Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/s-blAPfmpXKSumNA0S5vGg-tiz0.roa
File: s-blAPfmpXKSumNA0S5vGg-tiz0.roa (raw, json)
Hash identifier: y7m/VnLT0y6skRHD3CK66ARxV4d9XVomvstJHvTYiV4=
Subject key identifier: B3:E6:E5:00:F7:E6:A5:72:92:BA:63:40:D1:2E:6F:1A:0F:AD:8B:3D
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B20E53BBBB27616154EFAC576E7A11
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/s-blAPfmpXKSumNA0S5vGg-tiz0.roa
Signing time: Wed 01 Jan 2025 11:48:24 +0000
ROA not before: Wed 01 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 88.220.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0e:53:bb:bb:27:61:61:54:ef:ac:57:6e:7a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3e6e500f7e6a57292ba6340d12e6f1a0fad8b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d4:8d:d9:c4:f4:55:2c:d4:0e:06:93:89:a2:
0f:a6:3f:93:c5:71:aa:21:b9:e2:4b:8b:d6:3f:64:
d8:c4:a9:26:ca:7d:d5:c6:7c:85:92:da:f6:0a:ac:
cd:79:98:7b:43:38:80:95:4e:63:f5:1b:a4:08:83:
58:ef:75:6f:d5:cd:82:27:ed:96:0b:f7:d8:8b:fc:
ba:fb:7a:45:37:3f:f1:ac:c5:3b:93:52:a2:39:96:
42:e3:86:be:62:df:12:e5:8f:dd:9b:01:f3:5b:43:
98:7f:e6:20:d9:68:08:5c:07:9e:53:5f:17:5b:5e:
81:6a:f4:e8:21:69:f1:c2:01:46:2c:c8:f9:97:48:
ef:40:44:b1:b6:37:8d:25:03:09:7d:b5:68:84:2e:
9c:5b:a3:2b:f3:a6:86:f5:36:5a:fb:42:11:ca:b1:
84:4c:5b:fb:66:83:a1:12:46:6d:5d:67:86:22:dd:
f1:c1:44:2f:34:df:c3:2d:98:63:f8:28:f6:48:0d:
18:10:24:53:59:ac:7c:78:3d:47:17:8d:cd:af:74:
17:a6:50:78:0e:2d:00:67:1e:30:0b:23:17:f1:3a:
56:26:5c:00:a3:ae:fa:52:d3:50:dc:dd:ed:b2:6d:
1d:4c:ca:16:6c:34:8e:65:76:98:74:05:8d:83:59:
9c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E6:E5:00:F7:E6:A5:72:92:BA:63:40:D1:2E:6F:1A:0F:AD:8B:3D
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/s-blAPfmpXKSumNA0S5vGg-tiz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.193.0/24
Signature Algorithm: sha256WithRSAEncryption
53:16:3f:04:0c:8e:8d:fd:f9:4a:01:d2:5b:cf:44:5b:4b:f6:
0d:37:1e:fa:07:19:43:5e:e1:ed:bb:c2:3a:89:37:07:18:d2:
e7:2c:e9:23:a7:a4:87:51:f2:65:99:dc:3b:a2:bc:11:f3:40:
72:59:df:32:c7:b8:de:36:37:05:8c:1e:db:7c:68:1e:e5:9e:
82:61:1a:5c:1d:0d:a5:90:0d:af:15:49:d9:cb:17:d6:04:d7:
ee:43:f9:e5:74:4f:04:1a:e4:d0:94:6d:13:02:69:ae:09:27:
a1:2c:e9:18:0d:69:ae:d0:7e:52:cd:87:7a:57:8b:48:48:c2:
eb:7c:5b:d2:f8:3e:16:3a:f8:95:dc:9f:02:e2:f8:11:13:c2:
c4:d8:59:67:e8:0b:b1:81:dc:45:dc:be:3b:3c:6f:fa:87:13:
a8:95:0c:07:8f:d9:e0:bc:5e:ce:c0:5e:3c:20:f6:31:26:0e:
9c:8a:43:31:17:c3:0a:12:50:e1:5a:17:79:77:b1:9d:09:57:
19:6e:d6:ba:c1:cb:85:52:28:2e:8a:d7:4b:05:9e:e0:1b:83:
56:e9:9c:16:24:7e:c7:55:60:df:6e:b3:c8:fd:8e:d1:eb:5c:
7e:7f:8e:f5:8b:e3:89:49:27:b2:05:fa:ea:97:21:37:8d:a7:
72:05:7d:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsg5Tu7snYWFU76xXbnoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2U2ZTUwMGY3ZTZhNTcyOTJiYTYzNDBkMTJlNmYxYTBmYWQ4YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltSN2cT0VSzUDgaTiaIPpj+TxXGq
IbniS4vWP2TYxKkmyn3VxnyFktr2CqzNeZh7QziAlU5j9RukCINY73Vv1c2CJ+2W
C/fYi/y6+3pFNz/xrMU7k1KiOZZC44a+Yt8S5Y/dmwHzW0OYf+Yg2WgIXAeeU18X
W16BavToIWnxwgFGLMj5l0jvQESxtjeNJQMJfbVohC6cW6Mr86aG9TZa+0IRyrGE
TFv7ZoOhEkZtXWeGIt3xwUQvNN/DLZhj+Cj2SA0YECRTWax8eD1HF43Nr3QXplB4
Di0AZx4wCyMX8TpWJlwAo676UtNQ3N3tsm0dTMoWbDSOZXaYdAWNg1mcJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPm5QD35qVykrpjQNEubxoPrYs9MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvcy1ibEFQZm1wWEtTdW1OQTBTNXZHZy10aXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNzBMA0G
CSqGSIb3DQEBCwUAA4IBAQBTFj8EDI6N/flKAdJbz0RbS/YNNx76BxlDXuHtu8I6
iTcHGNLnLOkjp6SHUfJlmdw7orwR80ByWd8yx7jeNjcFjB7bfGge5Z6CYRpcHQ2l
kA2vFUnZyxfWBNfuQ/nldE8EGuTQlG0TAmmuCSehLOkYDWmu0H5SzYd6V4tISMLr
fFvS+D4WOviV3J8C4vgRE8LE2Fln6AuxgdxF3L47PG/6hxOolQwHj9ngvF7OwF48
IPYxJg6cikMxF8MKElDhWhd5d7GdCVcZbta6wcuFUiguitdLBZ7gG4NW6ZwWJH7H
VWDfbrPI/Y7R61x+f471i+OJSSeyBfrqlyE3jadyBX0z
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:35 2025 by rpki-client