Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dPsJh8so_OGOeB6OrHXBmVF-xTo.roa
File: dPsJh8so_OGOeB6OrHXBmVF-xTo.roa (raw, json)
Hash identifier: 7DuEegpyE/v8O0DAqoZg3ItwVVZDZ3DbZy0QXCDbpJA=
Subject key identifier: 74:FB:09:87:CB:28:FC:E1:8E:78:1E:8E:AC:75:C1:99:51:7E:C5:3A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FB9DB81259C960F4136F2C753079B5
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dPsJh8so_OGOeB6OrHXBmVF-xTo.roa
Signing time: Wed 01 Jan 2025 17:48:22 +0000
ROA not before: Wed 01 Jan 2025 17:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200017
IP address blocks: 88.209.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:9d:b8:12:59:c9:60:f4:13:6f:2c:75:30:79:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74fb0987cb28fce18e781e8eac75c199517ec53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c4:7f:08:89:e3:63:79:aa:60:80:37:a5:5a:
20:32:c9:cf:b2:fd:d1:06:91:34:51:d3:1a:b0:e8:
eb:cc:a7:e9:3d:10:46:48:d9:38:58:bb:09:d7:9c:
31:e0:af:de:3d:a4:d7:7c:7d:f7:56:24:53:f4:c3:
6b:b4:bf:83:cb:f7:3a:d3:a8:d4:d4:21:d7:7a:9a:
81:73:d3:2b:13:de:36:f8:f2:3f:f6:73:1c:11:71:
25:c5:b2:64:82:16:ee:ab:4f:92:94:bd:a0:a0:41:
5f:83:84:ba:bf:2e:ca:42:e5:b3:c1:3e:c6:16:81:
4e:66:1f:28:d0:36:1e:b9:52:0a:98:30:23:bf:89:
25:27:0a:f1:9d:8e:db:ec:6a:52:3b:7e:30:50:3f:
c9:21:ea:ea:50:d9:2b:4c:2a:e6:1e:04:06:d4:da:
0f:a7:8f:4e:f5:4a:54:7c:30:35:c6:7a:4e:9d:b7:
af:62:a8:8b:08:86:37:08:d8:b7:f8:06:81:23:ff:
16:eb:46:da:ca:19:8f:23:84:70:08:09:95:03:13:
3f:e2:36:1d:f0:b9:0c:27:7c:b8:c4:8c:57:49:95:
ff:ca:c9:e5:cd:60:64:4e:45:74:b5:2c:f6:18:eb:
20:02:a6:82:bf:b4:fe:39:fd:0d:2b:3a:57:cd:77:
91:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:FB:09:87:CB:28:FC:E1:8E:78:1E:8E:AC:75:C1:99:51:7E:C5:3A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dPsJh8so_OGOeB6OrHXBmVF-xTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:5e:14:47:9b:b0:8a:7d:df:ea:32:bc:d5:6d:b8:26:2c:12:
33:28:6a:a3:c9:96:67:35:1d:97:1a:8d:fc:9c:90:05:be:28:
29:43:e3:de:19:96:76:16:a8:f1:55:32:da:f7:2c:c2:fc:4b:
f4:cb:89:2f:ed:53:b6:22:62:48:73:5e:5f:3c:f5:6b:5c:29:
d7:f0:54:87:d1:8d:1a:d8:95:2d:6c:96:c5:ab:ea:98:73:5a:
c2:98:0d:a5:93:11:11:b5:96:87:b9:9c:45:28:09:c2:5b:30:
69:94:30:9b:5e:4b:89:94:96:02:10:1d:02:4d:67:84:52:23:
c2:35:4b:0e:e1:ed:51:fd:68:87:19:bd:7b:c6:f2:33:a9:96:
b7:87:eb:ff:6f:0a:f4:4d:15:d4:13:f8:d9:86:e4:57:a3:a3:
f2:7c:c1:d6:63:ca:1e:c5:50:93:6f:b1:ef:97:14:8c:a0:1c:
24:ee:38:2a:0e:f7:64:bd:b9:19:d5:78:64:a0:ab:b3:b8:b4:
1a:0a:3b:8b:6e:23:ac:61:d2:11:15:b3:3c:b2:ca:9e:0a:5a:
57:27:95:61:fc:2d:8a:7b:96:0a:9a:01:a8:43:e7:c3:de:c6:
67:4b:32:88:58:4d:e6:d9:24:cb:bf:25:89:95:5f:7b:fc:fa:
2c:99:8a:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+524ElnJYPQTbyx1MHm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGZiMDk4N2NiMjhmY2UxOGU3ODFlOGVhYzc1YzE5OTUxN2VjNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsR/CInjY3mqYIA3pVogMsnPsv3R
BpE0UdMasOjrzKfpPRBGSNk4WLsJ15wx4K/ePaTXfH33ViRT9MNrtL+Dy/c606jU
1CHXepqBc9MrE942+PI/9nMcEXElxbJkghbuq0+SlL2goEFfg4S6vy7KQuWzwT7G
FoFOZh8o0DYeuVIKmDAjv4klJwrxnY7b7GpSO34wUD/JIerqUNkrTCrmHgQG1NoP
p49O9UpUfDA1xnpOnbevYqiLCIY3CNi3+AaBI/8W60bayhmPI4RwCAmVAxM/4jYd
8LkMJ3y4xIxXSZX/ysnlzWBkTkV0tSz2GOsgAqaCv7T+Of0NKzpXzXeRyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHT7CYfLKPzhjngejqx1wZlRfsU6MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZFBzSmg4c29fT0dPZUI2T3JIWEJtVkYteFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHfMA0G
CSqGSIb3DQEBCwUAA4IBAQCwXhRHm7CKfd/qMrzVbbgmLBIzKGqjyZZnNR2XGo38
nJAFvigpQ+PeGZZ2FqjxVTLa9yzC/Ev0y4kv7VO2ImJIc15fPPVrXCnX8FSH0Y0a
2JUtbJbFq+qYc1rCmA2lkxERtZaHuZxFKAnCWzBplDCbXkuJlJYCEB0CTWeEUiPC
NUsO4e1R/WiHGb17xvIzqZa3h+v/bwr0TRXUE/jZhuRXo6PyfMHWY8oexVCTb7Hv
lxSMoBwk7jgqDvdkvbkZ1XhkoKuzuLQaCjuLbiOsYdIRFbM8ssqeClpXJ5Vh/C2K
e5YKmgGoQ+fD3sZnSzKIWE3m2STLvyWJlV97/PosmYo8
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:07:47 2025 by rpki-client