Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/ra3KqgTuCiwRC0PZJRve-Bdxvjg.roa
File: ra3KqgTuCiwRC0PZJRve-Bdxvjg.roa (raw, json)
Hash identifier: mcABOKGSXtu9A2WM6jvcZmDeS/Ld950DxdjwmVB9gHU=
Subject key identifier: AD:AD:CA:AA:04:EE:0A:2C:11:0B:43:D9:25:1B:DE:F8:17:71:BE:38
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01942826412F5D7568D2616368E7972A3C3C
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/ra3KqgTuCiwRC0PZJRve-Bdxvjg.roa
Signing time: Thu 02 Jan 2025 17:53:03 +0000
ROA not before: Thu 02 Jan 2025 17:53:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19437
IP address blocks: 212.52.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:41:2f:5d:75:68:d2:61:63:68:e7:97:2a:3c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 2 17:53:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adadcaaa04ee0a2c110b43d9251bdef81771be38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:5c:1d:d8:5e:a0:54:52:91:61:39:2f:25:03:
9d:89:d1:be:13:90:d2:0a:63:18:30:31:b2:a3:37:
05:67:b8:30:cd:7c:ba:81:94:59:4b:f1:81:35:aa:
bd:cf:23:66:22:8e:08:ff:d4:cd:23:ba:0a:d0:f4:
3f:99:63:20:6e:5a:ed:bc:ae:46:01:d5:27:12:89:
9b:02:b4:de:dd:8a:39:47:90:13:97:74:c1:5c:de:
e2:e4:23:f3:ec:40:65:48:96:35:58:d0:c7:9e:f5:
8a:94:59:c6:3d:d4:4c:8b:c8:ba:0b:99:74:09:a8:
8e:18:c3:25:65:4d:17:5c:20:52:e5:ef:f3:f3:29:
a4:89:e4:0a:7a:39:53:0b:4f:20:c1:d0:e8:4a:c6:
f0:e8:0e:de:83:ca:8a:90:57:df:3f:65:ca:e1:34:
78:96:d6:e0:51:a2:26:96:bb:30:dc:4f:4d:e0:b5:
57:92:c0:4e:93:b8:dc:ed:62:d3:1a:94:0f:dc:b7:
48:a8:73:df:2b:62:ca:54:c4:a6:72:fa:c7:8f:0d:
6a:e2:55:6b:88:f1:18:b5:d2:38:7a:13:07:28:02:
d0:6c:60:68:72:51:98:4a:c3:41:e6:aa:8d:72:57:
cc:e5:69:d1:47:79:d1:c9:7c:27:45:7c:a2:06:64:
42:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AD:CA:AA:04:EE:0A:2C:11:0B:43:D9:25:1B:DE:F8:17:71:BE:38
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/ra3KqgTuCiwRC0PZJRve-Bdxvjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.52.20.0/24
Signature Algorithm: sha256WithRSAEncryption
af:45:d0:f3:8a:80:47:2f:27:89:0a:04:e6:4c:a1:52:f2:a0:
93:05:c7:a1:23:68:05:07:f1:57:4a:16:e8:ee:16:de:43:12:
38:40:e8:33:52:23:2f:d3:4e:72:5c:e5:93:53:2f:c0:99:05:
94:b9:e5:dd:fc:4f:79:10:06:89:db:4d:41:ab:7d:9b:b8:1f:
d6:60:3b:1c:57:69:87:27:9b:37:a2:5c:56:6e:a8:b8:e9:95:
a1:50:21:08:26:fe:79:68:41:1d:f5:fc:37:41:5a:a7:72:f3:
22:ea:3d:de:b1:a8:95:4b:42:92:9d:35:90:e5:e6:b4:79:71:
f5:06:40:81:09:ac:71:e8:f8:d3:2a:e7:08:ad:9a:3a:d7:0b:
d3:fb:3b:40:29:d5:de:b3:bb:42:f4:8a:05:2b:bc:80:2c:12:
f5:bf:58:51:96:e1:80:6c:4e:0f:67:d8:8e:85:a8:85:f9:76:
d1:13:c5:14:33:3c:20:23:52:2c:6e:b4:bf:2a:94:a3:44:62:
cb:df:68:14:2c:97:8b:7a:c5:02:e8:d7:1f:0a:78:9c:79:0b:
53:29:5e:ce:0e:a2:17:7f:cd:e7:e7:db:7a:49:d7:46:91:5a:
51:85:77:e5:42:7e:52:66:3e:d2:95:11:4b:e7:76:5a:31:4b:
70:ce:9a:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJkEvXXVo0mFjaOeXKjw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTAyMTc1MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFkY2FhYTA0ZWUwYTJjMTEwYjQzZDkyNTFiZGVmODE3NzFiZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Vwd2F6gVFKRYTkvJQOdidG+E5DS
CmMYMDGyozcFZ7gwzXy6gZRZS/GBNaq9zyNmIo4I/9TNI7oK0PQ/mWMgblrtvK5G
AdUnEombArTe3Yo5R5ATl3TBXN7i5CPz7EBlSJY1WNDHnvWKlFnGPdRMi8i6C5l0
CaiOGMMlZU0XXCBS5e/z8ymkieQKejlTC08gwdDoSsbw6A7eg8qKkFffP2XK4TR4
ltbgUaImlrsw3E9N4LVXksBOk7jc7WLTGpQP3LdIqHPfK2LKVMSmcvrHjw1q4lVr
iPEYtdI4ehMHKALQbGBoclGYSsNB5qqNclfM5WnRR3nRyXwnRXyiBmRCAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2tyqoE7gosEQtD2SUb3vgXcb44MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvcmEzS3FnVHVDaXdSQzBQWkpSdmUtQmR4dmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DQUMA0G
CSqGSIb3DQEBCwUAA4IBAQCvRdDzioBHLyeJCgTmTKFS8qCTBcehI2gFB/FXShbo
7hbeQxI4QOgzUiMv005yXOWTUy/AmQWUueXd/E95EAaJ201Bq32buB/WYDscV2mH
J5s3olxWbqi46ZWhUCEIJv55aEEd9fw3QVqncvMi6j3esaiVS0KSnTWQ5ea0eXH1
BkCBCaxx6PjTKucIrZo61wvT+ztAKdXes7tC9IoFK7yALBL1v1hRluGAbE4PZ9iO
haiF+XbRE8UUMzwgI1IsbrS/KpSjRGLL32gULJeLesUC6NcfCniceQtTKV7ODqIX
f83n59t6SddGkVpRhXflQn5SZj7SlRFL53ZaMUtwzpr6
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:29:56 2025 by rpki-client