Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/mDlTIXtyMC1YUf8yxleTLLfvbP0.roa
File: mDlTIXtyMC1YUf8yxleTLLfvbP0.roa (raw, json)
Hash identifier: leXsGqcCg4EKhJFC1aPC5eeC/eow2ykRnzqfbw1Pp7c=
Subject key identifier: 98:39:53:21:7B:72:30:2D:58:51:FF:32:C6:57:93:2C:B7:EF:6C:FD
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 0194BBB6593BBE521100946BA1B47A63D1CA
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/mDlTIXtyMC1YUf8yxleTLLfvbP0.roa
Signing time: Fri 31 Jan 2025 09:34:37 +0000
ROA not before: Fri 31 Jan 2025 09:34:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 65632
IP address blocks: 188.125.163.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:b6:59:3b:be:52:11:00:94:6b:a1:b4:7a:63:d1:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 31 09:34:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=983953217b72302d5851ff32c657932cb7ef6cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d3:03:68:bb:3c:eb:24:a8:f2:f2:33:0b:ad:
17:74:2f:60:e6:01:67:f3:47:f8:e5:1a:d6:0e:cf:
c0:8b:fa:cf:29:e3:2a:a5:1b:35:0e:14:e8:6a:c3:
80:0c:11:c5:81:fc:76:49:fa:f4:69:07:69:46:f3:
77:d5:f7:da:99:74:5c:15:0a:8e:d4:55:6d:d4:c9:
a8:08:34:10:3b:c7:c7:11:35:54:d9:14:69:0b:dc:
e7:00:8c:4e:f3:f0:ab:8b:57:2c:12:0c:de:70:2b:
1a:3c:d7:92:a6:d9:28:f6:6c:1b:f2:1b:5d:5f:d0:
8e:7f:69:8e:d1:8f:34:9c:5c:49:ea:1a:b5:7d:80:
95:a8:df:b7:a2:71:a9:51:c0:60:d4:67:90:85:d3:
a3:bd:43:6c:ab:50:fe:29:83:13:30:7e:86:54:a6:
bf:40:7c:02:c7:e5:45:f7:74:d9:86:33:98:d5:4f:
ef:6b:9a:e7:5d:0e:8f:44:db:33:08:09:50:15:4b:
79:59:e2:79:69:01:f5:f4:63:21:ee:e2:33:b5:22:
fb:0c:8e:ec:a8:8b:76:3b:cf:f0:b4:e8:50:47:16:
f9:d7:3a:f1:39:99:ff:ee:7a:d8:7d:d3:20:ed:e9:
ce:09:7a:aa:24:24:a2:06:bf:a4:5f:92:25:ae:71:
b7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:39:53:21:7B:72:30:2D:58:51:FF:32:C6:57:93:2C:B7:EF:6C:FD
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/mDlTIXtyMC1YUf8yxleTLLfvbP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.163.0-188.125.164.255
188.125.166.0/24
188.125.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4b:67:a3:85:7e:f4:bb:90:d4:ee:d4:f4:96:15:ed:18:3a:
8b:47:67:de:55:29:63:ce:cf:3d:3d:24:9d:13:6f:59:fd:ec:
d9:2a:fe:e0:00:4a:6c:2e:13:19:9f:9e:f3:9a:dc:c3:4d:9a:
49:05:9a:29:f4:66:af:b9:b5:e5:1c:24:61:4d:ee:3a:7e:d0:
25:dd:ed:b5:de:fb:41:15:ad:7d:e4:39:7a:01:16:b1:f8:27:
c5:f5:8f:c3:a3:22:46:df:85:a5:0b:cf:a1:95:2a:34:60:02:
94:91:d6:24:24:5c:28:c9:89:a7:00:62:66:cb:dc:27:29:04:
40:6e:b9:c3:f1:ea:d4:cf:86:65:54:6c:3a:0c:3e:ff:51:e4:
ff:43:4d:5a:d8:d9:84:51:1d:5b:0c:07:61:f9:db:00:6c:78:
36:b0:7f:7a:bc:ca:b1:34:3d:1a:c8:d9:91:54:59:0c:d1:48:
5b:ce:05:bb:9c:5c:0b:00:ab:43:d9:c6:39:26:89:5c:d5:c3:
40:79:fc:df:8c:65:76:c0:b1:36:22:a1:4f:fe:82:7a:21:c4:
6a:82:8b:8b:2e:7e:93:c8:8f:fe:62:97:81:e7:61:4e:37:18:
5e:e7:b5:9d:73:1d:5a:a6:05:ca:0b:a7:31:67:d0:1c:51:5d:
08:6a:27:aa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZS7tlk7vlIRAJRrobR6Y9HKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjUwMTMxMDkzNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM5NTMyMTdiNzIzMDJkNTg1MWZmMzJjNjU3OTMyY2I3ZWY2Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9MDaLs86ySo8vIzC60XdC9g5gFn
80f45RrWDs/Ai/rPKeMqpRs1DhToasOADBHFgfx2Sfr0aQdpRvN31ffamXRcFQqO
1FVt1MmoCDQQO8fHETVU2RRpC9znAIxO8/Cri1csEgzecCsaPNeSptko9mwb8htd
X9COf2mO0Y80nFxJ6hq1fYCVqN+3onGpUcBg1GeQhdOjvUNsq1D+KYMTMH6GVKa/
QHwCx+VF93TZhjOY1U/va5rnXQ6PRNszCAlQFUt5WeJ5aQH19GMh7uIztSL7DI7s
qIt2O8/wtOhQRxb51zrxOZn/7nrYfdMg7enOCXqqJCSiBr+kX5IlrnG3hQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJg5UyF7cjAtWFH/MsZXkyy372z9MB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvbURsVElYdHlNQzFZVWY4eXhsZVRMTGZ2YlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC8faMD
BAC8faQDBAC8faYDBAC8faowDQYJKoZIhvcNAQELBQADggEBAA1LZ6OFfvS7kNTu
1PSWFe0YOotHZ95VKWPOzz09JJ0Tb1n97Nkq/uAASmwuExmfnvOa3MNNmkkFmin0
Zq+5teUcJGFN7jp+0CXd7bXe+0EVrX3kOXoBFrH4J8X1j8OjIkbfhaULz6GVKjRg
ApSR1iQkXCjJiacAYmbL3CcpBEBuucPx6tTPhmVUbDoMPv9R5P9DTVrY2YRRHVsM
B2H52wBseDawf3q8yrE0PRrI2ZFUWQzRSFvOBbucXAsAq0PZxjkmiVzVw0B5/N+M
ZXbAsTYioU/+gnohxGqCi4sufpPIj/5il4HnYU43GF7ntZ1zHVqmBcoLpzFn0BxR
XQhqJ6o=
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:49:56 2025 by rpki-client