Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/A1KW118os4bN6GZpVdn7PonAYyA.roa
File: A1KW118os4bN6GZpVdn7PonAYyA.roa (raw, json)
Hash identifier: 0E3/6KCtgXhFSoxcjRlYDyNNLw29IBDYyS/cjhOkgJQ=
Subject key identifier: 03:52:96:D7:5F:28:B3:86:CD:E8:66:69:55:D9:FB:3E:89:C0:63:20
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01942823925265563D28DEFAC0D6D4DFCA04
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/A1KW118os4bN6GZpVdn7PonAYyA.roa
Signing time: Thu 02 Jan 2025 17:50:07 +0000
ROA not before: Thu 02 Jan 2025 17:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49981
IP address blocks: 188.209.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:92:52:65:56:3d:28:de:fa:c0:d6:d4:df:ca:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 2 17:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=035296d75f28b386cde8666955d9fb3e89c06320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2f:cf:63:b3:98:62:55:99:7f:19:ad:c9:fc:
1f:99:ad:60:68:fb:40:19:90:3f:d6:f6:23:4f:eb:
4b:dd:b8:c1:f9:68:a8:8b:df:ba:87:db:e8:ad:1d:
b6:83:43:0c:58:1d:8d:ed:6a:27:ae:58:59:23:7a:
0a:9b:56:df:7c:13:e7:5e:31:99:83:01:46:5d:1f:
00:19:58:04:b5:85:b3:2b:c3:71:32:9c:4f:99:ac:
06:1b:38:52:04:c0:f9:38:e9:2b:bc:e9:ca:5d:b8:
89:3a:85:4c:ae:2a:27:99:4b:5c:b7:f0:6d:a5:73:
cc:c1:53:c7:53:9d:43:20:7b:16:21:3f:6e:64:df:
34:82:21:3a:ee:97:6b:26:17:8e:61:31:4a:d3:84:
94:b6:50:ce:cc:a8:e3:fd:c0:70:60:6d:e5:4d:e2:
16:02:b9:28:e5:00:62:bb:20:f1:fe:b7:aa:14:ad:
8b:e5:7a:fc:90:8a:be:f6:bd:b0:6a:63:38:f3:d7:
cd:ec:d4:eb:9d:48:92:86:e2:0d:de:fb:32:25:a3:
55:96:1c:19:73:ff:51:8f:84:76:aa:14:00:bd:f3:
b8:7c:16:5e:b4:d5:ab:59:03:ce:9e:99:ce:79:ef:
47:80:b0:17:48:36:48:a3:5f:8f:31:a8:e5:42:24:
3e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:52:96:D7:5F:28:B3:86:CD:E8:66:69:55:D9:FB:3E:89:C0:63:20
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/A1KW118os4bN6GZpVdn7PonAYyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.137.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:5f:5c:dd:82:8a:14:36:c6:3c:9e:8c:21:d1:e4:e6:02:be:
87:54:46:f4:c1:7a:51:06:a9:28:3a:8f:0a:81:54:40:d7:a3:
25:e8:03:a0:dd:44:93:c3:a9:01:20:59:54:61:4f:8f:4d:b8:
5d:67:ed:c9:a4:88:e1:3b:ef:f0:1b:70:36:b7:84:c1:db:e5:
e7:40:34:48:29:40:ff:2f:02:e2:09:09:53:39:d7:4c:2a:c7:
f7:ab:0c:a8:70:5b:d1:13:9a:5f:77:6c:79:ab:35:5c:05:02:
11:c9:f1:56:06:93:11:fb:c6:a3:ba:91:8c:41:7c:af:30:25:
a0:d5:23:e1:ff:ca:be:1b:bf:29:2c:20:24:71:3f:3d:06:e0:
d8:80:31:ae:8b:8e:b6:b1:d0:ae:06:12:8f:5f:29:be:bd:74:
ba:2c:dd:58:3e:f9:a3:a7:4c:ee:c4:e7:82:5f:eb:ff:d8:9f:
4e:c3:4c:15:56:ce:1c:f8:65:ab:32:4b:5b:a2:ff:46:ef:b1:
57:c5:76:a5:a4:5f:7a:d0:6a:21:5b:11:dd:45:db:fa:1b:e9:
77:06:e3:00:8d:4f:55:cb:dc:05:1d:95:75:44:6c:58:c1:a3:
50:6c:51:58:08:cb:20:32:95:73:0b:2e:48:0d:d4:d5:7b:c9:
8d:f7:7d:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI5JSZVY9KN76wNbU38oEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjUwMTAyMTc1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzUyOTZkNzVmMjhiMzg2Y2RlODY2Njk1NWQ5ZmIzZTg5YzA2MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy/PY7OYYlWZfxmtyfwfma1gaPtA
GZA/1vYjT+tL3bjB+Wioi9+6h9vorR22g0MMWB2N7WonrlhZI3oKm1bffBPnXjGZ
gwFGXR8AGVgEtYWzK8NxMpxPmawGGzhSBMD5OOkrvOnKXbiJOoVMrionmUtct/Bt
pXPMwVPHU51DIHsWIT9uZN80giE67pdrJheOYTFK04SUtlDOzKjj/cBwYG3lTeIW
Arko5QBiuyDx/reqFK2L5Xr8kIq+9r2wamM489fN7NTrnUiShuIN3vsyJaNVlhwZ
c/9Rj4R2qhQAvfO4fBZetNWrWQPOnpnOee9HgLAXSDZIo1+PMajlQiQ+twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANSltdfKLOGzehmaVXZ+z6JwGMgMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvQTFLVzExOG9zNGJONkdacFZkbjdQb25BWXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGJMA0G
CSqGSIb3DQEBCwUAA4IBAQAaX1zdgooUNsY8nowh0eTmAr6HVEb0wXpRBqkoOo8K
gVRA16Ml6AOg3USTw6kBIFlUYU+PTbhdZ+3JpIjhO+/wG3A2t4TB2+XnQDRIKUD/
LwLiCQlTOddMKsf3qwyocFvRE5pfd2x5qzVcBQIRyfFWBpMR+8ajupGMQXyvMCWg
1SPh/8q+G78pLCAkcT89BuDYgDGui462sdCuBhKPXym+vXS6LN1YPvmjp0zuxOeC
X+v/2J9Ow0wVVs4c+GWrMktbov9G77FXxXalpF960GohWxHdRdv6G+l3BuMAjU9V
y9wFHZV1RGxYwaNQbFFYCMsgMpVzCy5IDdTVe8mN9334
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:21:42 2025 by rpki-client