Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TQoyMTaufag9Fh3qmegQelA2zNg.roa
File: TQoyMTaufag9Fh3qmegQelA2zNg.roa (raw, json)
Hash identifier: 95d7zIS7vKuMg1Mj7+fOLFO0LcohD9ziLzOdj+cFHi4=
Subject key identifier: 4D:0A:32:31:36:AE:7D:A8:3D:16:1D:EA:99:E8:10:7A:50:36:CC:D8
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0195A2E325C4431297D3C6E8D477C4B949D0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TQoyMTaufag9Fh3qmegQelA2zNg.roa
Signing time: Mon 17 Mar 2025 06:55:50 +0000
ROA not before: Mon 17 Mar 2025 06:55:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199760
IP address blocks: 88.209.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a2:e3:25:c4:43:12:97:d3:c6:e8:d4:77:c4:b9:49:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 17 06:55:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d0a323136ae7da83d161dea99e8107a5036ccd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b5:fc:e9:51:eb:c4:00:c7:ee:7f:a4:44:b5:
2c:37:86:49:0c:07:a8:85:bd:92:d9:8a:c0:8f:29:
7b:2b:9f:ed:fb:84:ed:f5:16:78:3d:9c:ee:06:01:
b6:55:20:60:f1:04:28:2b:56:75:59:c6:00:db:a8:
bf:ee:dc:91:fe:5b:36:65:a0:36:3c:bb:6c:79:cd:
19:c0:d0:5b:79:8e:b7:74:ca:40:5b:5b:fb:b6:3b:
aa:63:e4:28:37:3f:8d:22:23:99:7f:c0:3b:ef:e8:
a9:27:64:0d:25:5a:87:f7:8e:42:39:73:ec:4b:9d:
a2:4c:c7:34:c3:5e:2a:0f:fe:d8:5f:ed:59:20:13:
08:ad:79:66:cc:35:04:eb:ba:1a:fe:98:eb:b5:a2:
fb:d2:ab:88:36:ba:3d:bd:e1:1b:22:22:c4:bf:1a:
af:d4:7a:c0:34:dd:74:ea:b1:b9:aa:8f:2f:0f:3a:
c2:5e:40:10:ce:35:db:b6:e0:47:04:43:a6:33:97:
bd:67:81:35:eb:3b:b5:fb:11:23:a3:28:2d:2f:3f:
36:86:25:de:2f:63:13:64:fd:49:d5:be:e0:fc:a5:
d2:22:ae:c5:8f:9b:e4:eb:7b:89:2e:2f:f6:15:8e:
10:74:9d:9d:d9:f5:42:77:61:f7:90:3f:04:f3:c5:
ef:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0A:32:31:36:AE:7D:A8:3D:16:1D:EA:99:E8:10:7A:50:36:CC:D8
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TQoyMTaufag9Fh3qmegQelA2zNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.216.0/24
Signature Algorithm: sha256WithRSAEncryption
67:fb:2e:51:ab:ca:a5:99:52:13:ae:5d:1f:72:79:15:ea:c7:
de:9f:77:51:58:97:c5:8b:ba:51:a8:a5:ef:30:f3:54:dc:34:
64:ce:73:0f:6a:0d:1c:ee:ea:57:13:88:82:33:03:c1:44:64:
e8:96:dc:5f:3f:9c:f5:e0:fd:d6:f4:a0:f8:fd:8f:f9:1f:31:
07:6b:f3:ad:3f:55:a3:3f:2c:91:61:3f:0c:f5:20:1b:78:0b:
ec:79:66:31:74:af:6f:0f:c0:a6:c7:9d:5e:1b:33:92:10:73:
34:30:d7:54:ee:97:47:b2:d1:3a:ce:d7:ad:dd:bf:e0:2b:c3:
07:83:07:00:1c:fa:03:68:8c:88:91:cf:9c:07:bb:56:03:31:
a9:b2:af:9d:25:b0:1e:c5:b1:ad:bf:bd:47:6a:dc:de:01:b7:
1e:c1:f6:d1:2b:fd:47:7a:73:28:23:49:39:be:20:28:38:ab:
55:19:7a:c0:e0:c6:c3:44:e8:28:a6:de:10:f4:dd:e9:e8:38:
0e:ec:12:d0:a6:4f:e2:1c:bf:19:5a:78:1b:df:a7:04:a1:58:
0c:7c:dc:80:89:71:f7:d6:9b:1a:b2:6d:b8:e7:cd:93:40:2c:
1e:c4:d1:8f:03:b4:d5:66:cb:d7:d0:23:23:a0:39:64:86:ed:
60:17:ab:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWi4yXEQxKX08bo1HfEuUnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzE3MDY1NTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBhMzIzMTM2YWU3ZGE4M2QxNjFkZWE5OWU4MTA3YTUwMzZjY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7X86VHrxADH7n+kRLUsN4ZJDAeo
hb2S2YrAjyl7K5/t+4Tt9RZ4PZzuBgG2VSBg8QQoK1Z1WcYA26i/7tyR/ls2ZaA2
PLtsec0ZwNBbeY63dMpAW1v7tjuqY+QoNz+NIiOZf8A77+ipJ2QNJVqH945COXPs
S52iTMc0w14qD/7YX+1ZIBMIrXlmzDUE67oa/pjrtaL70quINro9veEbIiLEvxqv
1HrANN106rG5qo8vDzrCXkAQzjXbtuBHBEOmM5e9Z4E16zu1+xEjoygtLz82hiXe
L2MTZP1J1b7g/KXSIq7Fj5vk63uJLi/2FY4QdJ2d2fVCd2H3kD8E88XvHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0KMjE2rn2oPRYd6pnoEHpQNszYMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVFFveU1UYXVmYWc5RmgzcW1lZ1FlbEEyek5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHYMA0G
CSqGSIb3DQEBCwUAA4IBAQBn+y5Rq8qlmVITrl0fcnkV6sfen3dRWJfFi7pRqKXv
MPNU3DRkznMPag0c7upXE4iCMwPBRGToltxfP5z14P3W9KD4/Y/5HzEHa/OtP1Wj
PyyRYT8M9SAbeAvseWYxdK9vD8Cmx51eGzOSEHM0MNdU7pdHstE6ztet3b/gK8MH
gwcAHPoDaIyIkc+cB7tWAzGpsq+dJbAexbGtv71HatzeAbcewfbRK/1HenMoI0k5
viAoOKtVGXrA4MbDROgopt4Q9N3p6DgO7BLQpk/iHL8ZWngb36cEoVgMfNyAiXH3
1psasm24582TQCwexNGPA7TVZsvX0CMjoDlkhu1gF6vW
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:42:10 2025 by rpki-client