Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/xkFHoE3m8TsxfhUcnOvdyv_k-2Y.roa
File: xkFHoE3m8TsxfhUcnOvdyv_k-2Y.roa (raw, json)
Hash identifier: 3tgTtUdb400qHBMvHCVIyHMvumMAoOu+4tRFODYLphM=
Subject key identifier: C6:41:47:A0:4D:E6:F1:3B:31:7E:15:1C:9C:EB:DD:CA:FF:E4:FB:66
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019584BF0854F6F981587AB96B2D2EEB73AE
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/xkFHoE3m8TsxfhUcnOvdyv_k-2Y.roa
Signing time: Tue 11 Mar 2025 10:27:46 +0000
ROA not before: Tue 11 Mar 2025 10:27:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211682
IP address blocks: 188.132.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:bf:08:54:f6:f9:81:58:7a:b9:6b:2d:2e:eb:73:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 11 10:27:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c64147a04de6f13b317e151c9cebddcaffe4fb66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7a:af:ed:d6:34:af:ff:60:96:8a:87:2c:70:
16:75:e7:ff:5c:0c:4c:27:c5:91:fb:91:a7:07:84:
50:8a:c0:44:80:89:55:c8:91:d2:7b:3d:a9:2e:ff:
7f:92:e1:a0:05:31:77:a7:5f:ac:2d:ed:8b:0c:b7:
e7:a8:39:3e:d8:7e:92:bc:c9:4d:a5:d9:41:2f:b5:
b7:e6:95:93:fa:0c:ab:c3:c7:e8:de:82:81:45:1f:
38:c4:77:bf:37:dd:e9:64:77:7a:f8:a2:e0:86:2d:
bf:9d:aa:29:dc:72:2f:fc:c4:31:3d:d0:24:e3:0f:
7b:9b:1a:87:23:9a:96:56:fe:3c:93:8c:89:e0:a3:
e8:cd:6b:2f:a9:f4:0b:de:89:0f:5b:df:ef:d9:17:
d6:ff:49:5f:a0:ae:82:5d:18:31:a4:81:73:e1:f5:
d1:2b:8d:9a:8d:10:ff:f0:7f:2d:d4:f6:a6:b4:ad:
b8:d5:6d:68:88:e0:79:65:71:2a:6a:8c:5a:93:19:
fb:dc:09:90:31:83:20:71:22:cd:6a:0e:dc:5d:9e:
8c:13:71:f3:1c:05:b3:d0:83:3b:02:9f:57:45:88:
09:10:7b:f9:ba:33:7e:c3:28:48:00:41:33:40:ae:
ae:23:87:2d:ed:d9:97:a4:fd:24:31:ce:81:bd:6a:
a3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:41:47:A0:4D:E6:F1:3B:31:7E:15:1C:9C:EB:DD:CA:FF:E4:FB:66
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/xkFHoE3m8TsxfhUcnOvdyv_k-2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.236.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b0:df:15:85:4b:82:1b:fc:7f:84:d5:26:78:1a:64:c9:0c:
0b:81:86:6b:94:15:97:f0:8d:6f:79:e8:6f:2e:40:90:22:01:
45:23:07:e1:bc:2b:5e:34:20:d8:da:8a:ab:fd:5d:85:44:02:
ec:46:32:a3:eb:a7:73:e5:3d:c5:62:81:6d:ca:90:44:05:cc:
0e:6e:b9:59:93:c7:66:ed:0b:95:ef:5f:d4:6d:a6:a4:23:07:
b9:c0:7d:90:3f:87:f5:b3:c5:da:63:89:c1:04:cb:85:fe:a3:
dd:1b:c9:1e:76:9f:0b:f3:48:d1:8f:8a:9b:25:94:18:0a:ee:
17:05:3d:dc:2e:56:88:d5:d6:00:2c:1f:23:96:65:1e:f8:9b:
7f:5f:46:74:e8:bd:2b:34:40:a3:91:85:f1:aa:71:f1:79:02:
29:25:e6:be:15:42:ef:b1:c4:56:9a:76:69:99:9b:13:2d:b1:
0e:ae:09:ec:9a:e0:f3:9a:6e:c5:c7:b9:bd:a9:c0:2d:11:57:
32:46:6b:6e:d7:70:d3:11:53:83:84:19:d7:a7:3c:c3:eb:2a:
3f:30:3b:42:d7:d2:46:d0:ec:a8:1d:44:df:76:1f:25:d4:84:
ec:8c:56:1b:24:85:dc:98:74:ec:3a:3b:92:d1:fd:74:69:e6:
58:f2:60:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWEvwhU9vmBWHq5ay0u63OuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzExMTAyNzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQxNDdhMDRkZTZmMTNiMzE3ZTE1MWM5Y2ViZGRjYWZmZTRmYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHqv7dY0r/9gloqHLHAWdef/XAxM
J8WR+5GnB4RQisBEgIlVyJHSez2pLv9/kuGgBTF3p1+sLe2LDLfnqDk+2H6SvMlN
pdlBL7W35pWT+gyrw8fo3oKBRR84xHe/N93pZHd6+KLghi2/naop3HIv/MQxPdAk
4w97mxqHI5qWVv48k4yJ4KPozWsvqfQL3okPW9/v2RfW/0lfoK6CXRgxpIFz4fXR
K42ajRD/8H8t1PamtK241W1oiOB5ZXEqaoxakxn73AmQMYMgcSLNag7cXZ6ME3Hz
HAWz0IM7Ap9XRYgJEHv5ujN+wyhIAEEzQK6uI4ct7dmXpP0kMc6BvWqjtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZBR6BN5vE7MX4VHJzr3cr/5PtmMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEveGtGSG9FM204VHN4ZmhVY25PdmR5dl9rLTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITsMA0G
CSqGSIb3DQEBCwUAA4IBAQB+sN8VhUuCG/x/hNUmeBpkyQwLgYZrlBWX8I1veehv
LkCQIgFFIwfhvCteNCDY2oqr/V2FRALsRjKj66dz5T3FYoFtypBEBcwObrlZk8dm
7QuV71/UbaakIwe5wH2QP4f1s8XaY4nBBMuF/qPdG8kedp8L80jRj4qbJZQYCu4X
BT3cLlaI1dYALB8jlmUe+Jt/X0Z06L0rNECjkYXxqnHxeQIpJea+FULvscRWmnZp
mZsTLbEOrgnsmuDzmm7Fx7m9qcAtEVcyRmtu13DTEVODhBnXpzzD6yo/MDtC19JG
0OyoHUTfdh8l1ITsjFYbJIXcmHTsOjuS0f10aeZY8mAK
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:34:29 2025 by rpki-client