Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/iP8tkc04d0icUEokihMRUC5rwT4.roa
File: iP8tkc04d0icUEokihMRUC5rwT4.roa (raw, json)
Hash identifier: 5/Iqdr1UvAnjLWd8y1HWmURDX4laReyrD4iFzOipf+8=
Subject key identifier: 88:FF:2D:91:CD:38:77:48:9C:50:4A:24:8A:13:11:50:2E:6B:C1:3E
Certificate issuer: /CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Certificate serial: 019423D702DB63F3BA3E3DF010AEAC57796A
Authority key identifier: 58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/iP8tkc04d0icUEokihMRUC5rwT4.roa
Signing time: Wed 01 Jan 2025 21:48:00 +0000
ROA not before: Wed 01 Jan 2025 21:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47578
IP address blocks: 185.109.139.0/24 maxlen: 24
2001:1424::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:02:db:63:f3:ba:3e:3d:f0:10:ae:ac:57:79:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Validity
Not Before: Jan 1 21:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88ff2d91cd3877489c504a248a1311502e6bc13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:3c:1a:3c:c2:36:6b:72:64:95:3b:74:34:
50:7e:4b:ec:30:58:c9:33:fe:e3:4f:49:bf:ef:27:
c5:41:73:af:5c:70:f8:58:a1:0b:fc:4c:94:c1:45:
b4:c8:2d:b1:ac:5a:af:76:d4:45:b1:6f:b3:42:4f:
3a:26:a8:ec:8c:c5:bd:6b:fb:a9:6b:2c:a3:7c:c8:
0c:16:1d:47:0b:22:60:fc:95:60:7d:c8:db:7b:a1:
e2:20:b8:ee:92:4c:ee:92:db:7d:cd:49:fb:59:09:
b5:36:f7:6a:a5:ba:3b:49:80:44:60:16:27:85:a8:
9f:64:ec:48:c2:37:37:6c:68:84:07:54:92:75:cc:
97:d1:5b:ac:d8:f4:03:91:ed:c6:1d:85:0f:c9:9d:
f1:75:26:c3:e9:6f:3e:f5:fb:eb:7e:38:88:83:21:
68:23:20:f9:28:20:4e:f7:e5:99:1e:68:8c:9b:89:
fd:5d:ec:4b:f3:30:f6:89:84:98:4f:48:9d:d2:b2:
90:fb:d3:ab:ee:f4:ba:8e:b6:25:5e:14:9a:6c:c1:
b0:60:cd:eb:f6:7f:48:fa:b8:19:5a:63:32:11:2b:
b9:1b:6e:8a:9a:15:5a:89:0b:6a:21:52:77:14:55:
3f:e9:55:1c:53:e1:45:42:ac:9b:07:26:aa:a2:0b:
d9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FF:2D:91:CD:38:77:48:9C:50:4A:24:8A:13:11:50:2E:6B:C1:3E
X509v3 Authority Key Identifier:
keyid:58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/iP8tkc04d0icUEokihMRUC5rwT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.139.0/24
IPv6:
2001:1424::/48
Signature Algorithm: sha256WithRSAEncryption
01:9d:44:0d:26:97:ec:a2:22:76:48:4b:75:57:1d:1e:2d:e2:
6a:80:45:a8:eb:1c:8b:f5:48:88:63:1b:80:e4:a8:05:4a:60:
d2:0e:ff:f7:bc:c4:39:04:55:f4:80:4d:3f:14:32:c0:32:64:
45:03:ef:87:58:a7:ae:5d:41:db:f3:e3:6d:71:4c:ad:27:a8:
06:6c:a7:c9:92:61:97:5f:ab:26:3a:39:ff:ca:29:97:50:94:
86:18:2e:ce:e7:b4:96:0a:09:88:74:b1:b0:80:61:00:71:39:
38:cf:c0:9a:e9:b5:9d:42:57:1d:f3:90:32:1f:8b:41:c1:22:
d1:aa:f7:25:58:17:16:80:3a:ae:c8:33:54:e2:cf:2c:9e:19:
b9:21:41:2e:15:a8:7d:cb:01:a7:e9:13:1e:93:30:04:78:c4:
01:c8:d1:42:2f:56:d4:fd:57:d9:30:3d:79:33:27:ac:04:44:
45:6b:20:d9:b7:8f:bf:a8:7e:d6:36:35:f8:5c:38:66:c2:80:
35:d2:68:e5:f7:17:a9:e8:3a:9b:53:d1:6c:16:80:73:7c:db:
fc:3c:c9:39:50:79:26:65:aa:53:4d:aa:4c:af:0d:7f:25:84:
a3:0b:f0:04:5c:6f:70:b8:1e:c6:60:dc:ba:b3:1a:d6:88:96:
bd:09:90:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1wLbY/O6Pj3wEK6sV3lqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmI4ZWUzYTc0N2VkOGI1Nzg2NTdjZGQ0NzM3NTg2ZjVm
ZGI5MzEwHhcNMjUwMTAxMjE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZmMmQ5MWNkMzg3NzQ4OWM1MDRhMjQ4YTEzMTE1MDJlNmJjMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTs8GjzCNmtyZJU7dDRQfkvsMFjJ
M/7jT0m/7yfFQXOvXHD4WKEL/EyUwUW0yC2xrFqvdtRFsW+zQk86JqjsjMW9a/up
ayyjfMgMFh1HCyJg/JVgfcjbe6HiILjukkzuktt9zUn7WQm1Nvdqpbo7SYBEYBYn
haifZOxIwjc3bGiEB1SSdcyX0Vus2PQDke3GHYUPyZ3xdSbD6W8+9fvrfjiIgyFo
IyD5KCBO9+WZHmiMm4n9XexL8zD2iYSYT0id0rKQ+9Or7vS6jrYlXhSabMGwYM3r
9n9I+rgZWmMyESu5G26KmhVaiQtqIVJ3FFU/6VUcU+FFQqybByaqogvZnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIj/LZHNOHdInFBKJIoTEVAua8E+MB8GA1UdIwQY
MBaAFFi7juOnR+2LV4ZXzdRzdYb1/bkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDkt
YTgzZjkxNDAzNWIzLzEvaVA4dGtjMDRkMGljVUVva2loTVJVQzVyd1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDktYTgzZjkxNDAzNWIz
LzEvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuW2LMA8E
AgACMAkDBwAgARQkAAAwDQYJKoZIhvcNAQELBQADggEBAAGdRA0ml+yiInZIS3VX
HR4t4mqARajrHIv1SIhjG4DkqAVKYNIO//e8xDkEVfSATT8UMsAyZEUD74dYp65d
Qdvz421xTK0nqAZsp8mSYZdfqyY6Of/KKZdQlIYYLs7ntJYKCYh0sbCAYQBxOTjP
wJrptZ1CVx3zkDIfi0HBItGq9yVYFxaAOq7IM1TizyyeGbkhQS4VqH3LAafpEx6T
MAR4xAHI0UIvVtT9V9kwPXkzJ6wEREVrINm3j7+oftY2NfhcOGbCgDXSaOX3F6no
OptT0WwWgHN82/w8yTlQeSZlqlNNqkyvDX8lhKML8ARcb3C4HsZg3LqzGtaIlr0J
kH8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:07:06 2025 by rpki-client