48:11:2c:88:a4:6d:
e5:df:72:99:f8:70:92:7e:9f:c9:67:06:1f:13:66:c3:5e:27:
9e:d7:85:cf:38:e0:b4:69:6a:7e:d9:d1:9d:23:43:ea:30:15:
b4:f5:84:37:aa:83:8e:9d:df:51:0f:49:37:37:82:16:50:05:
bb:1b:d4:bb:8e:5e:fb:c8:47:15:90:35:6a:45:c2:fa:ed:8d:
30:86:4b:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIUCJN3ZpWQtWBTxLteDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I4YTcwZjkwOWFlM2UxZmMxZGJkNmJkYzQyNWUwOGVl
YzgxYjkwHhcNMjUwMTAyMDM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkzZmQ3MmQxYTE0YjMyMjc5ZGZhZjMxNDE3NjA0ODA3ZTU1MTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqisNjGTgIpLyPJtTyaAUnpSQ4Eaf
m2SSFMtDMlJqtG8nPgr5UVjnWkqlV/uD6Y4R9DVC/TjM6ZDx0E+v/LIRD/BFNxEb
ZSneafycDsSaEVIq7422cXph4uj+U+W2x/C/27Zp1oF4f1EL7rz/Zb9MefS4QXpg
4J3AUl2S9nK6z/ISG4b1U2X5KHSJ4fejhWJWndzHHXL2pk2+XZmyCkW3+O8qErrj
DSnS0dAvnEsv1/5y+6sJgBwhfZQgPOojQ16q3PuZ2WYfgO6XjKIsveOgdGkT30cN
jDd6Xdy2tjsdzA5V/K39xHlO7hmd68f79+MQrVKGxkKh9tgePZa8Tnn7LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOT/XLRoUsyJ5368xQXYEgH5VEBMB8GA1UdIwQY
MBaAFBrLinD5Ca4+H8Hb1r3EJeCO7IG5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N1S2NQa0pyajRmd2R2V3ZjUWw0STdzZ2JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTQ1NmUtNGU1Mi00ZGU1LWJiZDYt
NjBkZTIyNGNmYTRiLzEvczVQOWN0R2hTeklubmZyekZCZGdTQWZsVVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTQ1NmUtNGU1Mi00ZGU1LWJiZDYtNjBkZTIyNGNmYTRi
LzEvR3N1S2NQa0pyajRmd2R2V3ZjUWw0STdzZ2JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHYUMA0G
CSqGSIb3DQEBCwUAA4IBAQCQhHM+AKbXvqcOmSDSFN5OppJbyMO1gOltlNoeMoJH
cZIuCbXOPo4B3Hi3zJSdWEHsmbA2z73UxCqiI7qYHwjh3Wf3M+3YDFKmX53ie75T
9uA1zN+LEZgLPaLm+01dkyxVZ7PIbP5JXVYd5Wabci2fiQkeFPBFN6shrjWw7Zku
T+qrIl8c3xWOmCFWyxWjKBQpX0K5/MUsi9QBaBmymtTmPiQZ+vFZpE2A6xA4mM5I
ESyIpG3l33KZ+HCSfp/JZwYfE2bDXiee14XPOOC0aWp+2dGdI0PqMBW09YQ3qoOO
nd9RD0k3N4IWUAW7G9S7jl77yEcVkDVqRcL67Y0whksL
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:28:34 2025 by rpki-client