Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0668b-6ec2-4db4-a957-af7382395e00/1/DsnYhz3l-UjW4BEfkskBQyPqFHg.roa
File: DsnYhz3l-UjW4BEfkskBQyPqFHg.roa (raw, json)
Hash identifier: Ca24yg0KQW8MlNf8yUGGudiupYhIqA/czyOnT3n44ic=
Subject key identifier: 0E:C9:D8:87:3D:E5:F9:48:D6:E0:11:1F:92:C9:01:43:23:EA:14:78
Certificate issuer: /CN=11d9d7975b8cda9232a4247cc9de9a6dfdbc6069
Certificate serial: 019420681C6FEF034FC47677169FC5AF9DEE
Authority key identifier: 11:D9:D7:97:5B:8C:DA:92:32:A4:24:7C:C9:DE:9A:6D:FD:BC:60:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EdnXl1uM2pIypCR8yd6abf28YGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0668b-6ec2-4db4-a957-af7382395e00/1/DsnYhz3l-UjW4BEfkskBQyPqFHg.roa
Signing time: Wed 01 Jan 2025 05:48:01 +0000
ROA not before: Wed 01 Jan 2025 05:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34241
IP address blocks: 188.190.116.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:1c:6f:ef:03:4f:c4:76:77:16:9f:c5:af:9d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11d9d7975b8cda9232a4247cc9de9a6dfdbc6069
Validity
Not Before: Jan 1 05:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ec9d8873de5f948d6e0111f92c9014323ea1478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ae:d3:73:73:04:b2:f8:5c:10:18:5f:17:ce:
f4:af:93:61:70:b8:26:5d:09:20:73:33:d6:4f:b5:
80:16:22:f3:ce:2f:32:3f:ae:62:01:bc:00:aa:9c:
19:f1:6d:93:1b:9d:9c:5d:03:46:d6:c8:76:35:e9:
86:b9:43:04:d6:6d:e0:0c:0f:f3:21:e0:ab:c7:ca:
67:7d:3e:39:54:24:b8:ea:3c:85:51:0c:de:40:73:
0e:c4:05:5c:5c:79:5a:ff:70:cd:ed:20:b8:48:46:
27:af:a1:59:09:70:34:bf:c4:36:4b:4f:34:f0:a6:
ff:4f:77:7f:2b:0c:a7:5c:03:d3:ef:f1:32:2d:f0:
ec:13:25:f6:73:cc:fb:ca:b0:7e:34:00:20:8b:8c:
58:0a:dd:56:aa:87:aa:e8:0b:98:1e:e1:5d:a6:7e:
15:f1:c7:10:69:bd:1d:4a:fc:dd:8a:12:62:03:63:
00:6e:c9:97:e8:25:88:a9:e6:8f:32:83:3d:d8:95:
5b:ce:f1:28:6e:9e:c7:16:23:66:bc:18:eb:3d:df:
47:bd:a8:ea:12:6e:46:94:c3:6e:4d:a8:1c:cb:ed:
1b:a3:fc:95:a2:3e:fa:47:16:a3:c5:66:30:ea:27:
68:75:3e:9a:41:cc:ef:ad:20:93:9f:bb:58:0a:a0:
59:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C9:D8:87:3D:E5:F9:48:D6:E0:11:1F:92:C9:01:43:23:EA:14:78
X509v3 Authority Key Identifier:
keyid:11:D9:D7:97:5B:8C:DA:92:32:A4:24:7C:C9:DE:9A:6D:FD:BC:60:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdnXl1uM2pIypCR8yd6abf28YGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0668b-6ec2-4db4-a957-af7382395e00/1/DsnYhz3l-UjW4BEfkskBQyPqFHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0668b-6ec2-4db4-a957-af7382395e00/1/EdnXl1uM2pIypCR8yd6abf28YGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.116.0/22
