Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/RI6viK3s_BlSMIP1Vgb0Pj0MefM.roa
File: RI6viK3s_BlSMIP1Vgb0Pj0MefM.roa (raw, json)
Hash identifier: /GgkDE60b7jAzwG85grZIfhbgXYyhzkop2FOS1Z11sg=
Subject key identifier: 44:8E:AF:88:AD:EC:FC:19:52:30:83:F5:56:06:F4:3E:3D:0C:79:F3
Certificate issuer: /CN=e9057470fd56f1b773b2e40abaee79f9966e4436
Certificate serial: 0194221FFF3B835F1565D7DCA44682656620
Authority key identifier: E9:05:74:70:FD:56:F1:B7:73:B2:E4:0A:BA:EE:79:F9:96:6E:44:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/RI6viK3s_BlSMIP1Vgb0Pj0MefM.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209014
IP address blocks: 164.138.192.0/21 maxlen: 21
2a00:bac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ff:3b:83:5f:15:65:d7:dc:a4:46:82:65:66:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9057470fd56f1b773b2e40abaee79f9966e4436
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=448eaf88adecfc19523083f55606f43e3d0c79f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:05:52:03:0e:9e:e4:f3:bb:32:24:0b:4c:2d:
99:8e:7d:b3:d1:90:f4:2f:f7:da:2f:52:8f:26:63:
34:c4:00:6b:d5:9d:11:2d:40:d9:0b:b7:cc:03:19:
59:a7:90:11:d0:bc:d9:60:8b:4c:47:e0:86:bf:9b:
41:25:57:d3:51:93:9f:52:1f:10:cb:f5:ea:c1:aa:
b4:e0:85:a3:e7:da:1a:27:4b:6d:fc:36:b6:53:47:
0e:62:58:e0:f4:83:c0:70:64:71:9a:70:a1:9b:13:
5a:38:76:0b:4d:53:74:66:df:63:02:cd:b8:33:1e:
5e:3b:53:37:ad:bf:8f:4c:ec:28:59:83:45:0e:57:
68:ed:f0:a6:1a:a4:43:68:00:91:5c:a6:10:3c:eb:
90:e6:45:18:77:c1:74:18:b4:29:1d:de:1d:5f:92:
e0:4b:47:fe:7d:00:fc:ad:98:ab:d8:2c:6f:f6:57:
94:69:f8:a9:8c:4e:35:1c:45:f8:63:39:ca:67:27:
94:7a:7e:b2:0b:73:4c:3e:f7:1b:91:4b:c9:6a:7a:
12:7b:f6:82:8a:00:0d:24:3b:ec:a6:bf:74:62:0c:
c0:42:eb:74:a6:a6:40:5f:7c:01:6e:61:1f:6a:b9:
44:75:ad:ca:b0:ff:46:5d:16:06:07:d4:c5:88:5d:
55:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:8E:AF:88:AD:EC:FC:19:52:30:83:F5:56:06:F4:3E:3D:0C:79:F3
X509v3 Authority Key Identifier:
keyid:E9:05:74:70:FD:56:F1:B7:73:B2:E4:0A:BA:EE:79:F9:96:6E:44:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/RI6viK3s_BlSMIP1Vgb0Pj0MefM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/6QV0cP1W8bdzsuQKuu55-ZZuRDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.192.0/21
IPv6:
2a00:bac0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:3e:6e:00:b0:6f:4b:82:43:e4:9b:c6:8a:49:c0:aa:e5:db:
8c:d0:ec:37:43:8a:c7:40:eb:03:fe:4b:1a:f6:ec:89:0a:8a:
