Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/K42vHM1Y31hkoh1eY_MCD3Phd2g.roa
File: K42vHM1Y31hkoh1eY_MCD3Phd2g.roa (raw, json)
Hash identifier: 10MJflr8WaH9nBqOosM69cUHwjn7LcR8ExGlOShDPI0=
Subject key identifier: 2B:8D:AF:1C:CD:58:DF:58:64:A2:1D:5E:63:F3:02:0F:73:E1:77:68
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FB9042149B6680A687269F98122117
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/K42vHM1Y31hkoh1eY_MCD3Phd2g.roa
Signing time: Wed 01 Jan 2025 17:48:19 +0000
ROA not before: Wed 01 Jan 2025 17:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 88.209.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:90:42:14:9b:66:80:a6:87:26:9f:98:12:21:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b8daf1ccd58df5864a21d5e63f3020f73e17768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:70:6f:ef:64:71:ca:b6:7f:c9:b8:fb:35:47:
4b:55:c9:02:d8:20:02:6e:3a:e7:08:8d:f8:54:bc:
cf:11:e0:b6:bc:e1:f4:3d:e2:c4:7c:22:ab:54:8d:
3a:bd:0b:37:51:f5:4d:8e:59:76:d0:ee:1e:5a:7d:
9b:00:07:3a:7f:33:f2:47:2e:de:a6:54:c0:82:74:
83:28:8b:1a:7f:49:ff:83:50:6c:ed:a5:d0:18:b8:
5a:12:12:bf:11:9a:5c:5e:2e:0e:99:be:7d:84:5a:
70:45:12:38:e5:02:b0:01:96:5d:f8:8d:75:7b:f4:
56:e6:66:d4:13:3e:49:26:c2:42:15:35:c5:e9:d4:
f7:da:1a:31:d6:45:ec:83:85:73:58:3e:8b:07:6c:
79:55:80:f7:43:79:40:88:a3:ce:94:aa:64:16:2f:
79:e8:6d:cf:5d:ed:68:66:f9:14:c6:e9:d4:70:f1:
2a:11:f5:ab:20:4a:9b:fe:23:1f:4f:15:18:f4:38:
f6:e3:e9:56:e3:73:4b:a9:f3:e5:83:9b:5c:91:d1:
41:0e:5e:95:e8:06:9e:89:8d:de:ac:30:17:6b:69:
00:84:ee:2a:20:79:be:eb:fb:1e:b9:06:ae:28:0d:
dd:d3:52:55:aa:83:04:dd:b5:32:28:65:55:ea:ca:
d4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8D:AF:1C:CD:58:DF:58:64:A2:1D:5E:63:F3:02:0F:73:E1:77:68
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/K42vHM1Y31hkoh1eY_MCD3Phd2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.229.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:93:8a:3b:13:6f:f4:3b:61:2a:d3:99:a2:47:5f:48:98:e2:
58:33:60:4c:e8:7e:5a:46:a4:58:1e:0b:44:81:bb:a2:79:1e:
4c:13:5e:be:7b:d2:37:76:bc:97:21:af:0a:92:5b:ca:18:86:
e6:47:4e:da:85:b9:75:b7:e2:0f:4a:b3:3b:71:e8:22:c8:85:
58:93:a0:3b:e2:5f:8a:89:51:d0:c5:67:57:52:2e:35:09:28:
c7:22:a1:cb:11:bb:57:52:f0:51:24:28:bf:bc:cd:24:df:86:
5c:ad:c8:3f:fe:d9:9c:cf:fb:02:bc:24:19:29:fe:28:ce:07:
2f:41:96:2e:3d:c9:5a:a2:4a:90:47:fd:c3:09:bf:6e:54:4f:
a9:9c:fb:13:d8:b4:d5:13:92:0d:af:f1:36:62:66:17:25:72:
75:56:9d:a6:67:34:42:7c:56:e2:79:ac:36:bf:1d:8c:10:a0:
d0:54:dc:f5:64:9e:63:7d:58:9e:e1:e5:45:4a:d9:b9:4a:67:
7b:1e:1b:86:30:b9:79:06:83:66:8d:d2:37:b1:4f:f5:f9:7a:
d7:4e:df:37:1f:72:a8:ed:fa:28:07:f1:98:32:13:db:08:72:
4a:bd:c3:8e:d3:bd:c5:7c:70:3c:9a:3a:64:64:b8:10:21:f9:
a4:71:1b:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+5BCFJtmgKaHJp+YEiEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjhkYWYxY2NkNThkZjU4NjRhMjFkNWU2M2YzMDIwZjczZTE3NzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13Bv72RxyrZ/ybj7NUdLVckC2CAC
bjrnCI34VLzPEeC2vOH0PeLEfCKrVI06vQs3UfVNjll20O4eWn2bAAc6fzPyRy7e
plTAgnSDKIsaf0n/g1Bs7aXQGLhaEhK/EZpcXi4Omb59hFpwRRI45QKwAZZd+I11
e/RW5mbUEz5JJsJCFTXF6dT32hox1kXsg4VzWD6LB2x5VYD3Q3lAiKPOlKpkFi95
6G3PXe1oZvkUxunUcPEqEfWrIEqb/iMfTxUY9Dj24+lW43NLqfPlg5tckdFBDl6V
6AaeiY3erDAXa2kAhO4qIHm+6/seuQauKA3d01JVqoME3bUyKGVV6srUDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCuNrxzNWN9YZKIdXmPzAg9z4XdoMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSzQydkhNMVkzMWhrb2gxZVlfTUNEM1BoZDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHlMA0G
CSqGSIb3DQEBCwUAA4IBAQCek4o7E2/0O2Eq05miR19ImOJYM2BM6H5aRqRYHgtE
gbuieR5ME16+e9I3dryXIa8KklvKGIbmR07ahbl1t+IPSrM7cegiyIVYk6A74l+K
iVHQxWdXUi41CSjHIqHLEbtXUvBRJCi/vM0k34Zcrcg//tmcz/sCvCQZKf4ozgcv
QZYuPclaokqQR/3DCb9uVE+pnPsT2LTVE5INr/E2YmYXJXJ1Vp2mZzRCfFbieaw2
vx2MEKDQVNz1ZJ5jfVie4eVFStm5Smd7HhuGMLl5BoNmjdI3sU/1+XrXTt83H3Ko
7fooB/GYMhPbCHJKvcOO073FfHA8mjpkZLgQIfmkcRti
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:32:36 2025 by rpki-client