Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/_GNQSp_bGjydsnVDpRHY8XNNqhs.roa
File: _GNQSp_bGjydsnVDpRHY8XNNqhs.roa (raw, json)
Hash identifier: pDYhj1QM7SQ6UTwVMyRGZcrJ6AnEuDllBqLjotU+jDg=
Subject key identifier: FC:63:50:4A:9F:DB:1A:3C:9D:B2:75:43:A5:11:D8:F1:73:4D:AA:1B
Certificate issuer: /CN=6bb95cfc2d187f40530ef083bbd10c88c4956c1d
Certificate serial: 0194228E098ABB06FA75BB3426EA503965A8
Authority key identifier: 6B:B9:5C:FC:2D:18:7F:40:53:0E:F0:83:BB:D1:0C:88:C4:95:6C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/_GNQSp_bGjydsnVDpRHY8XNNqhs.roa
Signing time: Wed 01 Jan 2025 15:48:41 +0000
ROA not before: Wed 01 Jan 2025 15:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 188.172.137.0/24 maxlen: 24
188.172.138.0/24 maxlen: 24
2a03:7d40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:09:8a:bb:06:fa:75:bb:34:26:ea:50:39:65:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bb95cfc2d187f40530ef083bbd10c88c4956c1d
Validity
Not Before: Jan 1 15:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc63504a9fdb1a3c9db27543a511d8f1734daa1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:d4:fd:4f:73:2c:3e:df:82:21:97:ca:19:
38:2f:ad:ea:65:5a:ff:91:31:93:ec:d8:84:c5:e4:
8c:7b:a2:26:bb:8a:c0:2a:72:11:ad:fc:e0:70:f6:
70:23:6a:8b:2f:6f:d6:9f:ef:67:25:bf:d7:cb:2a:
e8:03:e5:b7:d5:3c:00:bf:a4:98:d0:5a:06:c2:25:
ed:6a:33:a6:cf:fd:1b:a6:3c:9c:5b:ab:98:e7:99:
a9:e6:07:86:78:2e:41:bb:22:24:97:9d:a1:74:93:
e0:7b:8b:ac:d0:6f:ba:79:c5:a9:16:8b:82:ae:fd:
43:e0:3e:c8:eb:fe:8f:8f:c2:98:75:71:e8:c0:be:
1f:3d:0e:85:0a:71:b2:ab:c8:fb:bb:bd:9b:b1:c1:
92:f2:ac:8e:ac:ab:5b:4e:52:85:01:3c:1f:7f:e1:
9b:14:ee:65:0a:4c:a5:4d:3d:7e:af:bd:96:3b:a0:
eb:cb:b4:3b:9c:56:1a:e4:08:4e:1f:6f:92:a6:5a:
b8:7c:64:d0:59:22:17:31:77:02:48:82:02:ec:27:
a8:5b:45:cd:02:96:5b:34:b5:cd:f5:9d:8c:e0:59:
31:98:8b:c3:b1:d0:b5:58:a5:67:0b:46:80:b4:c6:
28:c0:48:a6:42:a9:29:72:3f:5b:ad:df:2e:08:38:
ec:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:63:50:4A:9F:DB:1A:3C:9D:B2:75:43:A5:11:D8:F1:73:4D:AA:1B
X509v3 Authority Key Identifier:
keyid:6B:B9:5C:FC:2D:18:7F:40:53:0E:F0:83:BB:D1:0C:88:C4:95:6C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/_GNQSp_bGjydsnVDpRHY8XNNqhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.172.137.0-188.172.138.255
IPv6:
2a03:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
0b:9a:08:18:aa:6e:7f:f4:69:d3:bb:85:92:14:e1:9e:0b:9f:
