Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EqHLuk1cCxicxIqrHgHfPVu2AsI.roa
File: EqHLuk1cCxicxIqrHgHfPVu2AsI.roa (raw, json)
Hash identifier: jTt4fC0OpOSrlOKthxVRS05mx+wfzh6t7wCVTnxG5GM=
Subject key identifier: 12:A1:CB:BA:4D:5C:0B:18:9C:C4:8A:AB:1E:01:DF:3D:5B:B6:02:C2
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FBA35D475EF00F9F8BB6CEEC1F86AB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EqHLuk1cCxicxIqrHgHfPVu2AsI.roa
Signing time: Wed 01 Jan 2025 17:48:24 +0000
ROA not before: Wed 01 Jan 2025 17:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211439
IP address blocks: 88.209.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a3:5d:47:5e:f0:0f:9f:8b:b6:ce:ec:1f:86:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12a1cbba4d5c0b189cc48aab1e01df3d5bb602c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:55:56:0b:97:52:9b:6f:cd:11:99:5f:be:e3:
01:75:8d:9e:e8:98:51:b7:b0:f0:20:64:b4:af:a3:
35:ff:3e:29:07:f5:ac:e2:dc:51:4b:94:1a:8d:9d:
a2:95:4d:0a:62:06:89:0a:d7:8f:44:c9:fc:52:8c:
de:aa:1e:62:1f:cc:14:51:c2:8a:54:77:4a:ba:df:
4b:10:a4:9c:59:13:31:6a:d3:33:8f:ae:a9:44:0f:
6c:aa:74:f2:4a:43:3a:1d:a2:67:54:46:ab:36:9a:
7c:de:d5:37:a0:88:52:3c:1c:58:40:6f:09:62:5f:
bd:54:c8:f6:0a:dd:8b:97:06:a9:7c:db:5b:82:db:
eb:b4:5f:0b:22:e4:a4:7e:20:ef:ca:a4:d5:2e:af:
f1:8a:79:98:62:56:17:8f:d5:e9:80:a4:61:a9:cd:
5e:dd:7f:99:b6:e9:74:5b:49:b3:44:53:05:3b:69:
49:f6:21:fd:94:29:fb:c0:87:b6:11:47:d9:c7:e0:
87:c5:68:dc:f2:38:de:bc:03:d2:66:32:f2:ff:3e:
29:6b:cf:c5:89:ff:32:16:23:0e:6e:d4:90:17:bd:
4c:89:57:95:2f:16:50:6f:1e:e6:54:87:c2:5e:ca:
7b:08:12:6a:e5:74:39:ff:c0:c5:8b:72:b0:33:b9:
a8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A1:CB:BA:4D:5C:0B:18:9C:C4:8A:AB:1E:01:DF:3D:5B:B6:02:C2
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EqHLuk1cCxicxIqrHgHfPVu2AsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.253.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:de:f7:d6:ee:cb:27:ca:2c:4f:2c:93:1f:72:9d:5e:f1:75:
55:23:91:21:8b:62:4b:37:37:57:09:f7:02:25:45:52:6e:d4:
d1:23:54:95:93:46:6e:89:84:d6:d3:79:bc:41:7e:00:d6:f3:
10:32:81:fc:3e:f1:ce:c1:53:0d:75:e6:c5:a1:23:e5:4a:51:
c0:6d:fc:84:00:a7:c9:72:2c:8c:62:18:85:f8:3e:75:78:9b:
fc:fa:ed:7d:ca:40:63:b0:c1:e9:e6:a2:9c:07:ed:2c:a6:f0:
02:d7:a8:e1:2f:16:45:2f:ae:c0:0c:78:67:33:74:e9:ea:86:
5f:b9:42:65:b6:83:8b:08:17:63:a9:75:e4:45:de:0a:2d:1f:
9c:8b:e1:96:af:e9:77:6f:dd:0e:cd:5c:54:9c:0c:1f:70:09:
8e:08:ee:34:55:17:fc:cf:0f:e8:5e:1c:d8:e0:d4:5d:b8:b9:
c3:24:cc:72:25:8f:c6:9e:2d:cc:8a:e3:bb:23:99:86:e2:76:
57:68:7d:f1:ae:99:54:55:a0:92:f1:f9:68:80:78:24:b4:2c:
e3:fa:b8:85:a3:aa:d3:cd:93:00:8e:97:04:72:02:29:5e:6a:
ef:be:8a:72:c0:9e:6e:81:6f:7a:46:31:d8:4f:28:93:02:37:
30:84:b4:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+6NdR17wD5+Lts7sH4arMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmExY2JiYTRkNWMwYjE4OWNjNDhhYWIxZTAxZGYzZDViYjYwMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulVWC5dSm2/NEZlfvuMBdY2e6JhR
t7DwIGS0r6M1/z4pB/Ws4txRS5QajZ2ilU0KYgaJCtePRMn8Uozeqh5iH8wUUcKK
VHdKut9LEKScWRMxatMzj66pRA9sqnTySkM6HaJnVEarNpp83tU3oIhSPBxYQG8J
Yl+9VMj2Ct2LlwapfNtbgtvrtF8LIuSkfiDvyqTVLq/xinmYYlYXj9XpgKRhqc1e
3X+Ztul0W0mzRFMFO2lJ9iH9lCn7wIe2EUfZx+CHxWjc8jjevAPSZjLy/z4pa8/F
if8yFiMObtSQF71MiVeVLxZQbx7mVIfCXsp7CBJq5XQ5/8DFi3KwM7mouQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBKhy7pNXAsYnMSKqx4B3z1btgLCMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRXFITHVrMWNDeGljeElxckhnSGZQVnUyQXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH9MA0G
CSqGSIb3DQEBCwUAA4IBAQBa3vfW7ssnyixPLJMfcp1e8XVVI5Ehi2JLNzdXCfcC
JUVSbtTRI1SVk0ZuiYTW03m8QX4A1vMQMoH8PvHOwVMNdebFoSPlSlHAbfyEAKfJ
ciyMYhiF+D51eJv8+u19ykBjsMHp5qKcB+0spvAC16jhLxZFL67ADHhnM3Tp6oZf
uUJltoOLCBdjqXXkRd4KLR+ci+GWr+l3b90OzVxUnAwfcAmOCO40VRf8zw/oXhzY
4NRduLnDJMxyJY/Gni3MiuO7I5mG4nZXaH3xrplUVaCS8flogHgktCzj+riFo6rT
zZMAjpcEcgIpXmrvvopywJ5ugW96RjHYTyiTAjcwhLRV
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:43:11 2025 by rpki-client