Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/qNDvfGI4y3Kv0_gKftAtZ8uEm1g.roa
File: qNDvfGI4y3Kv0_gKftAtZ8uEm1g.roa (raw, json)
Hash identifier: c3T51iiVF4Heub78zCeOe/wtmjyNC9TOSkeV0C+2EaI=
Subject key identifier: A8:D0:EF:7C:62:38:CB:72:AF:D3:F8:0A:7E:D0:2D:67:CB:84:9B:58
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 0194BBB658DFFB43FB412CB0301C383525F0
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/qNDvfGI4y3Kv0_gKftAtZ8uEm1g.roa
Signing time: Fri 31 Jan 2025 09:34:37 +0000
ROA not before: Fri 31 Jan 2025 09:34:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49632
IP address blocks: 188.125.160.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.168.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:b6:58:df:fb:43:fb:41:2c:b0:30:1c:38:35:25:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 31 09:34:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8d0ef7c6238cb72afd3f80a7ed02d67cb849b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9b:bc:ac:07:fd:c2:c6:a9:6f:96:a5:cb:af:
54:9d:fc:26:e1:8e:25:a2:10:82:df:53:7d:9b:29:
c1:43:06:04:6e:9f:b9:f1:53:31:96:cf:65:ea:6e:
d9:c4:d0:02:3a:56:9d:76:33:c7:aa:a1:c7:d5:ed:
60:16:fb:f1:a5:05:37:ec:70:a0:e6:9e:3d:66:d2:
c3:52:b7:d5:55:31:df:82:b7:51:7c:ad:34:f8:4a:
11:e3:db:08:3a:ae:fb:e4:4f:b2:be:d6:aa:64:a2:
ab:f9:cd:8f:bd:64:50:49:51:67:ec:ca:c0:c0:63:
3e:b1:21:5d:a3:be:8b:84:bd:d1:c2:08:21:5e:83:
6c:5f:05:c0:72:d5:9f:a9:b5:e0:bf:48:5e:96:6d:
26:a7:1f:28:81:dc:84:dd:f5:96:f6:87:e4:09:a2:
fd:1a:a9:fe:19:25:4d:f4:e2:49:d3:2d:f9:84:70:
ec:91:94:76:ff:c6:2b:6e:61:29:ad:1f:2a:1c:2e:
c4:2e:5f:65:b8:68:82:0c:df:b6:6f:4b:4d:73:a9:
30:73:e2:81:bf:31:38:bf:99:b5:e4:a9:de:42:de:
7a:e2:96:cb:a7:2c:bb:96:07:66:86:1e:05:e9:e5:
87:b2:81:33:59:6e:a7:fb:cd:a8:0b:32:0d:e4:29:
4f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D0:EF:7C:62:38:CB:72:AF:D3:F8:0A:7E:D0:2D:67:CB:84:9B:58
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/qNDvfGI4y3Kv0_gKftAtZ8uEm1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.160.0/24
188.125.164.0/24
188.125.166.0/24
188.125.168.0/24
188.125.170.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:8e:ea:25:f3:50:34:94:f0:1d:38:08:14:dd:6f:66:36:31:
22:68:70:98:45:b1:a0:a8:7c:78:50:8c:81:30:8f:79:1c:81:
28:a6:40:f8:28:6e:a8:78:1f:ae:7c:7c:64:e8:29:05:70:2c:
2c:dc:6c:30:b5:1f:e5:f1:fd:33:5a:75:60:7f:b7:50:95:f3:
f6:3a:0f:99:ed:24:75:e6:bf:e1:78:34:45:b4:74:22:17:d0:
2a:81:89:b3:56:64:bc:85:e8:6d:a5:8e:18:de:6e:e1:68:75:
09:3c:3e:06:be:50:68:56:a1:7b:30:b6:25:31:13:54:b1:4e:
9a:c0:c8:a7:14:1d:98:05:05:e9:32:6d:eb:8f:9c:12:4f:a4:
66:66:82:54:3d:12:b9:e5:c3:ff:0c:90:7c:8b:af:1c:e4:52:
eb:7c:71:27:31:b4:6a:e8:d9:d0:9d:16:03:07:71:a1:06:f5:
cb:0c:86:92:a5:59:06:8b:3b:ac:8e:ab:0a:68:9e:8b:f5:4d:
68:68:74:7c:4f:bb:d6:61:b4:ae:cd:f9:90:2e:ed:15:37:1d:
61:e6:f5:b8:4d:1c:1a:19:ae:ba:cf:69:6a:8b:ea:88:59:37:
9a:89:63:9b:f3:cc:cf:c3:b5:0f:f4:96:cc:fe:61:5d:d1:6c:
c0:30:0b:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZS7tljf+0P7QSywMBw4NSXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjUwMTMxMDkzNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGQwZWY3YzYyMzhjYjcyYWZkM2Y4MGE3ZWQwMmQ2N2NiODQ5YjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupu8rAf9wsapb5aly69Unfwm4Y4l
ohCC31N9mynBQwYEbp+58VMxls9l6m7ZxNACOladdjPHqqHH1e1gFvvxpQU37HCg
5p49ZtLDUrfVVTHfgrdRfK00+EoR49sIOq775E+yvtaqZKKr+c2PvWRQSVFn7MrA
wGM+sSFdo76LhL3RwgghXoNsXwXActWfqbXgv0helm0mpx8ogdyE3fWW9ofkCaL9
Gqn+GSVN9OJJ0y35hHDskZR2/8YrbmEprR8qHC7ELl9luGiCDN+2b0tNc6kwc+KB
vzE4v5m15KneQt564pbLpyy7lgdmhh4F6eWHsoEzWW6n+82oCzIN5ClPtwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKjQ73xiOMtyr9P4Cn7QLWfLhJtYMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvcU5EdmZHSTR5M0t2MF9nS2Z0QXRaOHVFbTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAvH2gAwQA
vH2kAwQAvH2mAwQAvH2oAwQAvH2qMA0GCSqGSIb3DQEBCwUAA4IBAQA/juol81A0
lPAdOAgU3W9mNjEiaHCYRbGgqHx4UIyBMI95HIEopkD4KG6oeB+ufHxk6CkFcCws
3GwwtR/l8f0zWnVgf7dQlfP2Og+Z7SR15r/heDRFtHQiF9AqgYmzVmS8hehtpY4Y
3m7haHUJPD4GvlBoVqF7MLYlMRNUsU6awMinFB2YBQXpMm3rj5wST6RmZoJUPRK5
5cP/DJB8i68c5FLrfHEnMbRq6NnQnRYDB3GhBvXLDIaSpVkGizusjqsKaJ6L9U1o
aHR8T7vWYbSuzfmQLu0VNx1h5vW4TRwaGa66z2lqi+qIWTeaiWOb88zPw7UP9JbM
/mFd0WzAMAvN
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:15:19 2025 by rpki-client