Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/Y4sICU63ha9zJlhS7qW2J4u6uws.roa
File: Y4sICU63ha9zJlhS7qW2J4u6uws.roa (raw, json)
Hash identifier: 8r93NKrnyk82rf3aCFqULEgo5C+BAoN2QmF3G7aUJlU=
Subject key identifier: 63:8B:08:09:4E:B7:85:AF:73:26:58:52:EE:A5:B6:27:8B:BA:BB:0B
Certificate issuer: /CN=88678ca34c3c6365fb616a66077160a494a6e9d6
Certificate serial: 0194228E3AF1DF647848808F20993CEB65DB
Authority key identifier: 88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/Y4sICU63ha9zJlhS7qW2J4u6uws.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20921
IP address blocks: 62.32.128.0/17 maxlen: 17
62.32.192.0/19 maxlen: 19
83.231.32.0/23 maxlen: 24
213.143.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3a:f1:df:64:78:48:80:8f:20:99:3c:eb:65:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88678ca34c3c6365fb616a66077160a494a6e9d6
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=638b08094eb785af73265852eea5b6278bbabb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3a:8b:e4:ad:bd:6b:6c:e6:f3:28:b4:1a:4e:
ea:36:d5:84:ad:89:56:29:b3:39:5e:c4:85:0c:4c:
96:d3:b3:90:eb:03:b1:36:f5:ae:64:64:84:d6:27:
60:cb:f5:af:93:56:d0:45:e2:0c:90:c0:44:4e:9c:
e2:66:4f:36:f8:3f:7d:03:d2:24:98:66:c5:da:13:
0a:24:cf:0e:1c:61:69:47:d4:74:24:0d:95:b1:cb:
e8:f6:1b:77:3d:78:4d:af:e7:1b:f7:99:a0:e7:ec:
e9:4e:7c:09:09:68:c5:b5:d8:4e:cb:11:fe:02:43:
0c:7c:aa:0e:c4:4a:0d:9f:49:5a:b0:5d:09:85:74:
ae:c5:ab:c1:d0:a6:d4:6d:dd:5f:b4:84:37:d8:eb:
28:a9:b6:9d:ec:05:df:c7:48:47:26:ee:e2:56:22:
c5:14:ad:bf:b5:a7:73:4d:f7:61:a3:3b:7a:08:da:
03:0c:41:bc:81:53:66:82:e7:73:8d:ea:99:c5:70:
24:ee:d9:92:ff:3b:2e:6e:b1:35:50:c4:d8:56:be:
61:25:3a:43:0d:5c:4e:5c:55:da:c8:48:5a:47:ea:
23:7e:7b:b1:88:6e:4b:00:d8:b1:da:11:97:01:8c:
66:c1:5e:90:ea:c5:3a:62:90:a5:7c:a4:20:0e:5e:
30:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:8B:08:09:4E:B7:85:AF:73:26:58:52:EE:A5:B6:27:8B:BA:BB:0B
X509v3 Authority Key Identifier:
keyid:88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/Y4sICU63ha9zJlhS7qW2J4u6uws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.128.0/17
83.231.32.0/23
213.143.36.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:56:01:de:64:84:d0:2a:60:dd:8b:f0:9a:07:38:ac:00:6a:
c1:b0:77:29:0b:01:86:cb:9c:ca:21:f9:46:da:58:49:df:a9:
62:e6:8e:7f:4d:06:00:03:1c:12:8e:19:6c:b4:2d:94:02:88:
1c:ef:d8:53:23:5e:d4:76:5f:be:e6:02:4c:9f:e9:f0:52:fc:
83:5c:cf:78:38:f3:ef:35:32:b0:b1:85:11:fd:f7:d2:0c:19:
b5:92:1c:cc:26:23:a3:cd:d2:db:0a:bd:fb:5d:76:4e:8c:2e:
77:ca:ab:86:25:8a:0e:75:17:95:9c:fd:73:14:ef:3c:97:9a:
0b:91:4b:72:6e:d4:d5:57:fe:58:af:0a:05:de:be:27:dd:e6:
0b:4b:3c:30:21:ff:73:5d:5b:2d:5e:27:75:89:ac:55:1a:56:
40:ff:65:88:dd:ea:7f:ee:dd:a7:2c:df:86:67:bc:62:2b:1d:
54:21:22:55:10:cb:74:c5:c5:39:78:00:52:59:64:37:09:cc:
d2:23:fd:60:be:72:6c:c9:d4:fb:35:a9:63:70:b4:9b:ec:61:
6f:2d:98:79:42:3f:89:f5:22:8c:b1:22:f8:87:46:28:67:1a:
de:7a:8a:cf:31:9d:4c:d2:e8:59:54:13:b5:6c:03:00:be:11:
53:e7:5b:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijjrx32R4SICPIJk862XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Njc4Y2EzNGMzYzYzNjVmYjYxNmE2NjA3NzE2MGE0OTRh
NmU5ZDYwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzhiMDgwOTRlYjc4NWFmNzMyNjU4NTJlZWE1YjYyNzhiYmFiYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTqL5K29a2zm8yi0Gk7qNtWErYlW
KbM5XsSFDEyW07OQ6wOxNvWuZGSE1idgy/Wvk1bQReIMkMBETpziZk82+D99A9Ik
mGbF2hMKJM8OHGFpR9R0JA2Vscvo9ht3PXhNr+cb95mg5+zpTnwJCWjFtdhOyxH+
AkMMfKoOxEoNn0lasF0JhXSuxavB0KbUbd1ftIQ32Osoqbad7AXfx0hHJu7iViLF
FK2/tadzTfdhozt6CNoDDEG8gVNmgudzjeqZxXAk7tmS/zsubrE1UMTYVr5hJTpD
DVxOXFXayEhaR+ojfnuxiG5LANix2hGXAYxmwV6Q6sU6YpClfKQgDl4wxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGOLCAlOt4WvcyZYUu6ltieLursLMB8GA1UdIwQY
MBaAFIhnjKNMPGNl+2FqZgdxYKSUpunWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQt
Zjg1ZjcyMWZiMWI4LzEvWTRzSUNVNjNoYTl6SmxoUzdxVzJKNHU2dXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQtZjg1ZjcyMWZiMWI4
LzEvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQHPiCAAwQB
U+cgAwQC1Y8kMA0GCSqGSIb3DQEBCwUAA4IBAQCqVgHeZITQKmDdi/CaBzisAGrB
sHcpCwGGy5zKIflG2lhJ36li5o5/TQYAAxwSjhlstC2UAogc79hTI17Udl++5gJM
n+nwUvyDXM94OPPvNTKwsYUR/ffSDBm1khzMJiOjzdLbCr37XXZOjC53yquGJYoO
dReVnP1zFO88l5oLkUtybtTVV/5YrwoF3r4n3eYLSzwwIf9zXVstXid1iaxVGlZA
/2WI3ep/7t2nLN+GZ7xiKx1UISJVEMt0xcU5eABSWWQ3CczSI/1gvnJsydT7Nalj
cLSb7GFvLZh5Qj+J9SKMsSL4h0YoZxreeorPMZ1M0uhZVBO1bAMAvhFT51tt
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:28:58 2025 by rpki-client