Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/iRvcoMgv8AcRMs2BtVpax2cMYe4.roa
File: iRvcoMgv8AcRMs2BtVpax2cMYe4.roa (raw, json)
Hash identifier: QK7uXHNu7FtSGoIhQFJjmH3DxEG+R3tZSYplPZWu+ms=
Subject key identifier: 89:1B:DC:A0:C8:2F:F0:07:11:32:CD:81:B5:5A:5A:C7:67:0C:61:EE
Certificate issuer: /CN=4ee0b21c89a302be9dc03870c098f23280304b0f
Certificate serial: 018CC8DF1C69C6E38A83D0E082B9BAB5E078
Authority key identifier: 4E:E0:B2:1C:89:A3:02:BE:9D:C0:38:70:C0:98:F2:32:80:30:4B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuCyHImjAr6dwDhwwJjyMoAwSw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/iRvcoMgv8AcRMs2BtVpax2cMYe4.roa
Signing time: Tue 02 Jan 2024 06:31:54 +0000
ROA not before: Tue 02 Jan 2024 06:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213098
IP address blocks: 188.72.42.0/24 maxlen: 24
188.72.43.0/24 maxlen: 24
2a0c:9c0:1::/48 maxlen: 48
2a0c:9c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:1c:69:c6:e3:8a:83:d0:e0:82:b9:ba:b5:e0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee0b21c89a302be9dc03870c098f23280304b0f
Validity
Not Before: Jan 2 06:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=891bdca0c82ff0071132cd81b55a5ac7670c61ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:64:e2:01:e9:84:d3:39:20:79:b1:90:f9:11:
46:b1:30:e2:51:2e:16:c6:1d:85:61:4e:58:8f:df:
94:a8:ed:ed:ca:cb:7f:60:2e:2f:ed:c4:ce:c7:83:
3e:ec:13:c6:d0:17:c3:2c:8e:a9:48:dc:01:59:43:
fe:cc:29:8a:37:99:db:c8:14:6c:e6:0c:a6:9f:06:
ed:b5:a6:42:16:c5:8b:f9:5c:f2:7d:34:d9:19:45:
76:d6:86:5a:f4:99:71:33:63:6c:43:47:81:5f:b0:
8d:57:37:2d:c8:e7:a5:da:ee:f3:5d:03:9b:69:d4:
26:5e:ad:5e:93:d5:11:08:c6:99:6c:27:09:86:4c:
f7:5c:57:e4:6c:66:1b:a9:98:81:bf:16:d9:b8:a9:
2a:01:c7:27:e8:e1:17:17:74:09:61:a9:d1:d2:cf:
e7:27:37:ca:57:89:e6:db:a1:71:5b:45:fc:c9:82:
d7:ec:6d:a5:88:19:09:7e:2f:c5:16:4c:c7:20:bb:
c9:bc:25:f4:b4:73:ca:4e:96:d9:3b:7a:e5:90:fd:
3a:31:0d:14:f5:95:35:08:28:03:df:c8:cf:05:19:
f7:b8:d2:89:1e:23:1f:3a:b3:f1:34:12:08:17:c9:
96:e0:5e:0a:a1:ee:62:33:22:fe:2c:88:7c:96:99:
31:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1B:DC:A0:C8:2F:F0:07:11:32:CD:81:B5:5A:5A:C7:67:0C:61:EE
X509v3 Authority Key Identifier:
keyid:4E:E0:B2:1C:89:A3:02:BE:9D:C0:38:70:C0:98:F2:32:80:30:4B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuCyHImjAr6dwDhwwJjyMoAwSw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/iRvcoMgv8AcRMs2BtVpax2cMYe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/TuCyHImjAr6dwDhwwJjyMoAwSw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.42.0/23
IPv6:
