Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/glZrlzesmyqv1ms4I_jINVAiItY.roa
File: glZrlzesmyqv1ms4I_jINVAiItY.roa (raw, json)
Hash identifier: e9Aesy+QmxKIAQLxzvdWfb0xc4e3fJilDhcUUEkMbkA=
Subject key identifier: 82:56:6B:97:37:AC:9B:2A:AF:D6:6B:38:23:F8:C8:35:50:22:22:D6
Certificate issuer: /CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Certificate serial: 019421B25AD648157268BA89535FEB9E6006
Authority key identifier: BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/glZrlzesmyqv1ms4I_jINVAiItY.roa
Signing time: Wed 01 Jan 2025 11:48:44 +0000
ROA not before: Wed 01 Jan 2025 11:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202513
IP address blocks: 87.239.52.0/22 maxlen: 24
185.147.16.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:5a:d6:48:15:72:68:ba:89:53:5f:eb:9e:60:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Validity
Not Before: Jan 1 11:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82566b9737ac9b2aafd66b3823f8c835502222d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:76:cc:20:e7:12:82:50:09:b6:e1:20:1e:75:
8a:6c:9f:ab:0f:0d:c2:ed:49:57:d2:48:5c:45:4f:
85:80:bc:71:ec:c2:97:ff:a3:bb:e5:f1:7c:72:39:
02:d4:85:fc:10:ad:58:b8:35:2b:eb:dc:fe:1c:08:
ac:39:2d:81:e4:01:b0:f6:f2:ae:5b:f3:86:a6:ce:
16:0a:18:63:35:40:48:56:93:6b:1b:12:74:34:6a:
55:e4:8c:a6:cd:85:67:96:04:ea:ce:1c:7e:ba:4b:
0f:3e:fc:49:ac:75:d6:f4:3f:4d:e0:dc:82:8a:da:
8f:26:35:bc:eb:49:42:49:62:cd:4e:cf:29:71:dd:
e6:21:da:c4:45:36:32:8e:90:37:b4:3e:bd:4b:27:
2b:06:f5:af:7e:02:14:d3:6c:b7:b5:b4:10:b6:9e:
44:b6:7f:85:30:0a:39:14:c7:f6:a6:87:5e:a6:67:
1d:49:c0:19:1b:74:26:b9:e1:64:e6:af:44:3e:df:
08:1e:dd:c8:70:c9:69:9c:9c:5a:22:62:11:1e:be:
02:7b:5d:36:75:d4:2e:13:69:3d:7f:cd:ce:c2:53:
3a:fc:0e:96:4a:b2:e8:30:62:b0:43:3f:eb:1d:ea:
31:be:67:ac:f1:63:eb:e2:a8:37:e5:74:3a:4c:94:
1c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:56:6B:97:37:AC:9B:2A:AF:D6:6B:38:23:F8:C8:35:50:22:22:D6
X509v3 Authority Key Identifier:
keyid:BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/glZrlzesmyqv1ms4I_jINVAiItY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/u0oK8VYzLTx-y1hfruOpDZvyoJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.52.0/22
185.147.16.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:8f:03:91:b0:81:ee:b6:87:8b:0c:fd:85:67:c3:76:ed:2c:
84:e1:85:96:4b:44:ab:ed:68:b4:e7:8a:30:c8:27:72:63:0c:
ed:32:83:a3:9f:9d:bf:d5:ef:5b:bb:f3:da:c3:26:55:6c:36:
5a:7a:9d:e6:59:f9:22:f0:a2:97:49:c7:cf:be:c0:fd:5c:17:
96:4b:6a:10:1e:35:00:00:da:e6:6f:c5:17:5f:85:a5:ca:ba:
cc:98:8b:91:c2:bb:c9:5f:98:50:9a:ee:92:7c:c0:35:73:d2:
a8:bc:9b:0d:f6:e9:30:4a:d4:73:a5:d7:7c:9b:f3:94:7c:48:
8f:26:47:43:1a:4a:77:54:5b:8e:1c:dd:0f:ec:76:78:7b:ec:
26:2b:5f:a3:72:84:98:20:d1:db:34:4a:99:2f:eb:e6:e4:f3:
48:e6:f3:db:3c:9e:ac:31:b7:ac:ed:9e:36:71:3e:1e:59:8a:
3d:8b:5d:02:ef:47:96:7d:75:97:a8:ca:e5:0a:2e:98:77:73:
6c:98:5d:b1:2a:af:c3:65:c3:ee:51:77:48:59:ac:e4:30:65:
aa:2f:fd:12:28:4f:62:48:67:34:18:db:3b:68:40:2c:ed:a0:
f1:37:9d:b6:bb:b3:92:62:9b:29:8c:89:09:ad:b4:78:5e:ee:
b3:1c:80:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhslrWSBVyaLqJU1/rnmAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNGEwYWYxNTYzMzJkM2M3ZWNiNTg1ZmFlZTNhOTBkOWJm
MmEwOTYwHhcNMjUwMTAxMTE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjU2NmI5NzM3YWM5YjJhYWZkNjZiMzgyM2Y4YzgzNTUwMjIyMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnbMIOcSglAJtuEgHnWKbJ+rDw3C
7UlX0khcRU+FgLxx7MKX/6O75fF8cjkC1IX8EK1YuDUr69z+HAisOS2B5AGw9vKu
W/OGps4WChhjNUBIVpNrGxJ0NGpV5IymzYVnlgTqzhx+uksPPvxJrHXW9D9N4NyC
itqPJjW860lCSWLNTs8pcd3mIdrERTYyjpA3tD69SycrBvWvfgIU02y3tbQQtp5E
tn+FMAo5FMf2podepmcdScAZG3QmueFk5q9EPt8IHt3IcMlpnJxaImIRHr4Ce102
ddQuE2k9f83OwlM6/A6WSrLoMGKwQz/rHeoxvmes8WPr4qg35XQ6TJQcRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIJWa5c3rJsqr9ZrOCP4yDVQIiLWMB8GA1UdIwQY
MBaAFLtKCvFWMy08fstYX67jqQ2b8qCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBvSzhWWXpMVHgteTFoZnJ1T3BEWnZ5b0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xYjA5OTgtYWI4MS00Y2NlLThjNDYt
ZjIxMjY2NjcyNWI0LzEvZ2xacmx6ZXNteXF2MW1zNElfaklOVkFpSXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xYjA5OTgtYWI4MS00Y2NlLThjNDYtZjIxMjY2NjcyNWI0
LzEvdTBvSzhWWXpMVHgteTFoZnJ1T3BEWnZ5b0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCV+80AwQC
uZMQMA0GCSqGSIb3DQEBCwUAA4IBAQC8jwORsIHutoeLDP2FZ8N27SyE4YWWS0Sr
7Wi054owyCdyYwztMoOjn52/1e9bu/PawyZVbDZaep3mWfki8KKXScfPvsD9XBeW
S2oQHjUAANrmb8UXX4WlyrrMmIuRwrvJX5hQmu6SfMA1c9KovJsN9ukwStRzpdd8
m/OUfEiPJkdDGkp3VFuOHN0P7HZ4e+wmK1+jcoSYINHbNEqZL+vm5PNI5vPbPJ6s
Mbes7Z42cT4eWYo9i10C70eWfXWXqMrlCi6Yd3NsmF2xKq/DZcPuUXdIWazkMGWq
L/0SKE9iSGc0GNs7aEAs7aDxN522u7OSYpspjIkJrbR4Xu6zHICX
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:22:32 2025 by rpki-client