Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/DiWaQ483B87mmH9xBQjUT-gKREU.roa
File: DiWaQ483B87mmH9xBQjUT-gKREU.roa (raw, json)
Hash identifier: +HNilVQSXx0rRIqto+Np0Fi3ncazRRex3uQcgtaQ1OY=
Subject key identifier: 0E:25:9A:43:8F:37:07:CE:E6:98:7F:71:05:08:D4:4F:E8:0A:44:45
Certificate issuer: /CN=d6923df4dae91950cf00d235fe39e00eea3816d2
Certificate serial: 019421445639C235E4230A68867A8315DB6A
Authority key identifier: D6:92:3D:F4:DA:E9:19:50:CF:00:D2:35:FE:39:E0:0E:EA:38:16:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1pI99NrpGVDPANI1_jngDuo4FtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/DiWaQ483B87mmH9xBQjUT-gKREU.roa
Signing time: Wed 01 Jan 2025 09:48:34 +0000
ROA not before: Wed 01 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15614
IP address blocks: 178.209.128.0/19 maxlen: 19
213.168.176.0/20 maxlen: 20
2a02:13b8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:56:39:c2:35:e4:23:0a:68:86:7a:83:15:db:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6923df4dae91950cf00d235fe39e00eea3816d2
Validity
Not Before: Jan 1 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e259a438f3707cee6987f710508d44fe80a4445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:ff:83:19:39:09:63:aa:36:5a:db:fe:fb:
22:90:d8:83:3d:d8:46:fa:42:b9:d8:a5:d6:17:af:
6f:3e:c0:0b:a6:6f:12:1c:26:49:12:7d:ad:ec:24:
1f:fb:04:20:56:39:3c:cb:63:02:3e:a0:33:fa:8c:
83:3c:a4:f2:65:0c:91:f2:06:57:15:90:b5:3c:65:
1f:fa:73:0c:d4:21:a3:f0:29:ed:35:96:be:65:d1:
1c:2e:91:6a:76:77:53:27:e3:c7:55:70:b2:98:e8:
ed:80:29:b5:be:e3:11:37:d0:d8:cc:b3:52:f0:c8:
74:8b:aa:4d:de:34:3e:19:fa:86:41:53:9b:6d:96:
a7:ad:02:79:33:9c:f7:ee:f4:0d:8b:6f:88:10:93:
90:fc:99:22:2b:86:27:a5:fd:57:9d:15:18:b8:e2:
16:93:4a:b6:76:c8:11:4b:0b:e3:5d:ff:0d:99:a8:
cc:42:0e:04:33:f0:9d:0b:25:c8:9a:9e:67:95:0a:
cd:44:bd:be:b0:88:48:1a:ba:43:8a:94:e9:94:82:
b9:32:6a:f3:87:91:b3:5b:00:d5:3a:e8:bd:8d:72:
e8:73:88:9c:1d:18:18:3c:e8:34:2f:ca:21:c9:da:
e5:02:c0:55:5f:67:41:eb:9b:e3:1a:42:47:cd:65:
ef:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:25:9A:43:8F:37:07:CE:E6:98:7F:71:05:08:D4:4F:E8:0A:44:45
X509v3 Authority Key Identifier:
keyid:D6:92:3D:F4:DA:E9:19:50:CF:00:D2:35:FE:39:E0:0E:EA:38:16:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1pI99NrpGVDPANI1_jngDuo4FtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/DiWaQ483B87mmH9xBQjUT-gKREU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/1pI99NrpGVDPANI1_jngDuo4FtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.209.128.0/19
213.168.176.0/20
IPv6:
2a02:13b8::/29
