Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/p45g5foq91zKggpm9xOru9V5Ta8.roa
File: p45g5foq91zKggpm9xOru9V5Ta8.roa (raw, json)
Hash identifier: aescxVeG95+vLWeERAq4yBUOFPEiqWqdLL4rR3/2YL0=
Subject key identifier: A7:8E:60:E5:FA:2A:F7:5C:CA:82:0A:66:F7:13:AB:BB:D5:79:4D:AF
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 019427479EE9FF04943C10AF3ED5F52E0111
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/p45g5foq91zKggpm9xOru9V5Ta8.roa
Signing time: Thu 02 Jan 2025 13:49:52 +0000
ROA not before: Thu 02 Jan 2025 13:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56616
IP address blocks: 2.188.168.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9e:e9:ff:04:94:3c:10:af:3e:d5:f5:2e:01:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 13:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a78e60e5fa2af75cca820a66f713abbbd5794daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:53:bb:d9:51:c0:ee:d6:f5:70:0b:a6:4e:18:
84:d0:56:51:1b:e2:c2:b6:af:e3:9c:18:b7:e7:ed:
db:9b:f2:57:54:ca:18:3c:9b:46:81:4c:1e:7e:1c:
55:87:ae:15:0d:73:8c:bb:14:64:db:42:b7:28:ba:
d9:89:75:a7:c6:e2:c9:8a:b4:40:23:9d:d5:33:95:
6c:f1:ec:78:0f:aa:34:2b:60:90:f9:15:33:8c:ca:
39:7f:f3:00:db:d5:b5:11:8b:87:f6:1d:c3:5f:64:
de:16:60:59:bb:60:21:9d:6f:76:9c:84:31:60:1f:
46:c2:63:70:f9:f3:a3:4e:c9:14:9a:d3:77:ef:aa:
31:65:a0:ba:40:cf:af:1d:14:fb:ce:6b:ff:5a:b7:
11:92:da:a4:50:e7:56:32:2f:23:9d:60:73:70:7c:
89:6b:10:11:71:f1:69:b8:4d:d0:10:38:57:f0:98:
bf:8a:ae:38:91:e4:5c:b1:d2:35:e5:62:46:df:ec:
99:f5:b4:34:47:65:33:04:32:b9:85:ce:d8:14:06:
8d:58:41:fb:52:f8:1a:70:b1:be:15:d5:69:b7:3e:
1a:4d:08:2c:71:21:a3:d7:c1:ae:81:c5:5a:94:4d:
a5:d2:9c:11:45:a2:4f:8a:f3:ee:7c:58:12:16:63:
69:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8E:60:E5:FA:2A:F7:5C:CA:82:0A:66:F7:13:AB:BB:D5:79:4D:AF
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/p45g5foq91zKggpm9xOru9V5Ta8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.168.0/21
Signature Algorithm: sha256WithRSAEncryption
23:2b:a8:fe:f5:ce:50:c7:1d:01:06:db:6e:2d:2c:81:30:f7:
fe:ee:e8:b5:ce:a0:95:24:e5:0e:64:c4:cf:f9:3b:0f:31:d1:
75:7f:75:e0:e2:13:f0:a6:60:90:c2:57:58:4d:6c:d5:f8:a7:
7c:44:dc:55:b0:de:e6:d7:af:21:9d:1f:0f:db:44:0e:ad:34:
5b:98:36:fb:3d:03:a5:ea:4c:e2:fa:b5:74:dd:85:c3:84:ba:
38:d7:72:7b:03:a9:dc:a5:a1:5a:f7:83:fb:53:08:0f:54:35:
89:e3:30:8d:9c:1a:6f:bd:f9:bf:82:cd:ea:37:bb:6a:4f:21:
1f:8c:c4:0e:66:fa:75:6f:5f:fc:2e:4e:d0:90:8a:b3:04:c3:
3d:f1:cd:eb:b5:d4:7d:76:b8:b0:18:e0:57:26:93:6d:6c:70:
38:61:2b:a0:e7:06:6a:37:70:c7:fb:11:f4:d4:4b:7a:91:c9:
77:78:dc:41:d8:ca:99:5e:ef:50:f0:68:de:71:1f:b2:de:28:
b3:bf:1d:b8:c0:06:32:3c:f6:12:6b:d1:4a:90:06:16:3e:1b:
86:68:e0:9b:3c:a0:7f:56:fc:d3:88:33:a5:e3:73:f8:56:08:
00:1a:0b:e0:88:e8:de:6c:f2:dc:5f:a1:ad:fc:2f:1b:69:7e:
07:d1:e4:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR57p/wSUPBCvPtX1LgERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTAyMTM0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhlNjBlNWZhMmFmNzVjY2E4MjBhNjZmNzEzYWJiYmQ1Nzk0ZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFO72VHA7tb1cAumThiE0FZRG+LC
tq/jnBi35+3bm/JXVMoYPJtGgUwefhxVh64VDXOMuxRk20K3KLrZiXWnxuLJirRA
I53VM5Vs8ex4D6o0K2CQ+RUzjMo5f/MA29W1EYuH9h3DX2TeFmBZu2AhnW92nIQx
YB9GwmNw+fOjTskUmtN376oxZaC6QM+vHRT7zmv/WrcRktqkUOdWMi8jnWBzcHyJ
axARcfFpuE3QEDhX8Ji/iq44keRcsdI15WJG3+yZ9bQ0R2UzBDK5hc7YFAaNWEH7
UvgacLG+FdVptz4aTQgscSGj18GugcValE2l0pwRRaJPivPufFgSFmNp7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeOYOX6KvdcyoIKZvcTq7vVeU2vMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvcDQ1ZzVmb3E5MXpLZ2dwbTl4T3J1OVY1VGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDAryoMA0G
CSqGSIb3DQEBCwUAA4IBAQAjK6j+9c5Qxx0BBttuLSyBMPf+7ui1zqCVJOUOZMTP
+TsPMdF1f3Xg4hPwpmCQwldYTWzV+Kd8RNxVsN7m168hnR8P20QOrTRbmDb7PQOl
6kzi+rV03YXDhLo413J7A6ncpaFa94P7UwgPVDWJ4zCNnBpvvfm/gs3qN7tqTyEf
jMQOZvp1b1/8Lk7QkIqzBMM98c3rtdR9driwGOBXJpNtbHA4YSug5wZqN3DH+xH0
1Et6kcl3eNxB2MqZXu9Q8GjecR+y3iizvx24wAYyPPYSa9FKkAYWPhuGaOCbPKB/
VvzTiDOl43P4VggAGgvgiOjebPLcX6Gt/C8baX4H0eQD
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:23:31 2025 by rpki-client