Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/5D2Qy2I4ndorXEQQTT6R9jlvZUQ.roa
File: 5D2Qy2I4ndorXEQQTT6R9jlvZUQ.roa (raw, json)
Hash identifier: j5fkv2LNAb509wX3PMLscHeoAfXldeqM0H5DoCgWtKE=
Subject key identifier: E4:3D:90:CB:62:38:9D:DA:2B:5C:44:10:4D:3E:91:F6:39:6F:65:44
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B22A128EB168A0553C9E76BFD6940A
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/5D2Qy2I4ndorXEQQTT6R9jlvZUQ.roa
Signing time: Wed 01 Jan 2025 11:48:31 +0000
ROA not before: Wed 01 Jan 2025 11:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199694
IP address blocks: 88.220.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2a:12:8e:b1:68:a0:55:3c:9e:76:bf:d6:94:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e43d90cb62389dda2b5c44104d3e91f6396f6544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:31:f1:39:16:2c:84:c3:ca:23:48:da:b7:46:
ae:1c:78:f6:53:2b:33:bd:a0:ea:ab:6f:48:78:1a:
8f:65:93:1d:0f:de:b4:84:6e:5e:7d:a3:1a:b6:2e:
52:6d:fd:df:6a:fe:6c:d0:ec:ff:34:87:68:dc:72:
57:2a:94:19:bc:58:14:3c:43:c3:ce:79:91:83:25:
f8:e8:3e:a8:7a:98:d4:c9:69:23:ff:6c:5f:3e:fc:
21:08:e5:b2:a5:39:d2:41:e4:f7:37:9c:97:c3:f7:
26:da:99:26:80:99:fc:c8:c5:34:25:b5:ff:e3:c2:
c7:b3:c5:2c:b8:51:5c:5c:65:83:c1:cd:94:c2:7a:
15:da:ab:41:52:0c:70:36:ae:3d:86:a8:89:5d:52:
7a:be:f5:3a:f0:5b:de:da:fe:75:8c:e5:32:b7:8c:
9f:55:6a:18:b0:52:f2:a4:9b:2f:e5:5e:63:d3:c4:
18:3d:a4:6e:82:48:9c:70:50:11:27:39:4e:d1:38:
10:8d:66:1d:ab:74:64:fa:53:a9:5a:87:63:e2:53:
26:41:5b:9d:90:27:e2:e9:08:fc:02:1f:c3:6b:77:
6d:38:aa:d9:8e:95:07:49:5a:07:9e:59:bb:15:59:
ab:b2:f9:ea:17:a3:5b:66:90:16:1a:68:51:f5:19:
9f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3D:90:CB:62:38:9D:DA:2B:5C:44:10:4D:3E:91:F6:39:6F:65:44
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/5D2Qy2I4ndorXEQQTT6R9jlvZUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.71.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:06:48:39:25:85:4f:1d:e3:c1:ad:36:57:49:00:e9:5b:56:
26:a7:ec:b8:cc:81:d7:ac:4d:2e:9d:13:7a:eb:30:ec:df:32:
df:ab:4e:a3:be:fd:51:b9:69:58:1e:29:96:92:e9:66:2f:c2:
6e:2b:54:18:e0:0e:ba:14:dc:a7:2b:19:25:b1:3f:ab:3f:7d:
3f:c5:cf:e9:bf:6e:16:7a:e5:45:1a:36:6d:6f:fe:24:2d:b3:
a2:7e:65:ff:11:87:f3:d2:32:5f:5e:4a:ae:e0:2c:d3:6d:f5:
88:d5:75:e0:84:6c:f7:8c:70:66:09:e7:e4:6b:e4:8e:ba:55:
24:6d:df:83:96:24:d6:c9:76:9b:3e:7e:b6:d2:98:f5:46:ea:
c8:78:34:62:c7:fc:0f:78:27:f5:4c:a9:50:20:89:02:a3:bf:
01:82:fe:c6:df:c1:2c:10:2f:63:38:dc:ad:1d:7a:e1:84:0c:
61:ab:9e:e0:d0:bc:a7:7e:04:60:83:22:5b:c3:8e:ac:17:9b:
7f:cb:49:f6:21:ef:22:7f:03:60:27:f4:cf:ad:82:a5:8e:cc:
5a:5c:c7:d7:c3:38:5b:f5:24:ed:0e:8b:c5:94:3e:48:13:48:
53:7e:9d:f3:b0:de:77:e0:02:be:30:b6:f2:0f:9c:dd:9b:3f:
0b:2f:2c:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsioSjrFooFU8nna/1pQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDNkOTBjYjYyMzg5ZGRhMmI1YzQ0MTA0ZDNlOTFmNjM5NmY2NTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljHxORYshMPKI0jat0auHHj2Uysz
vaDqq29IeBqPZZMdD960hG5efaMati5Sbf3fav5s0Oz/NIdo3HJXKpQZvFgUPEPD
znmRgyX46D6oepjUyWkj/2xfPvwhCOWypTnSQeT3N5yXw/cm2pkmgJn8yMU0JbX/
48LHs8UsuFFcXGWDwc2UwnoV2qtBUgxwNq49hqiJXVJ6vvU68Fve2v51jOUyt4yf
VWoYsFLypJsv5V5j08QYPaRugkiccFARJzlO0TgQjWYdq3Rk+lOpWodj4lMmQVud
kCfi6Qj8Ah/Da3dtOKrZjpUHSVoHnlm7FVmrsvnqF6NbZpAWGmhR9RmfbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQ9kMtiOJ3aK1xEEE0+kfY5b2VEMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvNUQyUXkySTRuZG9yWEVRUVRUNlI5amx2WlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNxHMA0G
CSqGSIb3DQEBCwUAA4IBAQCLBkg5JYVPHePBrTZXSQDpW1Ymp+y4zIHXrE0unRN6
6zDs3zLfq06jvv1RuWlYHimWkulmL8JuK1QY4A66FNynKxklsT+rP30/xc/pv24W
euVFGjZtb/4kLbOifmX/EYfz0jJfXkqu4CzTbfWI1XXghGz3jHBmCefka+SOulUk
bd+DliTWyXabPn620pj1RurIeDRix/wPeCf1TKlQIIkCo78Bgv7G38EsEC9jONyt
HXrhhAxhq57g0LynfgRggyJbw46sF5t/y0n2Ie8ifwNgJ/TPrYKljsxaXMfXwzhb
9STtDovFlD5IE0hTfp3zsN534AK+MLbyD5zdmz8LLyxc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:06 2025 by rpki-client