Signature Algorithm: sha256WithRSAEncryption
71:36:7c:46:09:d1:bf:74:51:7c:f1:5a:e7:b0:83:d8:3a:76:
70:9b:05:4e:7f:59:34:9f:2a:8a:aa:ff:16:a4:bc:d9:c2:1e:
97:07:e6:32:81:9a:4f:f5:95:19:0c:1a:89:dc:1d:b6:3e:19:
de:5f:52:21:da:7c:95:75:5b:5e:fe:35:01:73:60:52:e5:4d:
01:f2:9d:73:31:5f:ac:5a:35:f0:89:6c:af:28:95:75:7f:7e:
e5:c4:af:b0:9e:3f:9d:99:14:9e:13:55:10:31:a6:db:00:5a:
08:53:c2:8a:2e:96:ba:68:4f:1f:81:d8:1e:29:d1:8c:8f:25:
8a:ac:80:04:e7:fa:5a:73:86:b4:70:82:12:5b:63:bf:47:80:
1d:f0:f1:95:db:21:5b:43:fb:13:96:6f:6e:be:03:ff:85:21:
16:39:13:e6:3b:a5:32:2c:45:01:92:cf:0f:85:1b:f3:35:ea:
a7:39:54:fe:8c:ee:27:35:a3:3d:55:e1:89:f6:35:2f:af:4c:
6e:ca:30:98:62:b3:11:4a:e9:e6:87:a2:08:ba:f0:ac:73:b5:
3b:31:2c:89:ee:f2:ff:c9:39:3c:06:43:92:21:71:6a:d5:ce:
c5:d0:60:ee:9b:21:c9:03:12:0c:34:4f:07:61:72:1e:f0:b1:
24:ac:58:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRFY5wjXkIwpohnqDFdtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OTIzZGY0ZGFlOTE5NTBjZjAwZDIzNWZlMzllMDBlZWEz
ODE2ZDIwHhcNMjUwMTAxMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTI1OWE0MzhmMzcwN2NlZTY5ODdmNzEwNTA4ZDQ0ZmU4MGE0NDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcH/gxk5CWOqNlrb/vsikNiDPdhG
+kK52KXWF69vPsALpm8SHCZJEn2t7CQf+wQgVjk8y2MCPqAz+oyDPKTyZQyR8gZX
FZC1PGUf+nMM1CGj8CntNZa+ZdEcLpFqdndTJ+PHVXCymOjtgCm1vuMRN9DYzLNS
8Mh0i6pN3jQ+GfqGQVObbZanrQJ5M5z37vQNi2+IEJOQ/JkiK4Ynpf1XnRUYuOIW
k0q2dsgRSwvjXf8NmajMQg4EM/CdCyXImp5nlQrNRL2+sIhIGrpDipTplIK5Mmrz
h5GzWwDVOui9jXLoc4icHRgYPOg0L8ohydrlAsBVX2dB65vjGkJHzWXvnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA4lmkOPNwfO5ph/cQUI1E/oCkRFMB8GA1UdIwQY
MBaAFNaSPfTa6RlQzwDSNf454A7qOBbSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXBJOTlOcnBHVkRQQU5JMV9qbmdEdW80RnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zMjY4MGQtMDNkOS00YWZhLTk0MTYt
OGQ2ZmMwMTA1MjNkLzEvRGlXYVE0ODNCODdtbUg5eEJRalVULWdLUkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zMjY4MGQtMDNkOS00YWZhLTk0MTYtOGQ2ZmMwMTA1MjNk
LzEvMXBJOTlOcnBHVkRQQU5JMV9qbmdEdW80RnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFstGAAwQE
1aiwMA0EAgACMAcDBQMqAhO4MA0GCSqGSIb3DQEBCwUAA4IBAQBxNnxGCdG/dFF8
8VrnsIPYOnZwmwVOf1k0nyqKqv8WpLzZwh6XB+YygZpP9ZUZDBqJ3B22PhneX1Ih
2nyVdVte/jUBc2BS5U0B8p1zMV+sWjXwiWyvKJV1f37lxK+wnj+dmRSeE1UQMabb
AFoIU8KKLpa6aE8fgdgeKdGMjyWKrIAE5/pac4a0cIISW2O/R4Ad8PGV2yFbQ/sT
lm9uvgP/hSEWORPmO6UyLEUBks8PhRvzNeqnOVT+jO4nNaM9VeGJ9jUvr0xuyjCY
YrMRSunmh6IIuvCsc7U7MSyJ7vL/yTk8BkOSIXFq1c7F0GDumyHJAxIMNE8HYXIe
8LEkrFgV
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:28:31 2025 by rpki-client