Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/1-g2qGyIDLotxJr6jyvuCwE9SDoo.roa
File: 1-g2qGyIDLotxJr6jyvuCwE9SDoo.roa (raw, json)
Hash identifier: ox4h4LnoAr4/PMYjKkzxk/lX+kgpfI0xggGwFC9kUEg=
Subject key identifier: FA:0D:AA:1B:22:03:2E:8B:71:26:BE:A3:CA:FB:82:C0:4F:52:0E:8A
Certificate issuer: /CN=cb20606de730456edd7335cc882cbdf4396f3460
Certificate serial: 019425FD6A4DB262FEA9096ED2C33F152CC5
Authority key identifier: CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/1-g2qGyIDLotxJr6jyvuCwE9SDoo.roa
Signing time: Thu 02 Jan 2025 07:49:12 +0000
ROA not before: Thu 02 Jan 2025 07:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209901
IP address blocks: 188.125.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:6a:4d:b2:62:fe:a9:09:6e:d2:c3:3f:15:2c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb20606de730456edd7335cc882cbdf4396f3460
Validity
Not Before: Jan 2 07:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa0daa1b22032e8b7126bea3cafb82c04f520e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6f:1e:3c:79:ef:9c:6a:98:d8:45:b5:0e:0e:
ba:52:3e:df:70:ee:50:9d:3a:4c:fb:9e:6c:ef:a5:
3e:af:fc:68:a4:d9:87:6f:c5:e9:aa:17:7f:c6:ee:
ea:84:2d:07:9c:6c:6e:eb:f1:8c:0d:c1:0d:79:25:
28:78:01:27:88:72:a4:0c:8b:3c:f7:da:e0:6e:67:
8c:20:47:e8:0a:45:d1:81:dc:c4:d8:34:cb:6f:ea:
2b:a7:c4:bb:a9:00:74:e8:5f:6a:7f:5e:44:18:cc:
a3:bf:23:33:75:55:54:6c:30:cd:bf:af:6f:a2:1f:
fe:dc:26:95:cf:4f:33:b4:e7:14:c9:44:df:fa:01:
60:88:f1:17:5b:65:4d:a5:ac:f0:7e:f2:38:06:e3:
5c:5c:32:f6:ac:13:20:cd:84:25:2f:c1:2e:a1:2e:
2e:8e:1b:37:c9:9d:9d:27:15:a8:de:5f:6b:da:9e:
78:c3:f1:fe:d8:d1:42:05:82:4e:6e:53:01:42:88:
10:54:15:64:e8:a3:92:b9:a6:40:e6:4e:8c:66:b7:
5d:ab:c8:cc:2c:25:0c:63:dd:51:74:3b:3a:8c:71:
54:70:a1:f8:da:bc:48:c2:1c:a9:80:a0:ed:a9:63:
1d:f4:19:8f:d6:a1:59:18:ca:1e:65:5b:41:8b:b1:
98:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0D:AA:1B:22:03:2E:8B:71:26:BE:A3:CA:FB:82:C0:4F:52:0E:8A
X509v3 Authority Key Identifier:
keyid:CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/1-g2qGyIDLotxJr6jyvuCwE9SDoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/yyBgbecwRW7dczXMiCy99DlvNGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.156.0/24
Signature Algorithm: sha256WithRSAEncryption
12:41:5d:64:c9:37:9f:50:6b:53:37:c7:ab:6f:bd:7c:54:27:
65:c0:ce:26:f8:44:0d:e1:62:ed:58:3d:78:a7:af:88:a9:de:
