Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/RduvzpNub70rG4lZ0WixfDNFcK8.roa
File: RduvzpNub70rG4lZ0WixfDNFcK8.roa (raw, json)
Hash identifier: DDgFcKz+5swvFRG5oEfbNafTP82GJ+Q34bBGOPvJnQ4=
Subject key identifier: 45:DB:AF:CE:93:6E:6F:BD:2B:1B:89:59:D1:68:B1:7C:33:45:70:AF
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAAD7A40CADB0A0D3E23DF8AEC9AFA
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/RduvzpNub70rG4lZ0WixfDNFcK8.roa
Signing time: Wed 01 Jan 2025 03:48:29 +0000
ROA not before: Wed 01 Jan 2025 03:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208295
IP address blocks: 188.72.99.0/24 maxlen: 24
188.72.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ad:7a:40:ca:db:0a:0d:3e:23:df:8a:ec:9a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45dbafce936e6fbd2b1b8959d168b17c334570af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:05:5d:e6:5a:dd:2b:88:3d:32:69:89:70:a8:
ba:81:99:74:5d:a4:44:18:9b:d9:f6:42:89:4f:b9:
99:4a:23:68:5d:f5:98:cf:69:dd:03:09:8c:d1:88:
b4:5b:9d:62:6f:94:73:24:b8:04:a5:56:30:16:e1:
b3:32:b2:23:72:b0:60:d6:15:22:95:6e:4c:ef:ba:
92:b9:a3:a2:8c:ad:1d:99:46:19:2c:a0:2c:20:2a:
73:c7:8f:2c:af:d7:82:64:25:c5:ae:c3:29:da:53:
1f:4b:61:39:b0:f1:d1:b1:0f:4c:00:b2:ad:b6:7c:
40:46:0f:15:87:a7:d9:be:7f:41:32:15:41:ea:91:
20:20:be:8e:89:ca:c6:15:e5:d4:2f:fa:86:d7:1b:
dc:e0:fb:c3:d0:a1:b2:97:e0:eb:65:1c:fe:94:1f:
a0:f0:e5:78:e5:9b:12:5d:8b:c8:c4:d7:1b:a7:01:
dd:9b:47:2f:a4:7c:65:07:c1:ca:d0:34:a6:6e:f4:
ef:2f:f9:88:32:b9:d9:3b:63:2a:d7:01:97:49:ef:
e5:38:08:0e:50:df:c6:c5:88:e6:af:5a:78:f9:50:
9e:ed:02:45:81:79:31:62:2b:4f:de:2a:81:0b:45:
73:2f:ff:67:7f:bb:a9:39:a0:3f:81:a7:69:92:30:
c6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:DB:AF:CE:93:6E:6F:BD:2B:1B:89:59:D1:68:B1:7C:33:45:70:AF
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/RduvzpNub70rG4lZ0WixfDNFcK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.99.0-188.72.100.255
Signature Algorithm: sha256WithRSAEncryption
12:7f:aa:2e:1e:86:c4:f8:80:7a:2a:da:4a:36:b9:e9:63:bc:
63:cd:57:2a:b7:b9:3b:32:10:34:b2:2e:f0:b0:60:d1:e6:2c:
c4:b2:3d:24:c4:4d:27:2b:34:3a:de:4a:54:45:49:ac:c5:d8:
8e:ee:0c:94:d1:44:99:dc:0d:ec:45:af:ff:71:4f:3f:1f:fe:
15:36:c6:39:46:31:47:b6:b4:b2:4b:2a:4a:5d:1b:b0:20:96:
98:81:99:6c:15:6c:33:51:8e:ce:43:4e:a9:40:3a:18:fd:8c:
12:7a:f1:33:bd:27:3b:f2:c1:30:57:22:3c:e0:05:ed:43:5b:
b6:d6:a7:62:2f:50:2a:9a:48:28:df:47:ac:80:a7:5e:38:43:
40:29:06:aa:e4:f5:af:27:9e:52:f7:1b:b6:f5:02:7a:24:0f:
3f:4e:31:38:eb:9d:8d:46:ba:a7:5f:6e:35:12:e3:b7:de:1d:
e1:51:b5:c9:75:b7:38:79:3f:0d:63:19:3a:d1:fd:a8:61:9c:
a5:6c:07:27:0f:ea:d3:11:b6:57:01:f9:4c:6a:d0:f5:9b:ff:
6c:b7:94:dd:f7:8c:4b:f9:ed:43:c4:e6:71:85:fa:1b:ce:04:
b2:19:fe:95:e8:71:ab:73:59:ac:aa:78:a6:d7:a2:d8:be:f7:
dd:35:ff:2b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQf+q16QMrbCg0+I9+K7Jr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWRiYWZjZTkzNmU2ZmJkMmIxYjg5NTlkMTY4YjE3YzMzNDU3MGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAVd5lrdK4g9MmmJcKi6gZl0XaRE
GJvZ9kKJT7mZSiNoXfWYz2ndAwmM0Yi0W51ib5RzJLgEpVYwFuGzMrIjcrBg1hUi
lW5M77qSuaOijK0dmUYZLKAsICpzx48sr9eCZCXFrsMp2lMfS2E5sPHRsQ9MALKt
tnxARg8Vh6fZvn9BMhVB6pEgIL6OicrGFeXUL/qG1xvc4PvD0KGyl+DrZRz+lB+g
8OV45ZsSXYvIxNcbpwHdm0cvpHxlB8HK0DSmbvTvL/mIMrnZO2Mq1wGXSe/lOAgO
UN/GxYjmr1p4+VCe7QJFgXkxYitP3iqBC0VzL/9nf7upOaA/gadpkjDGYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEXbr86Tbm+9KxuJWdFosXwzRXCvMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvUmR1dnpwTnViNzByRzRsWjBXaXhmRE5GY0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC8SGMD
BAC8SGQwDQYJKoZIhvcNAQELBQADggEBABJ/qi4ehsT4gHoq2ko2ueljvGPNVyq3
uTsyEDSyLvCwYNHmLMSyPSTETScrNDreSlRFSazF2I7uDJTRRJncDexFr/9xTz8f
/hU2xjlGMUe2tLJLKkpdG7AglpiBmWwVbDNRjs5DTqlAOhj9jBJ68TO9JzvywTBX
IjzgBe1DW7bWp2IvUCqaSCjfR6yAp144Q0ApBqrk9a8nnlL3G7b1AnokDz9OMTjr
nY1GuqdfbjUS47feHeFRtcl1tzh5Pw1jGTrR/ahhnKVsBycP6tMRtlcB+Uxq0PWb
/2y3lN33jEv57UPE5nGF+hvOBLIZ/pXocatzWayqeKbXoti+9901/ys=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:29:45 2025 by rpki-client