Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vWCp4b3nsQV15fQE8PJ9RHFBU-E.roa
File: vWCp4b3nsQV15fQE8PJ9RHFBU-E.roa (raw, json)
Hash identifier: QW3YR4U1tCqmergoxB1by8n2xiuNjyalBCBx73JE8Wc=
Subject key identifier: BD:60:A9:E1:BD:E7:B1:05:75:E5:F4:04:F0:F2:7D:44:71:41:53:E1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01957FC60AF1C9942B2007B639A82875BD6F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vWCp4b3nsQV15fQE8PJ9RHFBU-E.roa
Signing time: Mon 10 Mar 2025 11:17:20 +0000
ROA not before: Mon 10 Mar 2025 11:17:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212220
IP address blocks: 192.176.172.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:c6:0a:f1:c9:94:2b:20:07:b6:39:a8:28:75:bd:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 10 11:17:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd60a9e1bde7b10575e5f404f0f27d44714153e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:8f:a5:16:70:2d:00:b3:1b:ec:47:cd:17:
15:d4:2d:15:0e:97:83:fd:d7:1e:de:ce:f7:fc:ce:
e1:a0:c4:a2:ee:50:5f:83:bc:75:b1:a6:7a:cb:91:
e8:16:3f:36:3f:27:62:e5:18:04:47:b6:4f:69:23:
f2:d3:41:8d:98:2c:a9:bc:6d:6b:fb:b6:42:5b:03:
ba:d7:9e:f4:e0:6f:86:60:0e:13:4d:59:ca:1c:b6:
90:99:08:6d:b6:c3:f0:d1:66:05:9a:4c:46:67:db:
8e:07:0a:7b:8b:d2:af:46:84:d2:56:ac:6c:3c:fd:
1c:78:6f:b2:2c:1c:90:55:14:df:73:35:a9:98:68:
5c:42:c1:16:c1:25:86:92:2e:bd:ca:31:2c:a4:3d:
a2:b5:9b:b1:38:05:bf:30:dd:6c:9b:a1:0d:d0:af:
00:e1:ea:b4:18:13:73:fa:93:15:b0:9b:2c:a6:45:
50:b8:e2:b8:8d:40:e9:63:1a:ce:8b:3d:db:af:6a:
98:8e:78:7c:16:60:7c:88:53:4c:88:31:07:6f:70:
d1:5f:02:05:35:60:dc:9b:22:cf:90:b3:11:f7:16:
37:a7:ba:c0:d1:a6:0c:c5:61:ca:e2:c2:a5:bf:36:
ff:3d:13:f9:7f:53:17:98:0e:d4:e7:63:8b:3e:2b:
8d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:60:A9:E1:BD:E7:B1:05:75:E5:F4:04:F0:F2:7D:44:71:41:53:E1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vWCp4b3nsQV15fQE8PJ9RHFBU-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.176.172.0/23
Signature Algorithm: sha256WithRSAEncryption
06:cc:1f:97:2e:4d:2a:97:ef:e6:d8:24:81:8c:5f:dd:11:ef:
72:59:8d:5e:08:37:f2:6b:ae:f2:4c:64:da:49:0c:a4:07:2e:
aa:83:f9:b1:11:1f:9d:ee:89:37:42:07:49:f7:64:09:43:47:
b3:99:a0:90:31:ce:2d:f8:8a:c5:b9:de:20:93:ff:8d:dc:da:
10:b8:ff:ea:84:d5:d4:68:0a:2e:a7:d4:5f:2a:77:52:0f:ff:
f7:6c:ae:3a:c8:70:c5:58:3a:1c:da:05:03:33:b0:c9:be:12:
04:cd:6c:b1:be:9b:ac:b3:59:fe:19:d1:28:af:8c:59:3d:8e:
4d:7e:d9:6b:df:c8:4d:66:d1:55:bc:a0:30:70:c4:45:0d:74:
40:29:dd:1b:5e:8e:7d:70:a0:93:4e:19:60:15:0a:96:c4:a5:
88:b4:e9:5e:a9:cd:3c:c8:41:67:60:6d:87:97:cc:9e:8f:59:
af:d8:a6:39:16:7a:0e:c9:89:c5:b8:09:45:f8:97:69:b7:ea:
07:7f:d6:e0:14:27:4d:ba:e9:ef:40:87:38:5a:3f:5c:ee:16:
58:ee:04:49:17:5c:d6:17:ba:5f:e4:f8:61:2d:55:0a:16:88:
29:99:db:63:4a:af:0e:c9:da:ce:b7:0a:69:76:d4:63:de:c1:
ff:10:9c:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV/xgrxyZQrIAe2Oagodb1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMzEwMTExNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDYwYTllMWJkZTdiMTA1NzVlNWY0MDRmMGYyN2Q0NDcxNDE1M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHuPpRZwLQCzG+xHzRcV1C0VDpeD
/dce3s73/M7hoMSi7lBfg7x1saZ6y5HoFj82Pydi5RgER7ZPaSPy00GNmCypvG1r
+7ZCWwO615704G+GYA4TTVnKHLaQmQhttsPw0WYFmkxGZ9uOBwp7i9KvRoTSVqxs
PP0ceG+yLByQVRTfczWpmGhcQsEWwSWGki69yjEspD2itZuxOAW/MN1sm6EN0K8A
4eq0GBNz+pMVsJsspkVQuOK4jUDpYxrOiz3br2qYjnh8FmB8iFNMiDEHb3DRXwIF
NWDcmyLPkLMR9xY3p7rA0aYMxWHK4sKlvzb/PRP5f1MXmA7U52OLPiuNcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1gqeG957EFdeX0BPDyfURxQVPhMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdldDcDRiM25zUVYxNWZRRThQSjlSSEZCVS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwLCsMA0G
CSqGSIb3DQEBCwUAA4IBAQAGzB+XLk0ql+/m2CSBjF/dEe9yWY1eCDfya67yTGTa
SQykBy6qg/mxER+d7ok3QgdJ92QJQ0ezmaCQMc4t+IrFud4gk/+N3NoQuP/qhNXU
aAoup9RfKndSD//3bK46yHDFWDoc2gUDM7DJvhIEzWyxvpuss1n+GdEor4xZPY5N
ftlr38hNZtFVvKAwcMRFDXRAKd0bXo59cKCTThlgFQqWxKWItOleqc08yEFnYG2H
l8yej1mv2KY5FnoOyYnFuAlF+Jdpt+oHf9bgFCdNuunvQIc4Wj9c7hZY7gRJF1zW
F7pf5PhhLVUKFogpmdtjSq8OydrOtwppdtRj3sH/EJzZ
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:15:26 2025 by rpki-client