Signature Algorithm: sha256WithRSAEncryption
d6:17:64:43:66:9f:d1:b3:40:cd:57:3c:c1:62:32:0f:44:3d:
6c:89:f1:98:b2:27:d2:7d:19:9a:5b:95:ea:8c:6e:7a:f6:eb:
4d:64:bc:e4:0c:e9:b0:af:84:f4:7a:d0:fc:1d:4d:15:cc:fe:
ea:fe:9f:3c:da:a8:32:0a:aa:f9:3e:50:26:ef:22:37:c4:8b:
ed:35:22:d2:6f:64:da:c6:7b:4b:ee:a3:a4:f3:f4:6c:b2:6a:
63:e9:0f:a4:05:bd:2b:44:8f:86:76:a4:14:c3:8e:a9:9f:51:
0d:42:37:4c:38:62:1a:c4:51:9c:16:34:e5:15:58:11:53:2a:
50:99:05:62:65:f9:b2:4b:37:06:b7:58:9e:55:58:60:de:d9:
57:35:c2:76:f6:0f:37:e1:5c:d1:97:dc:4c:01:9a:28:a9:15:
f8:18:16:d9:49:93:56:85:05:80:9f:a4:81:66:b1:06:b3:70:
c1:c1:84:69:8d:39:01:3b:be:47:47:25:3c:72:09:97:22:e8:
9f:cb:9a:f5:0e:c1:90:1e:bd:f9:10:e1:5a:89:a0:ae:1b:a4:
8a:74:3a:46:aa:88:8d:01:9f:f2:ae:d2:c5:27:d2:d5:11:fb:
1f:80:d8:b8:e9:32:ff:8f:80:e9:c8:c9:3f:f0:78:80:70:f9:
74:c8:e8:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBxv7wNPxHZ3Fp/Fr53uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDlkNzk3NWI4Y2RhOTIzMmE0MjQ3Y2M5ZGU5YTZkZmRi
YzYwNjkwHhcNMjUwMTAxMDU0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWM5ZDg4NzNkZTVmOTQ4ZDZlMDExMWY5MmM5MDE0MzIzZWExNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxq7Tc3MEsvhcEBhfF870r5NhcLgm
XQkgczPWT7WAFiLzzi8yP65iAbwAqpwZ8W2TG52cXQNG1sh2NemGuUME1m3gDA/z
IeCrx8pnfT45VCS46jyFUQzeQHMOxAVcXHla/3DN7SC4SEYnr6FZCXA0v8Q2S080
8Kb/T3d/KwynXAPT7/EyLfDsEyX2c8z7yrB+NAAgi4xYCt1Wqoeq6AuYHuFdpn4V
8ccQab0dSvzdihJiA2MAbsmX6CWIqeaPMoM92JVbzvEobp7HFiNmvBjrPd9Hvajq
Em5GlMNuTagcy+0bo/yVoj76RxajxWYw6idodT6aQczvrSCTn7tYCqBZWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7J2Ic95flI1uARH5LJAUMj6hR4MB8GA1UdIwQY
MBaAFBHZ15dbjNqSMqQkfMnemm39vGBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRuWGwxdU0ycEl5cENSOHlkNmFiZjI4WUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMDY2OGItNmVjMi00ZGI0LWE5NTct
YWY3MzgyMzk1ZTAwLzEvRHNuWWh6M2wtVWpXNEJFZmtza0JReVBxRkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMDY2OGItNmVjMi00ZGI0LWE5NTctYWY3MzgyMzk1ZTAw
LzEvRWRuWGwxdU0ycEl5cENSOHlkNmFiZjI4WUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvL50MA0G
CSqGSIb3DQEBCwUAA4IBAQDWF2RDZp/Rs0DNVzzBYjIPRD1sifGYsifSfRmaW5Xq
jG569utNZLzkDOmwr4T0etD8HU0VzP7q/p882qgyCqr5PlAm7yI3xIvtNSLSb2Ta
xntL7qOk8/Rssmpj6Q+kBb0rRI+GdqQUw46pn1ENQjdMOGIaxFGcFjTlFVgRUypQ
mQViZfmySzcGt1ieVVhg3tlXNcJ29g834VzRl9xMAZooqRX4GBbZSZNWhQWAn6SB
ZrEGs3DBwYRpjTkBO75HRyU8cgmXIuify5r1DsGQHr35EOFaiaCuG6SKdDpGqoiN
AZ/yrtLFJ9LVEfsfgNi46TL/j4DpyMk/8HiAcPl0yOjJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:41:46 2025 by rpki-client