Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/hYkSlsQDSkVkDMrd09rm9SGE9mQ.roa
File: hYkSlsQDSkVkDMrd09rm9SGE9mQ.roa (raw, json)
Hash identifier: QqO3hIgd6VN7bpxOLgIEI0w+ZpgTN+ZB6nHZPT9n+Qg=
Subject key identifier: 85:89:12:96:C4:03:4A:45:64:0C:CA:DD:D3:DA:E6:F5:21:84:F6:64
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B238C9AF858EA34F9A5D577AD30EA5
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/hYkSlsQDSkVkDMrd09rm9SGE9mQ.roa
Signing time: Wed 01 Jan 2025 11:48:35 +0000
ROA not before: Wed 01 Jan 2025 11:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210587
IP address blocks: 88.220.138.0/24 maxlen: 24
2a00:4120:8005::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:38:c9:af:85:8e:a3:4f:9a:5d:57:7a:d3:0e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85891296c4034a45640ccaddd3dae6f52184f664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:91:6e:e0:72:9e:fd:0e:ef:79:50:af:82:
aa:ab:ca:a6:71:9e:19:35:2d:21:6a:77:30:22:33:
be:a9:c8:ab:a8:8f:06:74:01:30:5f:23:f1:3f:34:
a1:2c:8d:e4:6c:25:83:5d:1e:fb:cd:9e:a0:05:8f:
f2:23:8c:b3:a3:48:ed:fa:8a:7d:15:04:25:d5:ce:
84:99:3c:32:a9:06:7c:59:90:a3:5b:e1:09:84:39:
c7:b7:af:33:fb:49:e9:a7:88:b3:dd:66:70:df:4a:
9f:69:55:cc:d9:1b:4c:03:f5:9d:31:43:56:a8:a3:
ae:8b:21:0c:5d:83:53:69:7a:79:7b:8e:5b:b3:6c:
bb:77:77:d4:60:b4:06:f7:28:df:08:01:a4:a1:3b:
2c:11:5d:c7:cf:f4:d1:24:a0:3e:32:e4:04:24:b9:
3c:83:77:42:3a:02:81:32:e8:e8:72:54:6b:8a:71:
4a:e6:f3:6a:e0:2f:64:e5:0b:29:59:8e:97:55:40:
2a:59:c8:3f:59:fb:96:30:48:3c:d6:98:32:80:62:
85:7a:79:2a:40:c2:f8:dc:2b:06:96:e3:76:a4:63:
64:27:33:6d:4b:8b:93:07:44:91:cb:17:64:c2:fb:
89:84:a4:ba:f4:a2:2a:3c:9c:e9:dd:1d:42:cd:34:
a0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:89:12:96:C4:03:4A:45:64:0C:CA:DD:D3:DA:E6:F5:21:84:F6:64
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/hYkSlsQDSkVkDMrd09rm9SGE9mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.138.0/24
IPv6:
2a00:4120:8005::/48
Signature Algorithm: sha256WithRSAEncryption
49:54:f3:62:f7:99:77:eb:a8:5e:e2:0a:c0:97:77:af:5d:f4:
df:61:72:01:b8:17:16:a7:6f:7a:99:ac:29:1b:d6:8f:d5:a6:
e9:bb:b9:0c:99:d4:eb:67:78:41:54:2b:17:12:b4:b3:e5:18:
b8:e3:57:40:66:5d:56:3a:77:fc:a5:44:75:fd:93:13:93:e8:
3c:65:e0:92:19:42:b4:f0:18:0b:2b:eb:ff:23:00:83:94:7d:
ac:de:c5:06:8b:26:09:06:9e:01:20:e0:e6:7a:96:9f:68:53:
b1:83:0f:61:eb:a8:1d:4d:3b:59:ca:7b:dd:50:9a:22:7c:22:
f1:b2:9b:62:b0:4a:d2:57:7d:14:30:c2:4b:35:b8:0c:1a:19:
96:2c:f8:f1:d4:c3:cb:7d:c2:34:2f:0c:ad:10:e2:01:1b:34:
04:f6:5c:ae:d1:57:d0:cf:b5:6e:bc:05:b5:3d:49:62:b7:05:
5c:21:d5:88:af:ef:02:dc:02:37:38:62:17:88:55:60:1f:33:
47:83:d5:ac:c4:15:fb:c6:63:1a:f3:96:f3:a3:23:65:32:a1:
45:04:f7:75:92:49:84:bc:8b:c6:b4:ab:84:4a:20:bb:5f:86:
9a:45:71:99:f0:74:47:94:4c:4b:8f:6a:be:8d:b4:5e:f3:43:
89:1b:1f:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhsjjJr4WOo0+aXVd60w6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTg5MTI5NmM0MDM0YTQ1NjQwY2NhZGRkM2RhZTZmNTIxODRmNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa+RbuBynv0O73lQr4Kqq8qmcZ4Z
NS0hancwIjO+qcirqI8GdAEwXyPxPzShLI3kbCWDXR77zZ6gBY/yI4yzo0jt+op9
FQQl1c6EmTwyqQZ8WZCjW+EJhDnHt68z+0npp4iz3WZw30qfaVXM2RtMA/WdMUNW
qKOuiyEMXYNTaXp5e45bs2y7d3fUYLQG9yjfCAGkoTssEV3Hz/TRJKA+MuQEJLk8
g3dCOgKBMujoclRrinFK5vNq4C9k5QspWY6XVUAqWcg/WfuWMEg81pgygGKFenkq
QML43CsGluN2pGNkJzNtS4uTB0SRyxdkwvuJhKS69KIqPJzp3R1CzTSgjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIWJEpbEA0pFZAzK3dPa5vUhhPZkMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvaFlrU2xzUURTa1ZrRE1yZDA5cm05U0dFOW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNyKMA8E
AgACMAkDBwAqAEEggAUwDQYJKoZIhvcNAQELBQADggEBAElU82L3mXfrqF7iCsCX
d69d9N9hcgG4Fxanb3qZrCkb1o/Vpum7uQyZ1OtneEFUKxcStLPlGLjjV0BmXVY6
d/ylRHX9kxOT6Dxl4JIZQrTwGAsr6/8jAIOUfazexQaLJgkGngEg4OZ6lp9oU7GD
D2HrqB1NO1nKe91QmiJ8IvGym2KwStJXfRQwwks1uAwaGZYs+PHUw8t9wjQvDK0Q
4gEbNAT2XK7RV9DPtW68BbU9SWK3BVwh1Yiv7wLcAjc4YheIVWAfM0eD1azEFfvG
YxrzlvOjI2UyoUUE93WSSYS8i8a0q4RKILtfhppFcZnwdEeUTEuPar6NtF7zQ4kb
H5Q=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:17 2025 by rpki-client