Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Iz6s_leBualQ5imcY5zIa71R0KI.roa
File: Iz6s_leBualQ5imcY5zIa71R0KI.roa (raw, json)
Hash identifier: T8yyK+8ZKDwOzRR5jc3tNtonTD4CKYsOcncUcdr1ajQ=
Subject key identifier: 23:3E:AC:FE:57:81:B9:A9:50:E6:29:9C:63:9C:C8:6B:BD:51:D0:A2
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01946F7E29AA7F84BB06479831773ACC0B15
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Iz6s_leBualQ5imcY5zIa71R0KI.roa
Signing time: Thu 16 Jan 2025 14:22:06 +0000
ROA not before: Thu 16 Jan 2025 14:22:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31128
IP address blocks: 88.209.219.0/27 maxlen: 27
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:7e:29:aa:7f:84:bb:06:47:98:31:77:3a:cc:0b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 16 14:22:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=233eacfe5781b9a950e6299c639cc86bbd51d0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a8:e5:a9:8f:cf:8f:02:af:3d:ab:45:d0:bb:
c0:d7:26:7d:79:b4:4f:dd:ba:16:96:8c:06:c3:34:
c4:42:0c:3f:6d:21:19:cc:76:c7:e0:0c:b9:d0:9d:
e1:b5:b0:4f:9e:72:13:e3:6d:ce:a7:4f:57:34:03:
c4:cb:55:10:3a:a7:30:32:6e:71:48:bd:12:e9:db:
10:f4:7c:c6:3a:e7:88:74:0f:56:f7:86:01:36:11:
00:45:43:26:53:71:96:b3:93:43:24:42:bd:4d:e4:
fd:34:eb:98:2b:38:f8:43:67:27:45:be:e1:4a:58:
a7:97:ae:a6:9a:1d:e4:d9:aa:42:c9:68:9a:c2:31:
78:44:3c:b8:52:ad:fe:5e:55:a8:f8:28:40:55:c4:
5a:d2:ed:8a:47:ab:3c:0a:96:f7:fc:8e:5c:75:3e:
98:43:a2:be:04:12:9b:2b:46:4e:6e:12:62:ad:b0:
fe:ca:9e:86:9c:64:2e:12:12:46:b8:e5:08:05:94:
d9:f5:dd:e4:95:c7:64:8e:c2:27:89:1b:a5:02:06:
d3:7e:80:5a:5b:43:fb:6d:6b:ed:60:6a:a4:df:da:
b0:e8:6a:2b:2b:8e:83:39:76:f2:54:78:40:bc:c5:
24:db:13:27:42:5a:34:ae:c9:a4:77:86:07:35:a5:
c8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3E:AC:FE:57:81:B9:A9:50:E6:29:9C:63:9C:C8:6B:BD:51:D0:A2
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Iz6s_leBualQ5imcY5zIa71R0KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.219.0/27
Signature Algorithm: sha256WithRSAEncryption
1d:08:27:9f:10:6a:57:99:8e:00:5b:6e:bc:08:3a:e8:a6:81:
c8:6b:42:c4:e9:7d:bd:68:77:a5:da:f8:de:fa:d9:5e:b6:98:
00:87:7f:b1:37:e1:52:2e:3b:f2:0e:94:4f:69:fd:e9:df:bc:
b3:21:d0:f2:0a:b4:85:57:fb:7a:ce:d2:4b:dd:3c:ed:eb:53:
3e:cf:5c:55:6d:d2:75:07:14:e7:46:cd:67:e8:da:2b:69:85:
11:60:e3:0d:95:91:68:b8:41:d5:e2:db:e2:69:e9:77:54:4f:
00:e7:f8:a1:3f:dc:76:2f:65:90:66:f6:14:50:99:3e:f4:b2:
57:60:ac:af:fe:0b:48:bd:7c:0d:8e:cb:7b:ba:33:fb:e0:77:
91:5d:b4:b8:e4:78:a0:1f:09:4b:c7:05:89:0c:a3:4f:22:92:
c9:d0:ae:a2:79:34:b2:e9:17:a1:b7:9c:b4:8f:2c:11:53:2b:
db:e5:95:2a:65:c0:66:2c:10:79:56:3d:3c:08:61:c0:05:bb:
67:2f:51:39:41:f9:c6:4b:fc:38:e4:b8:ff:c3:75:55:e3:4e:
e3:85:9e:22:2c:22:fd:8f:bf:87:46:e8:0e:51:18:5b:bb:b2:
40:3b:5b:e2:c8:b3:9d:4b:5d:3f:5c:02:49:e8:09:a6:4c:ff:
10:a5:b4:88
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRvfimqf4S7BkeYMXc6zAsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTE2MTQyMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNlYWNmZTU3ODFiOWE5NTBlNjI5OWM2MzljYzg2YmJkNTFkMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvajlqY/PjwKvPatF0LvA1yZ9ebRP
3boWlowGwzTEQgw/bSEZzHbH4Ay50J3htbBPnnIT423Op09XNAPEy1UQOqcwMm5x
SL0S6dsQ9HzGOueIdA9W94YBNhEARUMmU3GWs5NDJEK9TeT9NOuYKzj4Q2cnRb7h
Slinl66mmh3k2apCyWiawjF4RDy4Uq3+XlWo+ChAVcRa0u2KR6s8Cpb3/I5cdT6Y
Q6K+BBKbK0ZObhJirbD+yp6GnGQuEhJGuOUIBZTZ9d3klcdkjsIniRulAgbTfoBa
W0P7bWvtYGqk39qw6GorK46DOXbyVHhAvMUk2xMnQlo0rsmkd4YHNaXIpwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCM+rP5XgbmpUOYpnGOcyGu9UdCiMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSXo2c19sZUJ1YWxRNWltY1k1eklhNzFSMEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUFWNHbADAN
BgkqhkiG9w0BAQsFAAOCAQEAHQgnnxBqV5mOAFtuvAg66KaByGtCxOl9vWh3pdr4
3vrZXraYAId/sTfhUi478g6UT2n96d+8syHQ8gq0hVf7es7SS9087etTPs9cVW3S
dQcU50bNZ+jaK2mFEWDjDZWRaLhB1eLb4mnpd1RPAOf4oT/cdi9lkGb2FFCZPvSy
V2Csr/4LSL18DY7Le7oz++B3kV20uOR4oB8JS8cFiQyjTyKSydCuonk0sukXobec
tI8sEVMr2+WVKmXAZiwQeVY9PAhhwAW7Zy9ROUH5xkv8OOS4/8N1VeNO44WeIiwi
/Y+/h0boDlEYW7uyQDtb4siznUtdP1wCSegJpkz/EKW0iA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:44:14 2025 by rpki-client