Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/42eb36-81a5-49cf-9b46-10c54f95a9d2/1/i9afLrcUv6e8AnpkncoQQi6DjVo.roa
File: i9afLrcUv6e8AnpkncoQQi6DjVo.roa (raw, json)
Hash identifier: Na1kIcuOHTJtSnkDhHjPCtudnWtydwT4NghUl5lDDJ0=
Subject key identifier: 8B:D6:9F:2E:B7:14:BF:A7:BC:02:7A:64:9D:CA:10:42:2E:83:8D:5A
Certificate issuer: /CN=f58f0651a90aecf91a42c3cc9fcb95af95ed9171
Certificate serial: 01856CE62009D80F4AD8CB4DD75AFEF590D5
Authority key identifier: F5:8F:06:51:A9:0A:EC:F9:1A:42:C3:CC:9F:CB:95:AF:95:ED:91:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Y8GUakK7PkaQsPMn8uVr5XtkXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/42eb36-81a5-49cf-9b46-10c54f95a9d2/1/i9afLrcUv6e8AnpkncoQQi6DjVo.roa
Signing time: Sun 01 Jan 2023 10:34:58 +0000
ROA not before: Sun 01 Jan 2023 10:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 188.244.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:20:09:d8:0f:4a:d8:cb:4d:d7:5a:fe:f5:90:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58f0651a90aecf91a42c3cc9fcb95af95ed9171
Validity
Not Before: Jan 1 10:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bd69f2eb714bfa7bc027a649dca10422e838d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8e:89:61:0e:61:8a:d1:64:2c:f1:0f:84:3f:
3a:e3:e9:09:a9:36:a9:a9:ef:b1:9b:85:a2:7e:83:
3c:25:02:8b:66:4d:0f:7d:46:1b:8f:48:cf:dd:2d:
bd:c1:c1:80:ff:c7:68:00:8e:d3:ac:8c:bd:84:5d:
78:75:f2:9f:94:d4:14:c9:1a:78:25:35:55:7b:60:
46:b2:5b:d0:3c:af:40:ab:74:8b:77:f9:49:59:d9:
37:7d:f1:80:e0:cd:9d:cb:b6:60:e6:d2:3b:39:95:
b4:44:c5:f7:ee:8a:e6:49:fe:f3:3f:c9:e1:b9:a6:
7e:77:67:0c:14:cf:6a:c8:0d:56:8e:f7:35:bf:a2:
53:74:03:9b:da:5a:cb:a1:d7:a5:6b:ce:b4:e7:79:
c7:da:86:d9:1b:3d:df:2b:4c:e0:3c:82:dc:5f:a8:
aa:c2:d2:c2:68:4c:23:9b:0b:40:1b:dd:55:af:c5:
3a:ca:47:e6:dd:60:00:a6:bd:c3:98:c4:dd:8d:75:
32:ce:a8:aa:8c:00:14:2d:85:1e:e9:c0:4c:e7:d3:
41:07:af:42:44:b5:75:da:9d:fd:bc:8c:74:5c:23:
87:d0:3a:e3:b3:8c:87:01:7f:54:5a:16:26:1e:04:
85:49:16:39:fb:93:86:3f:7d:85:b1:34:f3:e1:fd:
ef:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D6:9F:2E:B7:14:BF:A7:BC:02:7A:64:9D:CA:10:42:2E:83:8D:5A
X509v3 Authority Key Identifier:
keyid:F5:8F:06:51:A9:0A:EC:F9:1A:42:C3:CC:9F:CB:95:AF:95:ED:91:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Y8GUakK7PkaQsPMn8uVr5XtkXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/42eb36-81a5-49cf-9b46-10c54f95a9d2/1/i9afLrcUv6e8AnpkncoQQi6DjVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/42eb36-81a5-49cf-9b46-10c54f95a9d2/1/9Y8GUakK7PkaQsPMn8uVr5XtkXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.244.121.0/24
