Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/gHZKF4plaY6SfYzqa0GnKKh9S8w.roa
File: gHZKF4plaY6SfYzqa0GnKKh9S8w.roa (raw, json)
Hash identifier: k/NUIUdapNviwIIj1BmyXv/VcxYoV9+cMpj0NhVCTzs=
Subject key identifier: 80:76:4A:17:8A:65:69:8E:92:7D:8C:EA:6B:41:A7:28:A8:7D:4B:CC
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA85F5D6C34FC6FD68F0A66ECFE5A
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/gHZKF4plaY6SfYzqa0GnKKh9S8w.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204402
IP address blocks: 188.72.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a8:5f:5d:6c:34:fc:6f:d6:8f:0a:66:ec:fe:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80764a178a65698e927d8cea6b41a728a87d4bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e1:99:ca:dc:da:6c:70:f2:8b:d5:67:f8:78:
11:b5:e3:a0:46:84:35:71:46:a6:c1:61:28:59:f4:
b8:a8:d4:1a:8f:5c:92:83:e4:0b:24:74:51:ae:4f:
1b:b7:65:da:07:67:f6:8e:2c:9d:21:f5:65:b6:44:
12:d4:79:f4:91:47:f1:59:96:c7:58:a2:a4:3f:29:
98:bb:1c:89:09:89:78:4d:4d:c4:e0:08:0e:44:71:
4c:23:48:31:17:47:25:ee:d0:d2:25:b1:3c:0b:15:
e4:98:72:55:e8:cf:eb:09:94:3a:46:8a:9f:95:80:
ad:7a:7b:aa:ab:8d:4f:48:48:32:26:83:47:11:04:
f7:eb:62:44:d0:5a:69:84:a7:f3:7b:db:e2:3a:e4:
2d:2a:37:10:74:e7:22:69:a2:b0:cb:bd:7b:82:75:
9b:c5:e0:11:27:c0:de:40:2d:04:5b:d1:91:8b:61:
8c:27:c7:e4:bc:89:f0:34:a1:63:12:20:cf:cd:85:
49:c9:79:e3:2b:5a:7a:9d:6e:c6:9e:17:dd:67:ff:
09:67:c4:0c:de:a6:cf:36:d8:0c:e8:d0:88:15:30:
ec:4d:55:d0:6a:9c:2e:b5:77:7a:70:37:57:8f:3e:
39:0b:76:f4:6d:f4:1d:0e:5d:5f:30:91:08:e6:cc:
af:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:76:4A:17:8A:65:69:8E:92:7D:8C:EA:6B:41:A7:28:A8:7D:4B:CC
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/gHZKF4plaY6SfYzqa0GnKKh9S8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.94.0/24
Signature Algorithm: sha256WithRSAEncryption
87:de:34:6a:e2:fc:f9:cd:d0:da:de:83:8c:79:cc:6f:60:b2:
eb:05:79:e0:23:fe:5b:45:4c:0a:e2:47:d3:f3:26:88:77:04:
31:62:b7:45:d7:0e:1c:22:11:dd:50:d7:22:63:43:d1:3b:31:
1d:0f:4a:58:aa:fd:d4:7c:57:49:29:74:da:40:7d:19:da:2a:
df:b1:bb:bd:35:cb:a7:5f:df:33:73:2b:95:bd:0c:77:62:2b:
54:c5:dc:fc:83:ef:97:75:9d:9d:3b:71:1f:85:73:a9:98:10:
3f:da:80:44:0e:fc:4b:9f:a1:c0:bc:e0:e5:75:2f:25:79:46:
c2:20:26:d6:13:c9:a1:32:f5:9e:c7:c5:77:02:5b:93:e1:ac:
ea:c6:b5:29:d1:56:62:a5:17:af:d1:87:5c:f0:68:5f:92:b1:
48:70:89:75:31:94:4f:6c:de:d0:29:b2:53:05:c3:d9:93:ea:
76:69:61:9a:fa:57:7f:21:a0:26:08:8c:37:3b:2d:77:ec:16:
df:63:a1:3c:11:e5:bb:17:0f:7f:92:d9:74:97:c4:89:5d:d1:
ef:8f:2d:4a:3a:52:fa:5a:09:e5:a2:e3:87:90:20:1e:c5:16:
10:f7:ab:92:f8:57:40:6d:7a:03:65:15:32:f2:9b:0a:58:e3:
3a:73:4b:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qhfXWw0/G/Wjwpm7P5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDc2NGExNzhhNjU2OThlOTI3ZDhjZWE2YjQxYTcyOGE4N2Q0YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOGZytzabHDyi9Vn+HgRteOgRoQ1
cUamwWEoWfS4qNQaj1ySg+QLJHRRrk8bt2XaB2f2jiydIfVltkQS1Hn0kUfxWZbH
WKKkPymYuxyJCYl4TU3E4AgORHFMI0gxF0cl7tDSJbE8CxXkmHJV6M/rCZQ6Roqf
lYCtenuqq41PSEgyJoNHEQT362JE0FpphKfze9viOuQtKjcQdOciaaKwy717gnWb
xeARJ8DeQC0EW9GRi2GMJ8fkvInwNKFjEiDPzYVJyXnjK1p6nW7GnhfdZ/8JZ8QM
3qbPNtgM6NCIFTDsTVXQapwutXd6cDdXjz45C3b0bfQdDl1fMJEI5syveQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIB2SheKZWmOkn2M6mtBpyiofUvMMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvZ0haS0Y0cGxhWTZTZll6cWEwR25LS2g5Uzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEheMA0G
CSqGSIb3DQEBCwUAA4IBAQCH3jRq4vz5zdDa3oOMecxvYLLrBXngI/5bRUwK4kfT
8yaIdwQxYrdF1w4cIhHdUNciY0PROzEdD0pYqv3UfFdJKXTaQH0Z2irfsbu9Ncun
X98zcyuVvQx3YitUxdz8g++XdZ2dO3EfhXOpmBA/2oBEDvxLn6HAvODldS8leUbC
ICbWE8mhMvWex8V3AluT4azqxrUp0VZipRev0Ydc8GhfkrFIcIl1MZRPbN7QKbJT
BcPZk+p2aWGa+ld/IaAmCIw3Oy137BbfY6E8EeW7Fw9/ktl0l8SJXdHvjy1KOlL6
WgnlouOHkCAexRYQ96uS+FdAbXoDZRUy8psKWOM6c0vj
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:50:58 2025 by rpki-client