Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/z3CwNMmW91OeZadetIEGWrLgAV8.roa
File: z3CwNMmW91OeZadetIEGWrLgAV8.roa (raw, json)
Hash identifier: TBa7E7IHnq9QvWerYacnX6IUM0n0LVVjA36Ue+17mgI=
Subject key identifier: CF:70:B0:34:C9:96:F7:53:9E:65:A7:5E:B4:81:06:5A:B2:E0:01:5F
Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013
Certificate serial: 01942444D472A8E3AF40FE61DA693943AD62
Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/z3CwNMmW91OeZadetIEGWrLgAV8.roa
Signing time: Wed 01 Jan 2025 23:47:58 +0000
ROA not before: Wed 01 Jan 2025 23:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 188.231.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d4:72:a8:e3:af:40:fe:61:da:69:39:43:ad:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013
Validity
Not Before: Jan 1 23:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf70b034c996f7539e65a75eb481065ab2e0015f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9c:b6:89:7d:80:7f:a1:b9:20:3d:ed:21:8e:
e2:87:77:04:0c:3a:08:68:d4:aa:4b:e4:aa:ec:e8:
55:f8:5c:73:5b:5b:04:13:d5:92:bd:16:4c:47:2f:
38:19:ed:73:13:10:ab:47:88:f6:fb:3f:43:dc:1d:
6e:9d:e2:71:9a:19:d5:d1:73:f8:ef:15:8b:c0:0b:
6b:58:a7:f8:01:09:f5:37:bf:81:21:da:f0:04:da:
40:e7:0e:f7:95:7f:ad:49:c8:07:6f:40:6e:37:31:
7f:f0:8a:db:ec:cb:66:a5:64:e5:bc:71:85:0d:ec:
ce:2b:39:65:f4:77:8f:16:a7:46:9a:78:d2:09:81:
cf:90:cd:5a:3c:dd:d3:6d:c0:2a:2d:2e:a9:c2:02:
f9:49:ef:52:f4:82:22:5e:23:45:d4:cc:87:8e:fd:
67:50:1f:65:22:04:9b:0a:b1:6e:f2:23:fa:50:b5:
44:71:f7:3d:80:36:9a:f4:a0:4b:fa:69:50:08:7b:
31:46:1e:ec:95:2c:10:94:73:92:13:1c:9f:0b:b3:
e8:8e:c1:0a:17:3a:76:2c:1b:53:9b:ef:00:a5:57:
80:94:2f:63:29:89:d2:c1:04:8e:1f:72:8b:7f:8b:
ed:d3:2f:f4:51:cc:ed:16:a4:2a:d9:f2:e5:43:91:
dc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:70:B0:34:C9:96:F7:53:9E:65:A7:5E:B4:81:06:5A:B2:E0:01:5F
X509v3 Authority Key Identifier:
keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/z3CwNMmW91OeZadetIEGWrLgAV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.231.0.0/17
Signature Algorithm: sha256WithRSAEncryption
20:1c:aa:9c:0a:b9:03:af:00:54:55:37:79:cc:d5:75:bd:fe:
61:8e:c4:d2:95:58:1e:d9:88:f0:5b:85:df:8e:a3:2f:de:10:
aa:8c:3b:a5:b8:9e:90:a2:a9:4d:3b:49:5f:5e:2e:65:a6:f7:
26:45:5b:10:df:fb:4d:18:88:79:fb:78:b6:6b:b5:8d:38:d6:
ab:a1:e7:d3:8a:aa:d4:52:ff:14:17:52:5b:c9:cc:64:b6:79:
55:59:7b:eb:ff:90:a0:55:8d:e7:52:57:72:6c:b5:d5:29:1a:
9b:74:5e:f1:cf:5d:ff:98:6b:c0:ca:5c:66:a1:df:ce:c9:3f:
c5:6c:b0:0c:8c:69:61:87:91:3c:a7:1e:67:b5:8e:56:ca:f7:
21:4b:ba:fd:a2:cb:69:86:0f:b7:95:6e:df:49:49:17:c1:81:
9a:b4:ee:69:89:04:bb:94:08:b9:77:64:20:ce:fc:48:3a:b2:
81:f2:be:f1:e8:e6:e7:d9:7e:49:15:ab:53:35:7c:c4:1d:70:
b4:88:b2:8c:2d:67:95:08:ab:7b:42:4a:4d:37:0f:96:46:e8:
e5:44:2c:5e:9b:e1:14:71:d5:41:42:9c:9f:b8:3c:05:cc:47:
a3:30:3a:55:67:3d:32:9e:d5:27:a1:30:ed:26:94:d9:1b:9d:
cc:f3:0e:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNRyqOOvQP5h2mk5Q61iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZmFkNzk1NDhhZmM1YzgzZTU5YmJmZTM4OGM2NDQ5MmNi
NTUwMTMwHhcNMjUwMTAxMjM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjcwYjAzNGM5OTZmNzUzOWU2NWE3NWViNDgxMDY1YWIyZTAwMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZy2iX2Af6G5ID3tIY7ih3cEDDoI
aNSqS+Sq7OhV+FxzW1sEE9WSvRZMRy84Ge1zExCrR4j2+z9D3B1uneJxmhnV0XP4
7xWLwAtrWKf4AQn1N7+BIdrwBNpA5w73lX+tScgHb0BuNzF/8Irb7MtmpWTlvHGF
DezOKzll9HePFqdGmnjSCYHPkM1aPN3TbcAqLS6pwgL5Se9S9IIiXiNF1MyHjv1n
UB9lIgSbCrFu8iP6ULVEcfc9gDaa9KBL+mlQCHsxRh7slSwQlHOSExyfC7PojsEK
Fzp2LBtTm+8ApVeAlC9jKYnSwQSOH3KLf4vt0y/0UcztFqQq2fLlQ5HcvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9wsDTJlvdTnmWnXrSBBlqy4AFfMB8GA1UdIwQY
MBaAFEP615VIr8XIPlm7/jiMZEkstVATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWIt
ZmU4NTVkYWJiNzVlLzEvejNDd05NbVc5MU9lWmFkZXRJRUdXckxnQVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWItZmU4NTVkYWJiNzVl
LzEvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHvOcAMA0G
CSqGSIb3DQEBCwUAA4IBAQAgHKqcCrkDrwBUVTd5zNV1vf5hjsTSlVge2YjwW4Xf
jqMv3hCqjDuluJ6QoqlNO0lfXi5lpvcmRVsQ3/tNGIh5+3i2a7WNONaroefTiqrU
Uv8UF1JbycxktnlVWXvr/5CgVY3nUldybLXVKRqbdF7xz13/mGvAylxmod/OyT/F
bLAMjGlhh5E8px5ntY5WyvchS7r9ostphg+3lW7fSUkXwYGatO5piQS7lAi5d2Qg
zvxIOrKB8r7x6Obn2X5JFatTNXzEHXC0iLKMLWeVCKt7QkpNNw+WRujlRCxem+EU
cdVBQpyfuDwFzEejMDpVZz0yntUnoTDtJpTZG53M8w5e
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:14 2025 by rpki-client