Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/TOZ32S2cTtEqOAugUTe4Diokmjc.roa
File: TOZ32S2cTtEqOAugUTe4Diokmjc.roa (raw, json)
Hash identifier: ZfLvnSZb+3P/Lwkuj8mzNGrvWl0G71GHwv4eE3pKqaY=
Subject key identifier: 4C:E6:77:D9:2D:9C:4E:D1:2A:38:0B:A0:51:37:B8:0E:2A:24:9A:37
Certificate issuer: /CN=9944f812a0e002c38e84e47628bdba038598090b
Certificate serial: 019423D72FA8759E426DBE8A2234D3EC5135
Authority key identifier: 99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/TOZ32S2cTtEqOAugUTe4Diokmjc.roa
Signing time: Wed 01 Jan 2025 21:48:12 +0000
ROA not before: Wed 01 Jan 2025 21:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212652
IP address blocks: 88.213.208.0/23 maxlen: 23
88.213.208.0/24 maxlen: 24
88.213.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2f:a8:75:9e:42:6d:be:8a:22:34:d3:ec:51:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944f812a0e002c38e84e47628bdba038598090b
Validity
Not Before: Jan 1 21:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ce677d92d9c4ed12a380ba05137b80e2a249a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b6:44:d3:03:03:5b:1a:12:ae:18:19:36:e2:
47:bc:2d:48:d5:d1:61:32:17:3c:3c:91:97:bb:1b:
0d:f7:ef:ca:ff:9f:4f:74:b2:ec:15:5a:58:58:1f:
50:df:61:b7:41:ec:13:16:7d:eb:5e:87:d3:b7:ed:
b6:0f:4f:5a:2a:84:f8:94:8e:58:da:af:15:4e:70:
61:40:6e:75:ca:77:81:f9:cc:41:cf:f7:32:f9:3f:
1d:8e:6b:a9:a3:9f:f5:3b:cd:67:c1:05:4e:12:3b:
fe:4f:27:f8:1f:de:6f:2e:1b:f6:8d:46:8f:37:81:
f9:7d:1a:b0:04:fa:a9:c0:73:79:f0:1f:a8:fe:ff:
b9:cf:70:ac:9d:4d:07:ee:68:17:ef:51:9d:45:d4:
ea:8d:be:27:cf:6b:b2:72:5b:c3:f5:5e:aa:3f:74:
a2:4a:e3:8e:0c:fc:80:55:13:c5:9f:86:b4:46:77:
f0:47:8b:89:e7:9c:b9:76:a9:5d:9c:bc:b1:de:fc:
af:d3:81:8a:da:5e:eb:09:e4:87:c4:99:61:34:d9:
db:8a:e3:6d:87:08:28:10:9d:be:a9:9a:c0:4b:54:
6a:bf:09:53:dd:4e:88:86:03:df:7e:88:05:7b:6b:
9e:d2:6c:94:42:f1:18:b1:68:93:23:87:b4:90:3c:
cc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E6:77:D9:2D:9C:4E:D1:2A:38:0B:A0:51:37:B8:0E:2A:24:9A:37
X509v3 Authority Key Identifier:
keyid:99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/TOZ32S2cTtEqOAugUTe4Diokmjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.213.208.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:67:4f:a8:05:16:ce:38:6d:8f:21:10:71:7c:ba:50:fa:69:
0b:6c:d2:57:3c:99:fa:e0:2d:53:f8:ce:af:37:bb:77:ec:5d:
ea:61:fe:44:a9:13:80:8c:bb:39:16:27:10:ea:85:92:33:a2:
a0:39:ae:c5:f0:67:fd:29:b5:25:da:f9:aa:a0:58:2a:49:26:
da:a3:a9:fa:b0:96:7f:47:7a:16:52:a6:c4:70:e1:df:5a:43:
31:ff:84:d3:84:db:94:91:fe:05:02:bb:a0:6c:cb:04:33:2d:
ac:94:81:87:12:38:27:88:10:f7:39:7e:90:f5:38:0c:00:80:
6d:6c:92:4e:46:f0:77:e9:94:07:90:84:92:51:86:e0:58:ae:
b0:c4:f6:1d:a9:c2:d7:97:4e:74:e3:4c:c9:2f:f8:c3:59:59:
2b:0b:8a:87:18:35:ff:33:6d:93:cb:65:d5:77:e8:7b:e8:b9:
46:02:40:94:58:ba:91:dc:47:db:3a:1f:91:ce:3d:45:21:49:
ad:62:0f:c0:6a:f1:c3:83:32:7a:d4:15:85:38:87:e5:bf:5d:
92:17:6f:da:74:99:d6:28:11:45:23:e1:eb:27:fa:cf:2e:16:
77:66:5c:31:48:06:92:0a:b0:bc:b7:6a:b1:5b:59:3a:58:22:
71:a1:49:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1y+odZ5Cbb6KIjTT7FE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NDRmODEyYTBlMDAyYzM4ZTg0ZTQ3NjI4YmRiYTAzODU5
ODA5MGIwHhcNMjUwMTAxMjE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U2NzdkOTJkOWM0ZWQxMmEzODBiYTA1MTM3YjgwZTJhMjQ5YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurZE0wMDWxoSrhgZNuJHvC1I1dFh
Mhc8PJGXuxsN9+/K/59PdLLsFVpYWB9Q32G3QewTFn3rXofTt+22D09aKoT4lI5Y
2q8VTnBhQG51yneB+cxBz/cy+T8djmupo5/1O81nwQVOEjv+Tyf4H95vLhv2jUaP
N4H5fRqwBPqpwHN58B+o/v+5z3CsnU0H7mgX71GdRdTqjb4nz2uyclvD9V6qP3Si
SuOODPyAVRPFn4a0RnfwR4uJ55y5dqldnLyx3vyv04GK2l7rCeSHxJlhNNnbiuNt
hwgoEJ2+qZrAS1RqvwlT3U6IhgPffogFe2ue0myUQvEYsWiTI4e0kDzMOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzmd9ktnE7RKjgLoFE3uA4qJJo3MB8GA1UdIwQY
MBaAFJlE+BKg4ALDjoTkdii9ugOFmAkLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMt
MzA2YzU2NTEzNDNlLzEvVE9aMzJTMmNUdEVxT0F1Z1VUZTREaW9rbWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMtMzA2YzU2NTEzNDNl
LzEvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNXQMA0G
CSqGSIb3DQEBCwUAA4IBAQC3Z0+oBRbOOG2PIRBxfLpQ+mkLbNJXPJn64C1T+M6v
N7t37F3qYf5EqROAjLs5FicQ6oWSM6KgOa7F8Gf9KbUl2vmqoFgqSSbao6n6sJZ/
R3oWUqbEcOHfWkMx/4TThNuUkf4FArugbMsEMy2slIGHEjgniBD3OX6Q9TgMAIBt
bJJORvB36ZQHkISSUYbgWK6wxPYdqcLXl05040zJL/jDWVkrC4qHGDX/M22Ty2XV
d+h76LlGAkCUWLqR3EfbOh+Rzj1FIUmtYg/AavHDgzJ61BWFOIflv12SF2/adJnW
KBFFI+HrJ/rPLhZ3ZlwxSAaSCrC8t2qxW1k6WCJxoUnO
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:41 2025 by rpki-client