Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/kh0epdLNSddiQFDfyRWlWNSgNTc.roa
File: kh0epdLNSddiQFDfyRWlWNSgNTc.roa (raw, json)
Hash identifier: hMYh6cNkenwqAq3pUFKO3vM0qKRLjOoLvXbL/3HS8fo=
Subject key identifier: 92:1D:1E:A5:D2:CD:49:D7:62:40:50:DF:C9:15:A5:58:D4:A0:35:37
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 019569DC9A949CC8B42B5320181C66CF1015
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/kh0epdLNSddiQFDfyRWlWNSgNTc.roa
Signing time: Thu 06 Mar 2025 05:10:19 +0000
ROA not before: Thu 06 Mar 2025 05:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200178
IP address blocks: 188.72.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:69:dc:9a:94:9c:c8:b4:2b:53:20:18:1c:66:cf:10:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Mar 6 05:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=921d1ea5d2cd49d7624050dfc915a558d4a03537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2a:d7:56:6b:aa:9a:2c:90:84:10:90:29:3f:
46:74:da:4e:72:f5:9b:3c:ac:fe:de:aa:d5:e9:e4:
8f:10:a2:48:97:b3:0a:5b:d3:4a:bd:d4:30:dc:22:
d1:f1:ec:e2:59:17:26:40:3b:54:63:ba:a0:34:6f:
32:2d:74:c3:e0:9e:55:67:32:c5:a8:6d:60:49:3f:
cc:91:b6:7a:c1:e3:c3:3c:37:25:11:74:16:2e:de:
49:e1:16:a5:2a:4a:97:10:72:cc:9e:e2:3e:9d:1c:
e2:b9:92:b9:b0:3a:dc:b7:c1:23:a4:78:93:a0:90:
7d:2a:ff:c4:7e:d2:bd:45:4e:63:34:27:d0:b8:e8:
4a:7d:96:d5:5b:6e:bb:ac:6c:28:d4:c2:e9:a5:00:
b0:c0:c9:b3:b1:3b:1d:be:62:ec:1c:7c:ec:ab:17:
25:52:d3:bf:ff:a6:a6:b9:18:5a:76:e5:8d:4a:b4:
c6:b4:af:00:26:60:e9:db:18:6e:40:da:bb:37:f5:
ef:f7:41:40:44:5c:70:7e:f7:36:7b:02:03:6f:ab:
76:54:88:d6:ea:77:8f:73:59:6f:4c:73:7a:5e:34:
b3:a7:01:83:c2:ff:ae:fb:9e:10:cf:f0:b4:3c:e2:
13:37:0e:08:04:e6:e7:85:cd:fb:87:d1:c4:13:95:
e7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1D:1E:A5:D2:CD:49:D7:62:40:50:DF:C9:15:A5:58:D4:A0:35:37
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/kh0epdLNSddiQFDfyRWlWNSgNTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.20.0/24
Signature Algorithm: sha256WithRSAEncryption
56:d8:74:14:51:68:63:f9:e2:1c:2e:7a:31:a7:fa:72:31:2d:
5f:3e:76:f2:c8:01:85:71:8d:3d:2d:f7:bf:2d:22:f2:f0:91:
a5:3f:0c:6f:79:0d:4c:f4:c8:6a:56:80:61:17:4e:6c:20:2a:
60:76:03:6c:62:4d:5b:e4:68:46:c5:6a:48:f1:cb:9b:83:c6:
6a:6e:08:85:32:91:51:b2:e0:5a:58:1a:e8:04:76:ec:ba:aa:
e3:34:02:58:f5:89:ea:db:f9:13:93:7f:3d:6f:e6:08:58:98:
e4:a1:56:7c:05:38:fd:c7:1b:5a:18:cd:f6:52:15:cc:4d:17:
a4:73:f2:9e:11:f2:86:12:3e:74:ff:e4:a1:83:6a:26:cc:10:
40:1e:c9:5d:b0:40:fa:3c:db:21:ab:ae:1f:1c:e2:cd:d3:59:
b9:fc:97:86:4f:29:1b:e4:f0:58:a9:55:80:d1:43:c5:cc:46:
f4:26:8a:de:30:c1:e7:08:45:53:28:b6:51:de:0d:b4:47:d1:
6a:32:f0:4d:a0:f7:fb:60:c6:3e:4e:e1:90:2f:8b:f0:40:2c:
0c:7c:cf:07:30:07:2b:4e:2d:ac:3b:49:88:cf:08:ff:e8:b3:
64:71:3a:56:3c:d4:be:68:17:ba:17:3b:bd:c8:7d:de:c4:d2:
f6:44:13:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVp3JqUnMi0K1MgGBxmzxAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjUwMzA2MDUxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFkMWVhNWQyY2Q0OWQ3NjI0MDUwZGZjOTE1YTU1OGQ0YTAzNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSrXVmuqmiyQhBCQKT9GdNpOcvWb
PKz+3qrV6eSPEKJIl7MKW9NKvdQw3CLR8eziWRcmQDtUY7qgNG8yLXTD4J5VZzLF
qG1gST/MkbZ6wePDPDclEXQWLt5J4RalKkqXEHLMnuI+nRziuZK5sDrct8EjpHiT
oJB9Kv/EftK9RU5jNCfQuOhKfZbVW267rGwo1MLppQCwwMmzsTsdvmLsHHzsqxcl
UtO//6amuRhaduWNSrTGtK8AJmDp2xhuQNq7N/Xv90FARFxwfvc2ewIDb6t2VIjW
6nePc1lvTHN6XjSzpwGDwv+u+54Qz/C0POITNw4IBObnhc37h9HEE5XnHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIdHqXSzUnXYkBQ38kVpVjUoDU3MB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEva2gwZXBkTE5TZGRpUUZEZnlSV2xXTlNnTlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEgUMA0G
CSqGSIb3DQEBCwUAA4IBAQBW2HQUUWhj+eIcLnoxp/pyMS1fPnbyyAGFcY09Lfe/
LSLy8JGlPwxveQ1M9MhqVoBhF05sICpgdgNsYk1b5GhGxWpI8cubg8ZqbgiFMpFR
suBaWBroBHbsuqrjNAJY9Ynq2/kTk389b+YIWJjkoVZ8BTj9xxtaGM32UhXMTRek
c/KeEfKGEj50/+Shg2omzBBAHsldsED6PNshq64fHOLN01m5/JeGTykb5PBYqVWA
0UPFzEb0JoreMMHnCEVTKLZR3g20R9FqMvBNoPf7YMY+TuGQL4vwQCwMfM8HMAcr
Ti2sO0mIzwj/6LNkcTpWPNS+aBe6Fzu9yH3exNL2RBN0
-----END CERTIFICATE-----
Generated at Tue Apr 8 22:08:28 2025 by rpki-client