Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ik0XdJbbz2umhNSDJVJFErOjRtI.roa
File: ik0XdJbbz2umhNSDJVJFErOjRtI.roa (raw, json)
Hash identifier: tsvHoTIsSOY+RMqc0stJ5qMx2UFkwPnCZmtEYhXArco=
Subject key identifier: 8A:4D:17:74:96:DB:CF:6B:A6:84:D4:83:25:52:45:12:B3:A3:46:D2
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B22A985F2620062183CC92983FFBD4
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ik0XdJbbz2umhNSDJVJFErOjRtI.roa
Signing time: Wed 01 Jan 2025 11:48:31 +0000
ROA not before: Wed 01 Jan 2025 11:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199823
IP address blocks: 88.220.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2a:98:5f:26:20:06:21:83:cc:92:98:3f:fb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a4d177496dbcf6ba684d48325524512b3a346d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:40:2a:23:3e:d7:c8:b1:ae:53:7b:e0:fd:92:
89:ff:dc:0f:b5:c7:34:ae:08:c5:fe:4c:e3:49:92:
c1:9f:76:e3:46:be:5e:7f:8a:54:86:4d:34:74:8c:
2e:bf:e8:4a:99:5f:d2:61:f4:3e:40:08:8f:32:e5:
09:ef:c6:58:b4:90:e4:be:fc:b5:fd:01:b1:f9:2f:
86:7e:31:7c:e7:f2:87:aa:f1:46:4b:b2:21:d8:a1:
02:84:74:0f:a7:3a:73:d2:ca:d8:cd:35:ff:d0:03:
0d:55:16:a9:c4:5e:99:d9:5c:15:65:54:10:a2:22:
75:e6:60:da:03:90:50:9e:01:2e:e6:bf:e6:1e:0c:
03:a0:36:c0:44:45:5d:97:86:b2:22:5e:50:36:2e:
65:98:dc:43:5b:6a:32:c4:c3:7a:d3:8e:af:15:7f:
83:d0:c7:2b:d5:9a:11:ea:4d:c3:ca:35:ed:6d:5b:
db:cc:a7:97:d3:10:f6:5d:f3:10:0d:0f:53:5e:95:
b8:be:b3:67:4d:0a:f0:9e:19:38:6d:4a:c0:ac:e8:
43:9e:cf:95:21:22:68:3d:17:59:99:3f:5a:49:0f:
8b:79:2c:ac:fa:96:32:aa:c9:24:9c:cc:fb:93:ae:
c7:f5:3a:48:4f:0a:08:5c:68:3c:7b:e3:aa:4c:3f:
63:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4D:17:74:96:DB:CF:6B:A6:84:D4:83:25:52:45:12:B3:A3:46:D2
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ik0XdJbbz2umhNSDJVJFErOjRtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.72.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:ed:96:1a:7e:9a:0b:00:90:aa:09:d9:27:54:06:c1:ee:48:
eb:1d:23:65:2d:ea:12:35:71:85:c3:b1:52:cf:ce:ea:02:6c:
61:da:39:9e:39:48:eb:af:b2:49:bf:3b:b2:c6:92:d5:b8:bb:
f0:1b:ad:0b:9f:2e:12:42:36:00:fa:f0:3c:bf:6f:b0:df:76:
42:71:e3:1f:7b:d9:45:be:76:6a:7d:96:08:87:66:e8:59:e8:
f3:a2:df:25:f2:ae:61:f0:ee:c2:89:42:06:c2:a5:f4:69:99:
54:92:fb:ae:7a:e6:d6:6e:2c:75:7a:24:37:19:58:80:8e:2f:
f2:c6:4e:12:43:cf:f8:07:54:15:55:d3:56:56:ee:56:3e:97:
79:63:fb:85:d7:53:c2:38:5f:0f:cf:58:f3:36:11:2c:98:e4:
b5:92:bf:bd:f3:b0:04:9f:0c:7b:b4:96:8b:1e:2d:fb:43:51:
62:9a:59:4d:c1:1f:c4:1a:68:10:d9:af:8d:1b:a1:67:f3:45:
ec:ca:87:da:25:21:5b:ef:a3:eb:24:fa:dc:fd:b0:9a:ed:81:
47:be:85:1f:61:62:ed:b0:a0:6d:fb:39:24:82:ed:1f:6f:b9:
6b:d2:2f:dc:b2:ec:cf:ea:dd:c3:f9:16:41:27:16:aa:e6:2c:
1f:97:fc:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsiqYXyYgBiGDzJKYP/vUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRkMTc3NDk2ZGJjZjZiYTY4NGQ0ODMyNTUyNDUxMmIzYTM0NmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkAqIz7XyLGuU3vg/ZKJ/9wPtcc0
rgjF/kzjSZLBn3bjRr5ef4pUhk00dIwuv+hKmV/SYfQ+QAiPMuUJ78ZYtJDkvvy1
/QGx+S+GfjF85/KHqvFGS7Ih2KEChHQPpzpz0srYzTX/0AMNVRapxF6Z2VwVZVQQ
oiJ15mDaA5BQngEu5r/mHgwDoDbAREVdl4ayIl5QNi5lmNxDW2oyxMN6046vFX+D
0Mcr1ZoR6k3DyjXtbVvbzKeX0xD2XfMQDQ9TXpW4vrNnTQrwnhk4bUrArOhDns+V
ISJoPRdZmT9aSQ+LeSys+pYyqskknMz7k67H9TpITwoIXGg8e+OqTD9j5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpNF3SW289rpoTUgyVSRRKzo0bSMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvaWswWGRKYmJ6MnVtaE5TREpWSkZFck9qUnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNxIMA0G
CSqGSIb3DQEBCwUAA4IBAQCe7ZYafpoLAJCqCdknVAbB7kjrHSNlLeoSNXGFw7FS
z87qAmxh2jmeOUjrr7JJvzuyxpLVuLvwG60Lny4SQjYA+vA8v2+w33ZCceMfe9lF
vnZqfZYIh2boWejzot8l8q5h8O7CiUIGwqX0aZlUkvuueubWbix1eiQ3GViAji/y
xk4SQ8/4B1QVVdNWVu5WPpd5Y/uF11PCOF8Pz1jzNhEsmOS1kr+987AEnwx7tJaL
Hi37Q1FimllNwR/EGmgQ2a+NG6Fn80XsyofaJSFb76PrJPrc/bCa7YFHvoUfYWLt
sKBt+zkkgu0fb7lr0i/csuzP6t3D+RZBJxaq5iwfl/zY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:17 2025 by rpki-client