Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/tPRSQBHqAt__Hc0IBm-wvE7P9hw.roa
File: tPRSQBHqAt__Hc0IBm-wvE7P9hw.roa (raw, json)
Hash identifier: kjuyUkwS8CF+Jh5frGKWkshFwtvNfieIuRX3/8igw/g=
Subject key identifier: B4:F4:52:40:11:EA:02:DF:FF:1D:CD:08:06:6F:B0:BC:4E:CF:F6:1C
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 019427B609427D19112B7E3305AE6CA96C5A
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/tPRSQBHqAt__Hc0IBm-wvE7P9hw.roa
Signing time: Thu 02 Jan 2025 15:50:28 +0000
ROA not before: Thu 02 Jan 2025 15:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39024
IP address blocks: 151.237.40.0/21 maxlen: 21
194.69.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:09:42:7d:19:11:2b:7e:33:05:ae:6c:a9:6c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jan 2 15:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4f4524011ea02dfff1dcd08066fb0bc4ecff61c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3d:2e:6d:d0:d1:33:64:56:21:ec:67:be:a1:
b4:26:05:db:1e:61:3f:c7:3e:53:de:1d:33:cf:d4:
ef:ad:97:a2:ae:c1:9e:58:5c:2c:e2:8e:1f:38:1c:
01:33:59:4d:6f:cc:ba:b2:6d:4a:66:70:8a:67:47:
81:bf:41:03:2e:89:b5:ae:55:9f:11:4a:8e:7d:f3:
9f:e8:1d:60:17:09:02:b8:14:36:fa:8f:e2:70:dc:
96:22:19:88:7b:fd:2b:76:fd:c1:d2:c5:89:aa:c6:
66:f1:5f:36:7f:c6:9e:61:b6:41:06:7c:5a:cc:2a:
b2:90:3a:3e:ef:a4:93:20:73:07:63:43:64:a5:39:
40:7c:79:4a:6e:c5:a7:1f:fc:fe:f8:a0:bc:43:df:
7f:e3:56:ee:32:a8:d1:c7:60:a4:96:cf:8f:35:83:
e9:ae:63:1b:6d:87:74:85:a2:1d:85:c1:f2:bb:20:
d0:9b:5e:df:92:9d:85:ba:44:ec:44:4a:47:07:32:
42:af:9f:e8:c5:86:6d:7d:28:0e:18:5e:ae:ae:ee:
36:bf:4f:75:48:e7:7d:b0:24:38:09:30:85:b0:d4:
76:d6:52:62:55:5d:0c:01:a8:b6:20:88:8a:69:d1:
7d:bf:22:90:dd:8c:0e:12:a5:cd:99:be:4b:90:d9:
46:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F4:52:40:11:EA:02:DF:FF:1D:CD:08:06:6F:B0:BC:4E:CF:F6:1C
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/tPRSQBHqAt__Hc0IBm-wvE7P9hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.40.0/21
194.69.200.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:59:22:05:6b:12:69:7f:8a:b3:d7:61:c8:e6:f1:55:e7:6b:
50:d7:91:f9:1f:c5:eb:0c:c8:c4:b1:6a:0a:61:18:66:e7:a6:
bc:41:10:dd:a3:cb:e6:ed:ab:3c:54:e4:26:d6:0c:02:78:86:
2b:50:95:e0:24:bf:05:c6:f4:a0:da:ab:27:8c:85:e5:d4:42:
60:36:da:63:b0:38:86:5d:ae:44:03:09:81:f7:e5:0c:ad:a9:
24:1c:58:bc:6c:1d:62:24:43:73:08:a8:d7:06:72:2d:4f:78:
9b:c3:49:29:e8:99:61:54:0b:90:d4:ce:70:59:d8:35:75:b5:
c4:0a:3f:84:06:e6:16:0d:dc:f1:b0:58:75:b0:27:72:f9:85:
51:38:4b:3d:d4:ca:7c:09:35:68:54:17:76:21:f3:23:9b:e6:
5e:85:08:af:f5:b5:55:15:5f:e4:96:f6:a4:ad:04:c2:83:df:
60:1f:bd:a7:e3:07:e6:b2:aa:d7:38:1e:61:98:92:3e:3b:90:
3a:7e:50:cd:cc:e5:46:bc:81:7d:06:95:77:1c:a1:31:45:e4:
d4:b6:8e:bb:b2:dc:6f:a7:57:9e:ea:16:4a:c2:f2:b7:a0:af:
03:7b:f1:7d:e2:e5:bb:00:f8:07:e3:5c:7b:e0:4e:8a:51:9f:
d5:fa:43:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntglCfRkRK34zBa5sqWxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjUwMTAyMTU1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY0NTI0MDExZWEwMmRmZmYxZGNkMDgwNjZmYjBiYzRlY2ZmNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3z0ubdDRM2RWIexnvqG0JgXbHmE/
xz5T3h0zz9TvrZeirsGeWFws4o4fOBwBM1lNb8y6sm1KZnCKZ0eBv0EDLom1rlWf
EUqOffOf6B1gFwkCuBQ2+o/icNyWIhmIe/0rdv3B0sWJqsZm8V82f8aeYbZBBnxa
zCqykDo+76STIHMHY0NkpTlAfHlKbsWnH/z++KC8Q99/41buMqjRx2Ckls+PNYPp
rmMbbYd0haIdhcHyuyDQm17fkp2FukTsREpHBzJCr5/oxYZtfSgOGF6uru42v091
SOd9sCQ4CTCFsNR21lJiVV0MAai2IIiKadF9vyKQ3YwOEqXNmb5LkNlGuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLT0UkAR6gLf/x3NCAZvsLxOz/YcMB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEvdFBSU1FCSHFBdF9fSGMwSUJtLXd2RTdQOWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDl+0oAwQA
wkXIMA0GCSqGSIb3DQEBCwUAA4IBAQBsWSIFaxJpf4qz12HI5vFV52tQ15H5H8Xr
DMjEsWoKYRhm56a8QRDdo8vm7as8VOQm1gwCeIYrUJXgJL8FxvSg2qsnjIXl1EJg
NtpjsDiGXa5EAwmB9+UMrakkHFi8bB1iJENzCKjXBnItT3ibw0kp6JlhVAuQ1M5w
Wdg1dbXECj+EBuYWDdzxsFh1sCdy+YVROEs91Mp8CTVoVBd2IfMjm+ZehQiv9bVV
FV/klvakrQTCg99gH72n4wfmsqrXOB5hmJI+O5A6flDNzOVGvIF9BpV3HKExReTU
to67stxvp1ee6hZKwvK3oK8De/F94uW7APgH41x74E6KUZ/V+kOw
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:39 2025 by rpki-client