bc:90:a6:0f:65:df:34:3d:1a:95:4f:db:73:f2:95:19:5f:f0:
cb:f5:db:de:47:e0:8b:51:00:f3:5d:37:1f:8e:7a:96:f0:a6:
d9:68:a6:0c:14:cd:b1:10:5b:4d:2a:ad:96:19:d1:2a:c4:17:
40:96:99:b1:2d:cc:cd:ea:56:8f:ce:37:f3:43:c3:c2:bc:8c:
d2:5d:02:c1:38:dc:db:83:4e:12:75:8c:f7:53:ab:4c:02:7c:
0e:6b:ff:f0:9f:17:f1:c0:b5:ff:11:7e:e6:68:9d:bc:98:16:
68:a5:2f:68:b1:d1:a8:e8:8a:a1:b7:ef:09:88:02:4e:e9:6c:
c2:00:f2:0e:fa:c9:1e:8a:9d:b0:45:1b:56:eb:f9:d2:af:a7:
45:e2:62:f7:52:c2:a2:99:09:3d:28:fe:71:b3:39:82:27:09:
f9:b8:4c:66:33:cc:86:68:f1:f5:ba:80:23:18:b9:f9:9a:f1:
c7:23:a7:5a:fc:7f:36:fb:f9:53:e7:60:04:2c:b8:72:94:b2:
83:de:fa:39:29:df:fa:24:ec:c0:9f:b5:32:4f:a5:c0:82:7e:
fe:30:58:54:71:67:ff:0e:15:e0:f1:c7:ec:ff:b1:61:a9:09:
84:b8:94:c2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQijgmKuwb6dbs0JupQOWWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYjk1Y2ZjMmQxODdmNDA1MzBlZjA4M2JiZDEwYzg4YzQ5
NTZjMWQwHhcNMjUwMTAxMTU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzYzNTA0YTlmZGIxYTNjOWRiMjc1NDNhNTExZDhmMTczNGRhYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGLU/U9zLD7fgiGXyhk4L63qZVr/
kTGT7NiExeSMe6Imu4rAKnIRrfzgcPZwI2qLL2/Wn+9nJb/XyyroA+W31TwAv6SY
0FoGwiXtajOmz/0bpjycW6uY55mp5geGeC5BuyIkl52hdJPge4us0G+6ecWpFouC
rv1D4D7I6/6Pj8KYdXHowL4fPQ6FCnGyq8j7u72bscGS8qyOrKtbTlKFATwff+Gb
FO5lCkylTT1+r72WO6Dry7Q7nFYa5AhOH2+Splq4fGTQWSIXMXcCSIIC7CeoW0XN
ApZbNLXN9Z2M4FkxmIvDsdC1WKVnC0aAtMYowEimQqkpcj9brd8uCDjs6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPxjUEqf2xo8nbJ1Q6UR2PFzTaobMB8GA1UdIwQY
MBaAFGu5XPwtGH9AUw7wg7vRDIjElWwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdsY19DMFlmMEJURHZDRHU5RU1pTVNWYkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81NDdhN2YtNGJhZi00YjdlLWFmYjgt
NDY2MDEzNDM1MDc5LzEvX0dOUVNwX2JHanlkc25WRHBSSFk4WE5OcWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81NDdhN2YtNGJhZi00YjdlLWFmYjgtNDY2MDEzNDM1MDc5
LzEvYTdsY19DMFlmMEJURHZDRHU5RU1pTVNWYkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC8rIkD
BAC8rIowDQQCAAIwBwMFACoDfUAwDQYJKoZIhvcNAQELBQADggEBAAuaCBiqbn/0
adO7hZIU4Z4Ln7yQpg9l3zQ9GpVP23PylRlf8Mv1295H4ItRAPNdNx+Oepbwptlo
pgwUzbEQW00qrZYZ0SrEF0CWmbEtzM3qVo/ON/NDw8K8jNJdAsE43NuDThJ1jPdT
q0wCfA5r//CfF/HAtf8RfuZonbyYFmilL2ix0ajoiqG37wmIAk7pbMIA8g76yR6K
nbBFG1br+dKvp0XiYvdSwqKZCT0o/nGzOYInCfm4TGYzzIZo8fW6gCMYufma8ccj
p1r8fzb7+VPnYAQsuHKUsoPe+jkp3/ok7MCftTJPpcCCfv4wWFRxZ/8OFeDxx+z/
sWGpCYS4lMI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:24:12 2025 by rpki-client