Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/13NXjmdLbT7nUavqjAF7DzEQvpo.roa
File: 13NXjmdLbT7nUavqjAF7DzEQvpo.roa (raw, json)
Hash identifier: b10Azpe22h/5Gx2g7b0Q9MR+x3bVRu7tw5JgDsV7530=
Subject key identifier: D7:73:57:8E:67:4B:6D:3E:E7:51:AB:EA:8C:01:7B:0F:31:10:BE:9A
Certificate issuer: /CN=cb20606de730456edd7335cc882cbdf4396f3460
Certificate serial: 019425FD69C2A74104A707BAA866A3EA342E
Authority key identifier: CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/13NXjmdLbT7nUavqjAF7DzEQvpo.roa
Signing time: Thu 02 Jan 2025 07:49:12 +0000
ROA not before: Thu 02 Jan 2025 07:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209269
IP address blocks: 188.125.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:69:c2:a7:41:04:a7:07:ba:a8:66:a3:ea:34:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb20606de730456edd7335cc882cbdf4396f3460
Validity
Not Before: Jan 2 07:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d773578e674b6d3ee751abea8c017b0f3110be9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f4:87:30:ff:9e:fb:d2:ca:06:83:92:6f:bd:
b4:30:0f:33:4b:05:57:bf:d1:70:db:15:8f:b7:6a:
8b:b9:4e:d2:a6:25:63:04:e8:e5:d7:a4:83:27:56:
d3:14:e9:f4:2b:48:08:4c:cc:36:cf:87:57:df:ee:
05:90:f5:f0:e4:60:87:6f:98:4c:3e:52:d7:06:58:
16:c7:d7:f4:7d:ab:63:1b:c2:e3:40:f9:b0:6f:4e:
75:be:94:69:9f:0e:61:83:16:bf:e0:7f:ed:b4:f6:
fb:3a:1e:c4:1b:5d:50:2d:f3:3a:47:b2:11:cd:36:
98:48:76:40:93:50:f9:e2:56:87:36:28:3e:99:70:
9c:bd:f1:df:64:48:59:35:fa:15:5d:65:8b:f8:9f:
f0:d8:89:a3:72:90:7e:0d:62:1d:0b:a2:f5:b1:c3:
5f:c6:4f:e6:1c:89:e5:ac:5a:de:62:41:3a:5f:07:
a9:a5:9d:c7:70:33:96:ea:0a:e1:9e:b3:84:ae:09:
61:8e:3f:bf:92:d6:6f:57:32:09:17:bb:0c:b4:b9:
ee:50:1c:f6:93:21:46:66:32:a9:4f:d3:46:31:54:
84:c0:ec:c2:10:7a:63:f5:64:5a:cf:f8:b7:48:fb:
e5:77:6e:0d:8f:67:00:0d:83:13:59:69:c0:ba:07:
17:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:73:57:8E:67:4B:6D:3E:E7:51:AB:EA:8C:01:7B:0F:31:10:BE:9A
X509v3 Authority Key Identifier:
keyid:CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/13NXjmdLbT7nUavqjAF7DzEQvpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/yyBgbecwRW7dczXMiCy99DlvNGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.158.0/24
Signature Algorithm: sha256WithRSAEncryption
86:49:54:07:7a:21:29:78:5c:57:cd:89:e5:19:06:6d:05:3e:
91:60:58:08:d1:85:37:c8:f5:1e:fb:1d:79:7a:b4:03:84:fb:
b0:f4:75:9b:1e:1e:db:9d:a8:aa:ca:6d:88:8d:c8:5d:17:a3:
ec:9c:4f:0c:54:83:7f:3e:90:56:d0:d7:ee:97:f7:e1:2c:63:
7e:eb:de:97:63:ae:70:f5:39:01:ff:e8:5d:af:55:60:ed:a0:
6d:88:b3:e7:89:0b:10:ec:60:38:53:b0:6c:c5:40:22:61:b5:
8e:5e:09:40:b7:d3:7d:3b:a4:56:57:bb:95:33:a3:bf:cd:9b:
55:44:ea:6d:96:18:af:80:df:6f:dc:18:13:33:95:54:47:30:
ce:df:3e:8c:81:ed:74:eb:36:c9:e5:22:f4:ef:96:f0:3b:44:
db:7e:48:3c:00:aa:0c:2b:79:38:77:6a:65:44:5c:3e:10:fd:
b5:14:df:e0:9a:a4:7e:3c:95:b9:90:15:c6:7c:62:73:e7:42:
97:6e:28:6a:90:ea:be:80:03:82:0d:30:0e:9a:9a:af:ff:18:
3d:06:22:68:47:91:7c:2f:a8:c5:51:22:41:31:ee:8d:ce:4a:
70:e2:92:5b:79:24:a9:cd:45:66:4a:25:88:e8:f7:42:40:b3:
24:65:2d:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/WnCp0EEpwe6qGaj6jQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjA2MDZkZTczMDQ1NmVkZDczMzVjYzg4MmNiZGY0Mzk2
ZjM0NjAwHhcNMjUwMTAyMDc0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzczNTc4ZTY3NGI2ZDNlZTc1MWFiZWE4YzAxN2IwZjMxMTBiZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvSHMP+e+9LKBoOSb720MA8zSwVX
v9Fw2xWPt2qLuU7SpiVjBOjl16SDJ1bTFOn0K0gITMw2z4dX3+4FkPXw5GCHb5hM
PlLXBlgWx9f0fatjG8LjQPmwb051vpRpnw5hgxa/4H/ttPb7Oh7EG11QLfM6R7IR
zTaYSHZAk1D54laHNig+mXCcvfHfZEhZNfoVXWWL+J/w2ImjcpB+DWIdC6L1scNf
xk/mHInlrFreYkE6XweppZ3HcDOW6grhnrOErglhjj+/ktZvVzIJF7sMtLnuUBz2
kyFGZjKpT9NGMVSEwOzCEHpj9WRaz/i3SPvld24Nj2cADYMTWWnAugcXOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdzV45nS20+51Gr6owBew8xEL6aMB8GA1UdIwQY
MBaAFMsgYG3nMEVu3XM1zIgsvfQ5bzRgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlCZ2JlY3dSVzdkY3pYTWlDeTk5RGx2TkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZjdhMjgtYmYxZS00ODM1LWJlZWQt
YjNkODZhYTQzYmM1LzEvMTNOWGptZExiVDduVWF2cWpBRjdEekVRdnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iZjdhMjgtYmYxZS00ODM1LWJlZWQtYjNkODZhYTQzYmM1
LzEveXlCZ2JlY3dSVzdkY3pYTWlDeTk5RGx2TkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvH2eMA0G
CSqGSIb3DQEBCwUAA4IBAQCGSVQHeiEpeFxXzYnlGQZtBT6RYFgI0YU3yPUe+x15
erQDhPuw9HWbHh7bnaiqym2IjchdF6PsnE8MVIN/PpBW0Nful/fhLGN+696XY65w
9TkB/+hdr1Vg7aBtiLPniQsQ7GA4U7BsxUAiYbWOXglAt9N9O6RWV7uVM6O/zZtV
ROptlhivgN9v3BgTM5VURzDO3z6Mge106zbJ5SL075bwO0Tbfkg8AKoMK3k4d2pl
RFw+EP21FN/gmqR+PJW5kBXGfGJz50KXbihqkOq+gAOCDTAOmpqv/xg9BiJoR5F8
L6jFUSJBMe6Nzkpw4pJbeSSpzUVmSiWI6PdCQLMkZS3B
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:21:33 2025 by rpki-client