Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/xxqAQj5ApVpCjQK_UbA4qZzprNM.roa
File: xxqAQj5ApVpCjQK_UbA4qZzprNM.roa (raw, json)
Hash identifier: kbcAcd5UMZoHVsf0Y1OkYvbV4qpft1douUqZabuqL8g=
Subject key identifier: C7:1A:80:42:3E:40:A5:5A:42:8D:02:BF:51:B0:38:A9:9C:E9:AC:D3
Certificate issuer: /CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Certificate serial: 019420D618F85A56988C8A763AC92A8E625A
Authority key identifier: E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/xxqAQj5ApVpCjQK_UbA4qZzprNM.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34736
IP address blocks: 188.119.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:18:f8:5a:56:98:8c:8a:76:3a:c9:2a:8e:62:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c71a80423e40a55a428d02bf51b038a99ce9acd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c9:e0:1d:60:e6:dd:3e:4b:70:b1:2f:fe:eb:
42:18:39:ab:df:26:59:ec:8d:c0:de:fd:65:2c:81:
49:56:fe:71:f0:32:33:c9:19:f5:47:52:fe:50:35:
ac:48:ca:93:a5:df:68:e2:7d:66:44:58:c6:fc:21:
6f:2e:35:06:34:7a:a0:52:62:47:2e:a2:5c:8c:6c:
ae:3d:e7:5a:62:1c:e7:20:36:4e:cb:0a:44:b9:06:
4c:f0:6a:a0:1f:d8:1c:cb:ec:87:67:22:af:c1:bb:
aa:48:0d:54:62:3c:f3:2c:be:bb:e5:65:97:36:f6:
3a:65:eb:2f:04:fd:77:90:7b:88:64:36:5a:46:c8:
85:66:fa:26:81:0b:c4:5f:49:c5:71:15:da:9a:6d:
21:7f:42:5c:f6:d3:f6:b2:46:61:49:97:40:fa:a6:
d4:ca:bb:d1:56:47:b2:04:57:94:fb:b3:07:e6:c5:
ff:00:b8:35:79:47:f5:27:37:94:45:8e:fa:32:a9:
8d:c8:62:62:26:71:95:9f:86:93:62:6c:70:ad:cb:
7a:41:c0:fc:60:45:17:3c:4b:b9:cb:c6:73:82:b9:
2d:93:6f:f2:a2:0e:f2:91:c7:92:94:ff:4d:ef:a2:
48:e1:27:6d:36:76:89:b5:19:81:a4:1a:85:92:73:
e6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1A:80:42:3E:40:A5:5A:42:8D:02:BF:51:B0:38:A9:9C:E9:AC:D3
X509v3 Authority Key Identifier:
keyid:E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/xxqAQj5ApVpCjQK_UbA4qZzprNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.28.0/24
Signature Algorithm: sha256WithRSAEncryption
72:cb:ce:1c:47:68:38:21:0c:a2:b5:d3:c9:74:52:a5:57:55:
cc:f2:2f:79:24:13:06:a7:9f:4d:d8:1f:75:48:79:58:32:fd:
69:fb:38:d9:f3:3b:ca:f3:d9:51:13:14:45:dc:65:de:51:51:
46:15:9e:f1:21:3c:52:99:cf:3d:b8:a5:21:03:9e:32:c1:58:
a0:82:1a:7b:be:50:e2:97:18:5f:b3:47:a9:ab:9c:83:55:7f:
20:8f:05:14:4f:cb:64:f3:44:9a:a7:20:75:24:b9:96:a7:6b:
bb:ea:6c:00:06:3f:8d:a3:8e:28:4f:11:5d:06:44:26:6f:9d:
53:41:14:00:e0:59:b9:64:f8:fe:0e:c0:64:bd:70:6e:57:97:
5c:1e:ce:ef:fe:a6:e4:1d:75:f7:53:5f:9e:fa:10:1b:bb:7b:
d2:39:93:a3:16:77:84:6f:53:45:eb:cb:e2:57:6e:c8:9a:3a:
51:34:4c:94:29:0c:7e:ff:4c:1d:68:a8:3d:3c:84:79:b6:2c:
b8:21:25:72:a7:b2:a9:7f:c9:64:70:90:b6:8f:8b:39:74:a8:
20:db:18:ac:61:d7:e5:db:68:80:fb:bd:09:6d:4a:2c:26:98:
b2:67:b0:72:ad:a8:d8:5c:3b:2f:15:6a:dc:57:c1:60:0f:c8:
fb:09:4f:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hj4WlaYjIp2OskqjmJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGQ1YzI5YTM0Mzk3MDNkODliNWFiZjAzYTc1ZDg2MTc3
MWJlZjQwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzFhODA0MjNlNDBhNTVhNDI4ZDAyYmY1MWIwMzhhOTljZTlhY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08ngHWDm3T5LcLEv/utCGDmr3yZZ
7I3A3v1lLIFJVv5x8DIzyRn1R1L+UDWsSMqTpd9o4n1mRFjG/CFvLjUGNHqgUmJH
LqJcjGyuPedaYhznIDZOywpEuQZM8GqgH9gcy+yHZyKvwbuqSA1UYjzzLL675WWX
NvY6ZesvBP13kHuIZDZaRsiFZvomgQvEX0nFcRXamm0hf0Jc9tP2skZhSZdA+qbU
yrvRVkeyBFeU+7MH5sX/ALg1eUf1JzeURY76MqmNyGJiJnGVn4aTYmxwrct6QcD8
YEUXPEu5y8Zzgrktk2/yog7ykceSlP9N76JI4SdtNnaJtRmBpBqFknPm4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcagEI+QKVaQo0Cv1GwOKmc6azTMB8GA1UdIwQY
MBaAFOENXCmjQ5cD2JtavwOnXYYXcb70MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWIt
ZTQyYTU4MDY0YTYzLzEveHhxQVFqNUFwVnBDalFLX1ViQTRxWnpwck5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWItZTQyYTU4MDY0YTYz
LzEvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHccMA0G
CSqGSIb3DQEBCwUAA4IBAQByy84cR2g4IQyitdPJdFKlV1XM8i95JBMGp59N2B91
SHlYMv1p+zjZ8zvK89lRExRF3GXeUVFGFZ7xITxSmc89uKUhA54ywVigghp7vlDi
lxhfs0epq5yDVX8gjwUUT8tk80SapyB1JLmWp2u76mwABj+No44oTxFdBkQmb51T
QRQA4Fm5ZPj+DsBkvXBuV5dcHs7v/qbkHXX3U1+e+hAbu3vSOZOjFneEb1NF68vi
V27ImjpRNEyUKQx+/0wdaKg9PIR5tiy4ISVyp7Kpf8lkcJC2j4s5dKgg2xisYdfl
22iA+70JbUosJpiyZ7ByrajYXDsvFWrcV8FgD8j7CU9X
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:27:18 2025 by rpki-client