Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0VOWzW5O8Mz5moPhtjP1Yi31K4I.roa
File: 0VOWzW5O8Mz5moPhtjP1Yi31K4I.roa (raw, json)
Hash identifier: SDy9plwrrh7hOXUuw3wWuZwuPwGuMY1A+havROB8HbU=
Subject key identifier: D1:53:96:CD:6E:4E:F0:CC:F9:9A:83:E1:B6:33:F5:62:2D:F5:2B:82
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0195A878480F911EA37FBA5C347A5EE081C7
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0VOWzW5O8Mz5moPhtjP1Yi31K4I.roa
Signing time: Tue 18 Mar 2025 08:56:49 +0000
ROA not before: Tue 18 Mar 2025 08:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21840
IP address blocks: 88.151.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:78:48:0f:91:1e:a3:7f:ba:5c:34:7a:5e:e0:81:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 18 08:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d15396cd6e4ef0ccf99a83e1b633f5622df52b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b3:a5:1f:a0:87:dd:2f:71:85:2b:fb:fa:09:
68:93:32:d6:4a:a1:7c:3e:ab:55:f0:0c:d5:b4:26:
a5:59:87:94:1e:21:73:df:6c:ad:f3:2e:cc:88:4f:
11:a1:3d:76:fd:aa:b1:8b:39:66:68:4f:e3:c2:ad:
67:b4:08:03:1b:fe:2b:57:ed:51:a9:ea:e3:b1:e0:
ee:6d:91:5c:3b:42:85:cb:3c:38:4a:39:48:f6:6f:
03:65:ee:46:db:c8:ed:9a:04:5e:6c:1f:72:07:aa:
3a:e3:dd:74:3b:1d:fa:12:c1:f8:5b:1f:35:f3:93:
1c:cd:19:79:f0:9e:19:64:2d:65:b2:eb:87:7b:28:
66:8b:32:da:57:0c:13:57:c2:5b:65:41:c6:56:7c:
93:09:39:a4:67:ba:bd:7f:bf:2f:ee:0c:61:f0:73:
b1:77:c0:cd:b1:8e:8d:9b:bf:21:96:8c:f8:d2:c8:
6f:c0:ac:da:0e:98:ef:d7:9d:f3:b9:e8:57:b8:7c:
02:65:7f:22:28:7f:2a:45:60:7d:c2:2f:c4:03:a9:
b1:13:c1:a7:3c:87:4f:81:43:9c:68:2a:81:2f:e4:
f4:ed:20:2e:9e:b2:64:a1:44:2a:5a:8b:83:7c:91:
af:52:c0:87:3a:6a:b6:55:49:7e:3d:9b:e2:de:6a:
d4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:53:96:CD:6E:4E:F0:CC:F9:9A:83:E1:B6:33:F5:62:2D:F5:2B:82
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0VOWzW5O8Mz5moPhtjP1Yi31K4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.59.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:33:f9:a7:93:4c:29:a8:86:b0:f3:54:b4:63:92:bb:1c:2d:
7c:44:af:15:0e:71:ab:b4:03:d7:97:6c:f9:f8:e9:ea:60:bc:
1b:18:8c:d2:b5:f3:e8:9e:cd:b8:66:bb:08:bf:c3:e3:05:28:
04:f5:9e:f0:46:a5:63:f8:ef:50:29:40:d3:24:64:10:03:08:
95:9b:7a:0b:f8:ae:4e:aa:77:dd:86:93:be:13:be:e0:62:b0:
04:54:9f:03:11:dd:c5:93:e1:3d:e7:59:f8:49:19:95:18:c2:
1b:1a:da:a6:da:29:6c:fd:25:60:ae:64:97:18:80:a8:6a:a6:
13:bc:ad:2f:c0:dd:a2:6e:e7:68:b7:f3:a1:cd:1a:6f:8e:bf:
0c:40:10:1d:fd:e5:e5:73:57:db:d2:b8:5e:77:54:cf:fb:5e:
b0:73:23:f9:63:a5:f8:43:9c:11:92:b8:06:c0:95:ea:4c:0f:
13:c5:df:83:e5:51:38:74:85:60:e5:06:11:94:c2:b1:ca:f0:
0f:c4:3e:65:74:c7:20:71:51:58:62:57:6a:af:32:76:33:dd:
a6:d4:bb:6e:14:53:b0:3a:05:b4:e3:97:5e:80:b7:1a:e6:d0:
96:1c:6f:88:2b:73:c5:5b:59:da:cb:0e:a2:54:1d:a4:0e:a9:
69:c1:a9:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWoeEgPkR6jf7pcNHpe4IHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzE4MDg1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTUzOTZjZDZlNGVmMGNjZjk5YTgzZTFiNjMzZjU2MjJkZjUyYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrOlH6CH3S9xhSv7+glokzLWSqF8
PqtV8AzVtCalWYeUHiFz32yt8y7MiE8RoT12/aqxizlmaE/jwq1ntAgDG/4rV+1R
qerjseDubZFcO0KFyzw4SjlI9m8DZe5G28jtmgRebB9yB6o64910Ox36EsH4Wx81
85MczRl58J4ZZC1lsuuHeyhmizLaVwwTV8JbZUHGVnyTCTmkZ7q9f78v7gxh8HOx
d8DNsY6Nm78hloz40shvwKzaDpjv153zuehXuHwCZX8iKH8qRWB9wi/EA6mxE8Gn
PIdPgUOcaCqBL+T07SAunrJkoUQqWouDfJGvUsCHOmq2VUl+PZvi3mrUHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFTls1uTvDM+ZqD4bYz9WIt9SuCMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMFZPV3pXNU84TXo1bW9QaHRqUDFZaTMxSzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJc7MA0G
CSqGSIb3DQEBCwUAA4IBAQCpM/mnk0wpqIaw81S0Y5K7HC18RK8VDnGrtAPXl2z5
+OnqYLwbGIzStfPons24ZrsIv8PjBSgE9Z7wRqVj+O9QKUDTJGQQAwiVm3oL+K5O
qnfdhpO+E77gYrAEVJ8DEd3Fk+E951n4SRmVGMIbGtqm2ils/SVgrmSXGICoaqYT
vK0vwN2ibudot/OhzRpvjr8MQBAd/eXlc1fb0rhed1TP+16wcyP5Y6X4Q5wRkrgG
wJXqTA8Txd+D5VE4dIVg5QYRlMKxyvAPxD5ldMcgcVFYYldqrzJ2M92m1LtuFFOw
OgW045degLca5tCWHG+IK3PFW1nayw6iVB2kDqlpwamI
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:39:30 2025 by rpki-client