38:6a:07:77:b1:bf:fa:06:39:80:f5:78:38:4b:79:c7:26:3c:
69:a2:97:2f:48:e2:6d:c6:50:ad:98:ff:5f:c4:f5:3f:bf:2f:
a6:cb:99:e0:d9:53:ae:ec:e4:a6:15:77:11:fb:0e:9d:c7:c3:
28:84:08:a8:a2:eb:5a:9c:e4:e0:3b:c7:42:24:f4:15:20:50:
80:ae:ba:5c:24:b9:64:3c:23:87:24:20:2c:54:e1:cb:f1:47:
e3:ce:b0:02:ba:b3:c6:33:9e:91:60:36:35:3b:c3:fe:6c:a5:
98:ff:c3:2a:a1:e1:fe:55:91:a1:a1:ce:1a:3c:27:5f:ab:e1:
b3:a6:e9:00:39:50:bc:ae:60:f9:a3:d4:6c:23:e1:0b:22:1e:
bf:87:4d:31:59:14:d7:bc:85:4e:8e:3b:1e:26:6d:3b:53:e1:
2e:b2:6e:c4:ee:a9:dd:81:f3:48:9f:a8:ac:be:f6:7d:7c:87:
57:ef:86:9d:f4:80:06:fe:fa:f8:ea:55:b2:95:53:f1:73:b5:
d4:80:c1:d4:da:b6:9b:21:f0:ee:03:73:33:2d:72:c3:9a:06:
aa:59:10:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/WpNsmL+qQlu0sM/FSzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjA2MDZkZTczMDQ1NmVkZDczMzVjYzg4MmNiZGY0Mzk2
ZjM0NjAwHhcNMjUwMTAyMDc0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBkYWExYjIyMDMyZThiNzEyNmJlYTNjYWZiODJjMDRmNTIwZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG8ePHnvnGqY2EW1Dg66Uj7fcO5Q
nTpM+55s76U+r/xopNmHb8Xpqhd/xu7qhC0HnGxu6/GMDcENeSUoeAEniHKkDIs8
99rgbmeMIEfoCkXRgdzE2DTLb+orp8S7qQB06F9qf15EGMyjvyMzdVVUbDDNv69v
oh/+3CaVz08ztOcUyUTf+gFgiPEXW2VNpazwfvI4BuNcXDL2rBMgzYQlL8EuoS4u
jhs3yZ2dJxWo3l9r2p54w/H+2NFCBYJOblMBQogQVBVk6KOSuaZA5k6MZrddq8jM
LCUMY91RdDs6jHFUcKH42rxIwhypgKDtqWMd9BmP1qFZGMoeZVtBi7GYowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoNqhsiAy6LcSa+o8r7gsBPUg6KMB8GA1UdIwQY
MBaAFMsgYG3nMEVu3XM1zIgsvfQ5bzRgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlCZ2JlY3dSVzdkY3pYTWlDeTk5RGx2TkdBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZjdhMjgtYmYxZS00ODM1LWJlZWQt
YjNkODZhYTQzYmM1LzEvMS1nMnFHeUlETG90eEpyNmp5dnVDd0U5U0Rvby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTQvYmY3YTI4LWJmMWUtNDgzNS1iZWVkLWIzZDg2YWE0M2Jj
NS8xL3l5QmdiZWN3Ulc3ZGN6WE1pQ3k5OURsdk5HQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALx9nDAN
BgkqhkiG9w0BAQsFAAOCAQEAEkFdZMk3n1BrUzfHq2+9fFQnZcDOJvhEDeFi7Vg9
eKeviKneOGoHd7G/+gY5gPV4OEt5xyY8aaKXL0jibcZQrZj/X8T1P78vpsuZ4NlT
ruzkphV3EfsOncfDKIQIqKLrWpzk4DvHQiT0FSBQgK66XCS5ZDwjhyQgLFThy/FH
486wArqzxjOekWA2NTvD/mylmP/DKqHh/lWRoaHOGjwnX6vhs6bpADlQvK5g+aPU
bCPhCyIev4dNMVkU17yFTo47HiZtO1PhLrJuxO6p3YHzSJ+orL72fXyHV++GnfSA
Bv76+OpVspVT8XO11IDB1Nq2myHw7gNzMy1yw5oGqlkQQQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:14:33 2025 by rpki-client