Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/bLr6r57MqGHm8nK9w2IYUZH55ic.roa
File: bLr6r57MqGHm8nK9w2IYUZH55ic.roa (raw, json)
Hash identifier: jUNvR24icg+/HoCVfLpAKbv7/xE1cDm9e9GWJS4plns=
Subject key identifier: 6C:BA:FA:AF:9E:CC:A8:61:E6:F2:72:BD:C3:62:18:51:91:F9:E6:27
Certificate issuer: /CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Certificate serial: 019420D619221EBEEE67446EEB791AB4DEE9
Authority key identifier: E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/bLr6r57MqGHm8nK9w2IYUZH55ic.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35547
IP address blocks: 188.119.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:19:22:1e:be:ee:67:44:6e:eb:79:1a:b4:de:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cbafaaf9ecca861e6f272bdc362185191f9e627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:40:66:8f:db:7b:91:13:01:64:1a:ec:72:05:
aa:c2:d4:29:68:1e:ea:d4:cd:7d:ed:df:b8:07:1b:
a5:39:f0:8d:42:79:74:8b:16:b1:6d:a5:b3:65:58:
15:e0:bb:c1:51:d3:58:58:6b:bc:d8:1e:69:55:5b:
32:9f:61:df:a6:18:e2:56:c6:1b:09:77:50:d4:f1:
c7:c0:a4:d2:4b:d0:74:a6:60:c0:0c:7b:ab:47:80:
3f:9b:34:51:83:c8:ae:4a:a0:6d:84:05:32:eb:c3:
f3:5b:74:07:1c:8d:f4:19:01:5d:5c:55:db:74:7b:
64:15:b4:9f:5a:a5:80:80:00:92:62:f0:3f:3c:b7:
48:45:70:4b:e2:38:06:92:bd:23:a4:3a:93:42:25:
a9:f3:f4:7e:5a:5c:48:59:8b:cd:c4:c9:17:ea:ff:
55:41:55:32:85:6d:d9:ed:01:70:6f:10:cf:ae:9f:
22:0a:16:82:0a:f8:f9:f4:fe:2e:39:4a:e3:39:fc:
46:3d:11:61:5b:6a:5d:a8:6f:83:0d:d5:cc:ab:c7:
af:f2:26:aa:63:31:67:2d:9c:53:7b:07:71:21:07:
b8:1b:10:f6:bd:24:99:eb:f1:3a:b8:4d:12:2b:66:
7e:bf:25:d2:36:40:87:d0:f6:39:2d:fb:88:79:ef:
9e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BA:FA:AF:9E:CC:A8:61:E6:F2:72:BD:C3:62:18:51:91:F9:E6:27
X509v3 Authority Key Identifier:
keyid:E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/bLr6r57MqGHm8nK9w2IYUZH55ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.35.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0e:64:67:42:21:98:b6:65:e7:54:df:e9:25:08:36:00:c9:
e5:7c:c4:12:44:2c:69:f4:58:52:90:50:ba:d8:58:87:3f:cf:
e8:44:f3:90:f7:bb:55:b8:9a:fb:38:ac:ff:9d:c8:73:d9:a8:
f8:d3:3d:90:35:e0:62:d8:ba:40:f9:61:cd:bf:12:d9:e7:95:
26:aa:12:f0:d7:4d:8f:99:05:64:52:d9:c0:c5:e2:02:71:19:
37:20:51:fc:98:2b:53:21:60:91:40:0c:ec:1f:a9:02:7e:1c:
ef:4b:a8:f5:e3:81:30:5b:13:75:19:dc:64:86:8c:0b:2a:a4:
5a:cd:4b:4f:01:f4:6c:ef:23:c5:a5:ad:c3:9b:a1:c6:c7:6b:
84:b6:71:e0:dd:6d:52:fa:c1:f8:aa:95:e6:70:22:9c:17:d4:
f5:93:8b:ca:25:e2:4c:6a:5e:d4:04:6d:a8:71:8f:99:1f:d1:
64:ea:39:2b:b3:09:d5:24:b0:59:33:bc:8a:19:ee:a8:fe:a8:
e8:f1:95:ee:79:4c:73:44:27:da:5d:cf:17:8e:06:42:a4:97:
62:da:8a:f8:de:28:2a:0f:d7:70:a0:7e:56:95:c0:7e:c9:d4:
d2:e0:75:0c:5a:fe:93:c2:ea:81:75:0e:f4:25:1a:f1:53:32:
01:4a:97:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hkiHr7uZ0Ru63katN7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGQ1YzI5YTM0Mzk3MDNkODliNWFiZjAzYTc1ZDg2MTc3
MWJlZjQwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JhZmFhZjllY2NhODYxZTZmMjcyYmRjMzYyMTg1MTkxZjllNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkBmj9t7kRMBZBrscgWqwtQpaB7q
1M197d+4BxulOfCNQnl0ixaxbaWzZVgV4LvBUdNYWGu82B5pVVsyn2HfphjiVsYb
CXdQ1PHHwKTSS9B0pmDADHurR4A/mzRRg8iuSqBthAUy68PzW3QHHI30GQFdXFXb
dHtkFbSfWqWAgACSYvA/PLdIRXBL4jgGkr0jpDqTQiWp8/R+WlxIWYvNxMkX6v9V
QVUyhW3Z7QFwbxDPrp8iChaCCvj59P4uOUrjOfxGPRFhW2pdqG+DDdXMq8ev8iaq
YzFnLZxTewdxIQe4GxD2vSSZ6/E6uE0SK2Z+vyXSNkCH0PY5LfuIee+eXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGy6+q+ezKhh5vJyvcNiGFGR+eYnMB8GA1UdIwQY
MBaAFOENXCmjQ5cD2JtavwOnXYYXcb70MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWIt
ZTQyYTU4MDY0YTYzLzEvYkxyNnI1N01xR0htOG5LOXcySVlVWkg1NWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWItZTQyYTU4MDY0YTYz
LzEvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHcjMA0G
CSqGSIb3DQEBCwUAA4IBAQBmDmRnQiGYtmXnVN/pJQg2AMnlfMQSRCxp9FhSkFC6
2FiHP8/oRPOQ97tVuJr7OKz/nchz2aj40z2QNeBi2LpA+WHNvxLZ55UmqhLw102P
mQVkUtnAxeICcRk3IFH8mCtTIWCRQAzsH6kCfhzvS6j144EwWxN1GdxkhowLKqRa
zUtPAfRs7yPFpa3Dm6HGx2uEtnHg3W1S+sH4qpXmcCKcF9T1k4vKJeJMal7UBG2o
cY+ZH9Fk6jkrswnVJLBZM7yKGe6o/qjo8ZXueUxzRCfaXc8XjgZCpJdi2or43igq
D9dwoH5WlcB+ydTS4HUMWv6TwuqBdQ70JRrxUzIBSpeS
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:14:49 2025 by rpki-client