2a0c:9c0::/47
Signature Algorithm: sha256WithRSAEncryption
1a:62:34:78:73:85:c1:e5:fa:e7:bf:ef:ef:56:ac:f9:f6:76:
39:02:83:d9:4b:83:89:bb:59:e7:ba:71:44:7e:76:bf:b9:b8:
fc:6c:64:f3:1f:5e:49:41:7d:6e:43:72:49:8c:32:b2:c9:90:
e2:c8:b9:8c:73:2e:97:18:21:b3:13:3e:ea:b5:71:15:21:05:
b9:fe:ea:63:11:3a:41:c1:08:c6:06:49:a0:fc:f1:40:8e:6e:
5c:c1:ed:e1:66:53:f1:8f:2e:4c:63:a1:f1:56:29:55:12:94:
be:47:94:12:e8:94:6b:a2:da:4e:43:a3:10:9a:08:ed:72:44:
20:7a:f8:d4:05:39:82:f1:5f:02:b2:53:f0:1d:5a:5d:25:9a:
26:47:04:77:2f:6f:97:0c:80:11:71:bd:fc:b1:2f:fd:d9:0c:
68:d4:79:1e:fa:08:a2:f9:49:6c:7c:15:78:7b:e9:9d:ad:dd:
90:0f:e0:bf:f7:00:2e:b9:b9:0d:b0:da:12:d7:47:8a:08:28:
8c:a3:16:b2:6b:09:a7:8a:7e:70:ba:21:62:81:67:21:01:4e:
0c:29:8c:a2:ab:2f:26:7c:ce:b7:7d:ca:dd:c0:a1:c1:79:ed:
79:68:c9:65:65:7a:67:1b:51:19:1c:90:cb:f6:ab:73:88:a7:
0e:10:35:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3xxpxuOKg9Dggrm6teB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTBiMjFjODlhMzAyYmU5ZGMwMzg3MGMwOThmMjMyODAz
MDRiMGYwHhcNMjQwMTAyMDYzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTFiZGNhMGM4MmZmMDA3MTEzMmNkODFiNTVhNWFjNzY3MGM2MWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWTiAemE0zkgebGQ+RFGsTDiUS4W
xh2FYU5Yj9+UqO3tyst/YC4v7cTOx4M+7BPG0BfDLI6pSNwBWUP+zCmKN5nbyBRs
5gymnwbttaZCFsWL+VzyfTTZGUV21oZa9JlxM2NsQ0eBX7CNVzctyOel2u7zXQOb
adQmXq1ek9URCMaZbCcJhkz3XFfkbGYbqZiBvxbZuKkqAccn6OEXF3QJYanR0s/n
JzfKV4nm26FxW0X8yYLX7G2liBkJfi/FFkzHILvJvCX0tHPKTpbZO3rlkP06MQ0U
9ZU1CCgD38jPBRn3uNKJHiMfOrPxNBIIF8mW4F4Koe5iMyL+LIh8lpkxCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIkb3KDIL/AHETLNgbVaWsdnDGHuMB8GA1UdIwQY
MBaAFE7gshyJowK+ncA4cMCY8jKAMEsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVDeUhJbWpBcjZkd0Rod3dKanlNb0F3U3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYTI3OGItMTI0Ni00OGUzLTlhMDUt
NTA5NjExYjU5YzRhLzEvaVJ2Y29NZ3Y4QWNSTXMyQnRWcGF4MmNNWWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYTI3OGItMTI0Ni00OGUzLTlhMDUtNTA5NjExYjU5YzRh
LzEvVHVDeUhJbWpBcjZkd0Rod3dKanlNb0F3U3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBvEgqMA8E
AgACMAkDBwEqDAnAAAAwDQYJKoZIhvcNAQELBQADggEBABpiNHhzhcHl+ue/7+9W
rPn2djkCg9lLg4m7Wee6cUR+dr+5uPxsZPMfXklBfW5DckmMMrLJkOLIuYxzLpcY
IbMTPuq1cRUhBbn+6mMROkHBCMYGSaD88UCOblzB7eFmU/GPLkxjofFWKVUSlL5H
lBLolGui2k5DoxCaCO1yRCB6+NQFOYLxXwKyU/AdWl0lmiZHBHcvb5cMgBFxvfyx
L/3ZDGjUeR76CKL5SWx8FXh76Z2t3ZAP4L/3AC65uQ2w2hLXR4oIKIyjFrJrCaeK
fnC6IWKBZyEBTgwpjKKrLyZ8zrd9yt3AocF57XloyWVlemcbURkckMv2q3OIpw4Q
NTg=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:30:21 2025 by rpki-client