Signature Algorithm: sha256WithRSAEncryption
90:27:35:db:59:d1:59:af:71:ee:c4:6b:45:00:e8:1a:c5:89:
21:08:1e:d1:d8:05:95:37:c2:3d:63:31:0a:8f:82:23:4f:92:
9d:a5:4d:4a:7e:45:7b:72:17:98:b9:53:c1:31:54:97:3b:12:
d8:81:c0:4c:75:d2:70:1f:8f:6f:2f:91:c5:7f:3c:0b:37:f0:
f8:9c:63:98:17:74:e0:28:bd:1d:51:8e:a0:5e:54:30:0a:c1:
73:0e:4b:dc:d5:fd:19:e9:a9:03:67:ac:76:1a:6d:89:aa:6a:
23:19:70:58:31:12:d0:69:94:0e:d2:09:c3:ff:34:8a:74:35:
93:1c:ce:67:be:3a:13:12:a8:f3:13:87:90:2f:b0:f0:12:2f:
30:0d:bc:dd:8e:14:2f:5c:b9:ab:ca:84:97:9e:1b:43:77:70:
75:4a:d2:2a:27:d1:b1:1a:6e:fa:be:b1:60:ec:0f:a1:18:cb:
7c:78:a3:c7:5d:83:f6:fe:67:d9:6a:9d:4b:dd:9c:94:34:f9:
c4:6f:e5:91:b9:00:b3:19:9c:8b:90:d0:02:6a:db:3e:2f:02:
e2:d2:b0:aa:e1:97:c7:63:9c:4e:93:c6:e4:a3:34:9a:16:07:
59:b6:7c:a0:2c:20:2c:5d:7e:03:07:e4:ac:8c:eb:83:b4:0d:
86:82:06:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5iAJ2A9K2MtN11r+9ZDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGYwNjUxYTkwYWVjZjkxYTQyYzNjYzlmY2I5NWFmOTVl
ZDkxNzEwHhcNMjMwMTAxMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmQ2OWYyZWI3MTRiZmE3YmMwMjdhNjQ5ZGNhMTA0MjJlODM4ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o6JYQ5hitFkLPEPhD864+kJqTap
qe+xm4WifoM8JQKLZk0PfUYbj0jP3S29wcGA/8doAI7TrIy9hF14dfKflNQUyRp4
JTVVe2BGslvQPK9Aq3SLd/lJWdk3ffGA4M2dy7Zg5tI7OZW0RMX37ormSf7zP8nh
uaZ+d2cMFM9qyA1Wjvc1v6JTdAOb2lrLodela86053nH2obZGz3fK0zgPILcX6iq
wtLCaEwjmwtAG91Vr8U6ykfm3WAApr3DmMTdjXUyzqiqjAAULYUe6cBM59NBB69C
RLV12p39vIx0XCOH0Drjs4yHAX9UWhYmHgSFSRY5+5OGP32FsTTz4f3vJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIvWny63FL+nvAJ6ZJ3KEEIug41aMB8GA1UdIwQY
MBaAFPWPBlGpCuz5GkLDzJ/Lla+V7ZFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVk4R1Vha0s3UGthUXNQTW44dVZyNVh0a1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80MmViMzYtODFhNS00OWNmLTliNDYt
MTBjNTRmOTVhOWQyLzEvaTlhZkxyY1V2NmU4QW5wa25jb1FRaTZEalZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80MmViMzYtODFhNS00OWNmLTliNDYtMTBjNTRmOTVhOWQy
LzEvOVk4R1Vha0s3UGthUXNQTW44dVZyNVh0a1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvPR5MA0G
CSqGSIb3DQEBCwUAA4IBAQCQJzXbWdFZr3HuxGtFAOgaxYkhCB7R2AWVN8I9YzEK
j4IjT5KdpU1KfkV7cheYuVPBMVSXOxLYgcBMddJwH49vL5HFfzwLN/D4nGOYF3Tg
KL0dUY6gXlQwCsFzDkvc1f0Z6akDZ6x2Gm2JqmojGXBYMRLQaZQO0gnD/zSKdDWT
HM5nvjoTEqjzE4eQL7DwEi8wDbzdjhQvXLmryoSXnhtDd3B1StIqJ9GxGm76vrFg
7A+hGMt8eKPHXYP2/mfZap1L3ZyUNPnEb+WRuQCzGZyLkNACats+LwLi0rCq4ZfH
Y5xOk8bkozSaFgdZtnygLCAsXX4DB+SsjOuDtA2GggZV
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:56:34 2025 by rpki-client