Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/GIVWprWFbOZPhSHYq7Ic-gvexKY.roa
File: GIVWprWFbOZPhSHYq7Ic-gvexKY.roa (raw, json)
Hash identifier: a5n2A2nV2+7629D0mXkl2qBTB/0Qibtp1AVMOfdCCQU=
Subject key identifier: 18:85:56:A6:B5:85:6C:E6:4F:85:21:D8:AB:B2:1C:FA:0B:DE:C4:A6
Certificate issuer: /CN=6e046aeb6a01ca48a49750d881b79f7a78d51089
Certificate serial: 01942444CE53037FD2FB7826AB11DFC7D2E4
Authority key identifier: 6E:04:6A:EB:6A:01:CA:48:A4:97:50:D8:81:B7:9F:7A:78:D5:10:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bgRq62oBykikl1DYgbefenjVEIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/GIVWprWFbOZPhSHYq7Ic-gvexKY.roa
Signing time: Wed 01 Jan 2025 23:47:56 +0000
ROA not before: Wed 01 Jan 2025 23:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56534
IP address blocks: 176.53.192.0/24 maxlen: 24
176.53.196.0/24 maxlen: 24
176.53.197.0/24 maxlen: 24
176.53.198.0/23 maxlen: 24
176.53.200.0/22 maxlen: 24
176.53.204.0/22 maxlen: 22
176.53.208.0/24 maxlen: 24
176.53.211.0/24 maxlen: 24
176.53.212.0/22 maxlen: 22
176.53.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ce:53:03:7f:d2:fb:78:26:ab:11:df:c7:d2:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e046aeb6a01ca48a49750d881b79f7a78d51089
Validity
Not Before: Jan 1 23:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=188556a6b5856ce64f8521d8abb21cfa0bdec4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8a:ec:f8:81:55:75:11:7c:ea:8e:8a:f5:4d:
dc:cd:15:e3:d0:f1:88:ee:19:5d:64:ae:90:42:de:
2c:a3:f0:f6:7e:e4:46:ce:6c:fb:6b:30:91:14:a0:
7a:dd:46:32:d1:e4:41:b5:52:05:0a:0b:12:ae:03:
ee:94:aa:49:2a:c3:1d:1b:63:de:47:5d:17:a0:88:
e9:12:4f:fa:5d:39:fe:ba:49:69:0a:05:db:f5:7d:
d5:c4:e3:46:1b:25:b8:94:ac:90:ff:56:cb:d2:d7:
c8:9a:9f:77:ee:c4:0e:a7:04:fa:d7:ea:8c:7e:21:
fb:2d:bd:dc:aa:50:17:e8:c5:de:75:5e:6b:9c:44:
e1:ed:8a:6f:97:ca:df:c4:27:b3:33:92:4b:7f:98:
fb:69:fa:13:e4:c4:b8:82:36:c2:90:50:a2:ee:e2:
f8:7c:47:a0:0e:7f:7c:d0:c3:b2:2c:40:b1:c2:73:
d7:17:60:9e:74:f2:8f:22:39:50:2f:54:13:ce:68:
c7:63:fc:4d:c7:c1:69:24:18:ad:eb:e1:6e:45:76:
34:89:b7:9e:81:50:24:d0:f9:21:07:0f:35:1e:a8:
f0:6d:44:55:1d:20:07:fe:20:d8:6f:c8:c9:dd:23:
86:1f:a1:14:34:35:c6:25:13:24:3d:be:f7:09:aa:
e3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:85:56:A6:B5:85:6C:E6:4F:85:21:D8:AB:B2:1C:FA:0B:DE:C4:A6
X509v3 Authority Key Identifier:
keyid:6E:04:6A:EB:6A:01:CA:48:A4:97:50:D8:81:B7:9F:7A:78:D5:10:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bgRq62oBykikl1DYgbefenjVEIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/GIVWprWFbOZPhSHYq7Ic-gvexKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/bgRq62oBykikl1DYgbefenjVEIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.192.0/24