38:83:58:7f:6d:cb:cb:a7:25:2e:b5:3b:96:9e:f9:e6:d5:66:
da:44:bc:93:2d:38:9e:71:e3:46:84:b4:55:e5:93:e2:d8:a7:
1c:c9:b6:38:73:ff:69:32:96:fc:3a:d7:c6:71:5c:e8:41:4f:
be:1c:55:2f:c2:f6:bb:03:77:7f:9c:7e:aa:7b:b2:ce:51:9d:
8e:13:cd:ba:46:94:86:f6:ae:d0:db:5e:6d:e6:db:c9:e3:2e:
6b:f0:a3:b9:04:6b:57:f4:59:b8:af:f0:73:66:a9:b4:66:6b:
7b:20:71:ee:a5:0c:7e:05:3c:3a:9f:75:9f:8f:c3:2d:40:39:
c1:eb:77:ad:9d:f5:2c:d5:84:a2:fe:ef:eb:4f:9a:21:2f:cf:
a9:c7:f4:ac:be:14:1d:92:e2:01:3a:91:87:f1:14:ed:3e:2a:
fe:ec:a8:cb:1a:44:d7:1b:1d:9b:75:cb:f3:e9:df:0c:cb:7c:
65:f1:91:fa:37:ad:06:f4:4e:58:72:57:7a:92:8c:54:d2:7e:
48:72:ce:3b:f0:4c:14:bc:96:43:12:55:bf:23:b5:12:a9:f3:
fe:7e:f0:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH/87g18VZdfcpEaCZWYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDU3NDcwZmQ1NmYxYjc3M2IyZTQwYWJhZWU3OWY5OTY2
ZTQ0MzYwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDhlYWY4OGFkZWNmYzE5NTIzMDgzZjU1NjA2ZjQzZTNkMGM3OWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQVSAw6e5PO7MiQLTC2Zjn2z0ZD0
L/faL1KPJmM0xABr1Z0RLUDZC7fMAxlZp5AR0LzZYItMR+CGv5tBJVfTUZOfUh8Q
y/Xqwaq04IWj59oaJ0tt/Da2U0cOYljg9IPAcGRxmnChmxNaOHYLTVN0Zt9jAs24
Mx5eO1M3rb+PTOwoWYNFDldo7fCmGqRDaACRXKYQPOuQ5kUYd8F0GLQpHd4dX5Lg
S0f+fQD8rZir2Cxv9leUafipjE41HEX4YznKZyeUen6yC3NMPvcbkUvJanoSe/aC
igANJDvspr90YgzAQut0pqZAX3wBbmEfarlEda3KsP9GXRYGB9TFiF1VUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFESOr4it7PwZUjCD9VYG9D49DHnzMB8GA1UdIwQY
MBaAFOkFdHD9VvG3c7LkCrruefmWbkQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFWMGNQMVc4YmR6c3VRS3V1NTUtWlp1UkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NTc3MmEtYTEwZi00MjlkLWI1ZGIt
OTIxOGY5MmYzMDM2LzEvUkk2dmlLM3NfQmxTTUlQMVZnYjBQajBNZWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NTc3MmEtYTEwZi00MjlkLWI1ZGItOTIxOGY5MmYzMDM2
LzEvNlFWMGNQMVc4YmR6c3VRS3V1NTUtWlp1UkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDpIrAMA0E
AgACMAcDBQAqALrAMA0GCSqGSIb3DQEBCwUAA4IBAQB8Pm4AsG9LgkPkm8aKScCq
5duM0Ow3Q4rHQOsD/ksa9uyJCoo4g1h/bcvLpyUutTuWnvnm1WbaRLyTLTieceNG
hLRV5ZPi2KccybY4c/9pMpb8OtfGcVzoQU++HFUvwva7A3d/nH6qe7LOUZ2OE826
RpSG9q7Q215t5tvJ4y5r8KO5BGtX9Fm4r/BzZqm0Zmt7IHHupQx+BTw6n3Wfj8Mt
QDnB63etnfUs1YSi/u/rT5ohL8+px/SsvhQdkuIBOpGH8RTtPir+7KjLGkTXGx2b
dcvz6d8My3xl8ZH6N60G9E5Ycld6koxU0n5Ics478EwUvJZDElW/I7USqfP+fvCw
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:23:47 2025 by rpki-client