Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/H2Pa3KiMbXsQ2qL2572uTRqcPxA.roa
File: H2Pa3KiMbXsQ2qL2572uTRqcPxA.roa (raw, json)
Hash identifier: 5C/szhRI6zL2e9+CrVY/GPHpR93dOp3IFdFs1j3xSIY=
Subject key identifier: 1F:63:DA:DC:A8:8C:6D:7B:10:DA:A2:F6:E7:BD:AE:4D:1A:9C:3F:10
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC85B455DAB6AD0FD2B3913B9A9315
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/H2Pa3KiMbXsQ2qL2572uTRqcPxA.roa
Signing time: Thu 02 Jan 2025 07:48:13 +0000
ROA not before: Thu 02 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215679
IP address blocks: 188.214.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:85:b4:55:da:b6:ad:0f:d2:b3:91:3b:9a:93:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f63dadca88c6d7b10daa2f6e7bdae4d1a9c3f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4b:90:a2:3d:c7:e1:3d:61:e8:cc:12:0b:36:
9c:8e:13:3d:d3:c8:9d:ef:2a:be:34:c9:6b:ce:c7:
e7:1d:ac:6d:b8:63:6f:2c:42:86:ad:74:08:aa:df:
33:b0:0c:96:eb:59:81:92:99:db:75:99:49:7c:46:
20:ed:ae:60:30:c6:e2:c5:f1:8d:f4:41:7e:de:5f:
c0:12:69:33:e5:d6:e6:4d:c0:a2:8a:21:4a:c0:57:
99:da:f1:22:51:88:42:5b:21:c2:8a:7a:13:0f:eb:
27:ab:cd:5f:57:86:a3:3f:50:97:0f:30:06:e4:1f:
3b:66:9e:14:6d:51:20:77:61:ea:45:b7:b8:b9:11:
a7:af:f2:1f:6d:a1:21:b8:d1:88:92:7f:61:47:49:
67:a8:c0:c1:31:68:47:fa:d5:a4:ba:cd:0e:0e:7c:
32:30:43:1e:f1:ca:87:df:61:2f:be:d0:61:7c:0c:
56:97:76:43:28:bb:ed:0c:f6:0d:11:3b:b5:c0:e5:
19:ed:01:79:3f:b3:10:06:12:c8:9d:82:fb:f5:62:
04:ca:5c:3a:af:ba:b2:56:2e:00:40:7d:a8:d9:0c:
bb:c8:5c:68:e0:a1:5f:65:72:48:d7:a2:68:1a:0b:
64:45:48:61:b6:0e:51:6e:ca:ca:b7:19:b0:b1:f0:
60:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:63:DA:DC:A8:8C:6D:7B:10:DA:A2:F6:E7:BD:AE:4D:1A:9C:3F:10
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/H2Pa3KiMbXsQ2qL2572uTRqcPxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.236.0/22
Signature Algorithm: sha256WithRSAEncryption
03:c4:0f:7c:de:1a:44:dd:c4:4b:47:e8:3e:b3:84:df:bb:da:
53:17:83:c9:4f:09:e8:07:ab:30:61:58:7c:24:78:62:c6:19:
9b:89:c1:04:94:de:12:8d:ae:6a:9b:c2:78:7b:3e:18:6f:5f:
9d:d7:9e:fe:98:9f:4f:18:9a:8a:c1:5c:57:07:5c:23:51:02:
48:a4:bf:49:04:ef:ef:25:da:bf:05:47:fc:3e:5f:a6:70:3b:
1c:fe:5f:16:87:85:93:3e:17:49:f9:0a:96:60:5c:0a:8f:80:
ee:8e:df:c1:c4:a5:47:d9:af:05:00:1f:20:6e:4a:c9:69:2e:
7f:c7:f8:f4:73:51:4d:bf:75:b1:48:f0:c0:ca:f0:36:cc:df:
df:cf:d1:b0:2e:0e:95:92:a2:2f:b5:e8:b5:fe:87:05:3c:81:
7c:95:a4:7d:04:9a:48:f5:6e:db:ed:11:af:90:73:0a:8c:47:
a6:1e:65:8c:ba:5e:b6:a0:5a:45:bf:ef:5f:fd:74:13:0d:3a:
79:db:a4:97:90:3d:e4:1a:73:bd:ca:f6:cc:b6:7f:98:9e:78:
58:c6:82:cf:1e:26:0c:70:4c:0c:99:05:b6:45:76:fd:10:ae:
f4:fa:01:50:cf:1d:44:72:ed:d0:45:2e:8a:f9:d5:ac:3e:9a:
87:4e:e6:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/IW0Vdq2rQ/Ss5E7mpMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjYzZGFkY2E4OGM2ZDdiMTBkYWEyZjZlN2JkYWU0ZDFhOWMzZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kuQoj3H4T1h6MwSCzacjhM908id
7yq+NMlrzsfnHaxtuGNvLEKGrXQIqt8zsAyW61mBkpnbdZlJfEYg7a5gMMbixfGN
9EF+3l/AEmkz5dbmTcCiiiFKwFeZ2vEiUYhCWyHCinoTD+snq81fV4ajP1CXDzAG
5B87Zp4UbVEgd2HqRbe4uRGnr/IfbaEhuNGIkn9hR0lnqMDBMWhH+tWkus0ODnwy
MEMe8cqH32EvvtBhfAxWl3ZDKLvtDPYNETu1wOUZ7QF5P7MQBhLInYL79WIEylw6
r7qyVi4AQH2o2Qy7yFxo4KFfZXJI16JoGgtkRUhhtg5RbsrKtxmwsfBgfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9j2tyojG17ENqi9ue9rk0anD8QMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSDJQYTNLaU1iWHNRMnFMMjU3MnVUUnFjUHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNbsMA0G
CSqGSIb3DQEBCwUAA4IBAQADxA983hpE3cRLR+g+s4Tfu9pTF4PJTwnoB6swYVh8
JHhixhmbicEElN4Sja5qm8J4ez4Yb1+d157+mJ9PGJqKwVxXB1wjUQJIpL9JBO/v
Jdq/BUf8Pl+mcDsc/l8Wh4WTPhdJ+QqWYFwKj4Dujt/BxKVH2a8FAB8gbkrJaS5/
x/j0c1FNv3WxSPDAyvA2zN/fz9GwLg6VkqIvtei1/ocFPIF8laR9BJpI9W7b7RGv
kHMKjEemHmWMul62oFpFv+9f/XQTDTp526SXkD3kGnO9yvbMtn+YnnhYxoLPHiYM
cEwMmQW2RXb9EK70+gFQzx1Ecu3QRS6K+dWsPpqHTuYm
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:53:07 2025 by rpki-client