176.53.196.0-176.53.208.255
176.53.211.0-176.53.215.255
Signature Algorithm: sha256WithRSAEncryption
4d:2c:aa:74:a6:14:04:d6:f1:b6:10:37:ab:27:d5:da:98:f3:
a3:6a:01:45:b8:82:8f:70:50:d9:b1:d2:84:6d:8d:89:d0:6c:
40:96:98:84:0a:b9:17:27:6c:89:d3:b8:4c:1c:b5:70:90:dc:
40:ef:25:b1:3c:bd:dd:64:96:eb:2e:2a:cf:f4:42:c3:18:4d:
51:49:2f:df:8e:0f:11:08:cf:1d:60:43:a8:fe:22:23:5a:ef:
41:75:a5:6b:86:a2:ff:b1:88:62:49:82:10:69:f4:22:bc:66:
17:15:35:b0:19:44:76:c3:44:30:16:4e:a3:5a:24:42:e3:64:
99:02:45:3a:1c:7b:12:d8:34:39:59:20:81:7e:52:66:59:02:
ab:2d:40:f3:3f:aa:a8:a9:f4:50:31:09:0a:1a:b7:47:a5:0f:
fa:2a:3f:3d:56:ee:c3:94:0e:a4:d6:fa:ad:99:39:4b:5a:56:
70:71:cc:73:12:44:fe:39:d3:69:2d:96:35:7a:45:3e:7c:bc:
74:be:15:9d:2d:25:fd:a1:22:bd:38:d9:fe:41:6d:23:8e:e5:
6d:27:4e:d8:f4:c2:3d:66:9e:a5:94:bd:11:ed:35:a5:65:89:
da:8d:0b:3a:48:07:43:48:5b:dc:f0:1b:59:1f:3d:90:dd:42:
79:4c:59:c3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQkRM5TA3/S+3gmqxHfx9LkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMDQ2YWViNmEwMWNhNDhhNDk3NTBkODgxYjc5ZjdhNzhk
NTEwODkwHhcNMjUwMTAxMjM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg1NTZhNmI1ODU2Y2U2NGY4NTIxZDhhYmIyMWNmYTBiZGVjNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIrs+IFVdRF86o6K9U3czRXj0PGI
7hldZK6QQt4so/D2fuRGzmz7azCRFKB63UYy0eRBtVIFCgsSrgPulKpJKsMdG2Pe
R10XoIjpEk/6XTn+uklpCgXb9X3VxONGGyW4lKyQ/1bL0tfImp937sQOpwT61+qM
fiH7Lb3cqlAX6MXedV5rnETh7Ypvl8rfxCezM5JLf5j7afoT5MS4gjbCkFCi7uL4
fEegDn980MOyLECxwnPXF2CedPKPIjlQL1QTzmjHY/xNx8FpJBit6+FuRXY0ibee
gVAk0PkhBw81HqjwbURVHSAH/iDYb8jJ3SOGH6EUNDXGJRMkPb73CarjRQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBiFVqa1hWzmT4Uh2KuyHPoL3sSmMB8GA1UdIwQY
MBaAFG4EautqAcpIpJdQ2IG3n3p41RCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmdScTYyb0J5a2lrbDFEWWdiZWZlbmpWRUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi84MDlkYTAtZTM5NS00ZjgwLWFiMTct
M2Q0ZGE4ZDEyODA2LzEvR0lWV3ByV0ZiT1pQaFNIWXE3SWMtZ3ZleEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi84MDlkYTAtZTM5NS00ZjgwLWFiMTctM2Q0ZGE4ZDEyODA2
LzEvYmdScTYyb0J5a2lrbDFEWWdiZWZlbmpWRUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAsDXAMAwD
BAKwNcQDBACwNdAwDAMEALA10wMEA7A10DANBgkqhkiG9w0BAQsFAAOCAQEATSyq
dKYUBNbxthA3qyfV2pjzo2oBRbiCj3BQ2bHShG2NidBsQJaYhAq5FydsidO4TBy1
cJDcQO8lsTy93WSW6y4qz/RCwxhNUUkv344PEQjPHWBDqP4iI1rvQXWla4ai/7GI
YkmCEGn0IrxmFxU1sBlEdsNEMBZOo1okQuNkmQJFOhx7Etg0OVkggX5SZlkCqy1A
8z+qqKn0UDEJChq3R6UP+io/PVbuw5QOpNb6rZk5S1pWcHHMcxJE/jnTaS2WNXpF
Pny8dL4VnS0l/aEivTjZ/kFtI47lbSdO2PTCPWaepZS9Ee01pWWJ2o0LOkgHQ0hb
3PAbWR89kN1CeUxZww==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:40:23 2025 by rpki-client