Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/puM6zDTCACkm8XM63GmrJCmb9w4.roa
File: puM6zDTCACkm8XM63GmrJCmb9w4.roa (raw, json)
Hash identifier: /wWLN32nFvo5E1f9qQj5og/sDQq7KYw38OVpA8GGi58=
Subject key identifier: A6:E3:3A:CC:34:C2:00:29:26:F1:73:3A:DC:69:AB:24:29:9B:F7:0E
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0195B37EDA5B04DFFD7A042ABD3EBAAAF132
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/puM6zDTCACkm8XM63GmrJCmb9w4.roa
Signing time: Thu 20 Mar 2025 12:19:49 +0000
ROA not before: Thu 20 Mar 2025 12:19:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216180
IP address blocks: 192.250.232.0/24 maxlen: 24
192.250.233.0/24 maxlen: 24
198.38.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:7e:da:5b:04:df:fd:7a:04:2a:bd:3e:ba:aa:f1:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Mar 20 12:19:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6e33acc34c2002926f1733adc69ab24299bf70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:40:ca:4e:1a:14:c1:7f:a4:c9:9d:84:c8:aa:
97:6b:c2:d4:22:ee:1e:c5:46:07:43:60:ca:a0:d0:
0e:c2:5d:2d:70:0b:47:79:4e:3e:17:da:4c:ca:67:
54:43:f6:d2:4a:dc:23:df:13:6f:a2:ff:8d:23:78:
af:f8:6d:3e:1c:84:2c:85:2f:85:8e:60:d8:e3:94:
59:03:5a:df:86:2a:22:dd:b5:06:01:7e:25:56:8c:
3b:19:c3:cc:09:7b:65:4b:ca:30:78:f3:4f:ab:5c:
dd:eb:2d:1b:12:89:aa:fc:72:0c:34:d1:86:6f:09:
83:27:96:e7:44:c4:f4:d8:20:02:08:39:5d:77:ef:
64:c6:1d:1d:65:f5:b0:8f:ff:3d:a2:1e:4e:8b:52:
ec:7c:af:80:93:2e:79:7c:4d:cf:eb:5b:97:7c:89:
db:28:88:20:cf:84:57:69:95:97:d6:a1:f6:99:a8:
d1:76:85:37:0f:2d:a4:3e:7f:18:f9:a1:94:d7:74:
61:d1:ed:d5:bd:e3:e6:c6:80:89:cb:22:cd:7a:16:
a4:c9:1d:61:4f:65:a2:41:9e:e2:a8:d2:9c:f5:8b:
b4:03:4d:31:01:b1:1a:14:77:bb:3b:1c:cf:6d:d9:
5e:15:e5:09:0e:58:f8:6a:43:cb:e5:d9:a7:79:9d:
87:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E3:3A:CC:34:C2:00:29:26:F1:73:3A:DC:69:AB:24:29:9B:F7:0E
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/puM6zDTCACkm8XM63GmrJCmb9w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.250.232.0/23
198.38.93.0/24
Signature Algorithm: sha256WithRSAEncryption
57:09:80:a2:55:e2:09:cf:45:76:c0:d3:35:d2:01:79:54:ff:
af:9c:c9:77:e5:f4:10:f1:9c:33:48:bd:e7:37:a3:16:01:bb:
d6:10:62:46:71:69:14:37:93:39:f9:17:96:7a:19:e2:c7:a4:
82:8e:d7:d7:f6:12:c4:f8:d8:97:13:34:e1:49:16:7f:35:27:
4f:8d:c0:2e:5e:a4:98:5f:42:a0:43:f0:75:9f:d3:e5:d8:a4:
c6:6e:c5:99:76:3e:a5:50:5d:f4:e0:f0:00:d7:92:4c:2d:95:
c0:8c:97:82:f9:2d:19:9d:96:e0:7e:b1:92:66:8d:d0:0b:ae:
27:06:2a:ac:08:b2:99:a2:74:1a:6e:7c:ca:f7:17:2d:39:43:
aa:ae:b7:db:42:ac:5b:d3:f8:8f:55:6d:88:a8:e4:42:f5:2c:
0c:21:ad:bc:0f:16:d6:2b:db:d0:6f:f0:86:3c:d0:63:e2:96:
1a:12:e5:28:fd:cd:f0:86:d5:75:65:ad:c3:ca:af:0b:47:b3:
e3:d1:ce:c6:2d:c1:5c:c5:78:7b:08:00:d3:3c:fc:42:5c:88:
80:9c:ec:76:4a:f4:4b:cc:a9:62:28:65:15:63:83:51:90:be:
a5:e5:bd:da:22:47:6e:36:24:ab:51:8c:7e:3f:4d:f1:12:08:
5e:20:a9:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWzftpbBN/9egQqvT66qvEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMzIwMTIxOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmUzM2FjYzM0YzIwMDI5MjZmMTczM2FkYzY5YWIyNDI5OWJmNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kDKThoUwX+kyZ2EyKqXa8LUIu4e
xUYHQ2DKoNAOwl0tcAtHeU4+F9pMymdUQ/bSStwj3xNvov+NI3iv+G0+HIQshS+F
jmDY45RZA1rfhioi3bUGAX4lVow7GcPMCXtlS8owePNPq1zd6y0bEomq/HIMNNGG
bwmDJ5bnRMT02CACCDldd+9kxh0dZfWwj/89oh5Oi1LsfK+Aky55fE3P61uXfInb
KIggz4RXaZWX1qH2majRdoU3Dy2kPn8Y+aGU13Rh0e3VvePmxoCJyyLNehakyR1h
T2WiQZ7iqNKc9Yu0A00xAbEaFHe7OxzPbdleFeUJDlj4akPL5dmneZ2HTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKbjOsw0wgApJvFzOtxpqyQpm/cOMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvcHVNNnpEVENBQ2ttOFhNNjNHbXJKQ21iOXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwProAwQA
xiZdMA0GCSqGSIb3DQEBCwUAA4IBAQBXCYCiVeIJz0V2wNM10gF5VP+vnMl35fQQ
8ZwzSL3nN6MWAbvWEGJGcWkUN5M5+ReWehnix6SCjtfX9hLE+NiXEzThSRZ/NSdP
jcAuXqSYX0KgQ/B1n9Pl2KTGbsWZdj6lUF304PAA15JMLZXAjJeC+S0ZnZbgfrGS
Zo3QC64nBiqsCLKZonQabnzK9xctOUOqrrfbQqxb0/iPVW2IqORC9SwMIa28DxbW
K9vQb/CGPNBj4pYaEuUo/c3whtV1Za3Dyq8LR7Pj0c7GLcFcxXh7CADTPPxCXIiA
nOx2SvRLzKliKGUVY4NRkL6l5b3aIkduNiSrUYx+P03xEgheIKlY
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:34:45 2025 by rpki-client