Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/LdXFkYRIHGBnu8fHeHqruuXK0Eg.roa
File: LdXFkYRIHGBnu8fHeHqruuXK0Eg.roa (raw, json)
Hash identifier: wWAh2dvUTnq8atQ5jTFLDtizePX9tNFdzlrQolb+/PM=
Subject key identifier: 2D:D5:C5:91:84:48:1C:60:67:BB:C7:C7:78:7A:AB:BA:E5:CA:D0:48
Certificate issuer: /CN=4ee0b21c89a302be9dc03870c098f23280304b0f
Certificate serial: 0189D9FC4F6645E21EA52097919526BF3782
Authority key identifier: 4E:E0:B2:1C:89:A3:02:BE:9D:C0:38:70:C0:98:F2:32:80:30:4B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuCyHImjAr6dwDhwwJjyMoAwSw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/LdXFkYRIHGBnu8fHeHqruuXK0Eg.roa
Signing time: Wed 09 Aug 2023 11:08:58 +0000
ROA not before: Wed 09 Aug 2023 11:08:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213098
IP address blocks: 188.72.42.0/24 maxlen: 24
188.72.43.0/24 maxlen: 24
2a0c:9c0:1::/48 maxlen: 48
2a0c:9c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d9:fc:4f:66:45:e2:1e:a5:20:97:91:95:26:bf:37:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee0b21c89a302be9dc03870c098f23280304b0f
Validity
Not Before: Aug 9 11:08:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dd5c59184481c6067bbc7c7787aabbae5cad048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b9:67:fa:b4:62:0e:bc:9c:38:bd:44:f4:a0:
1e:1e:d0:2a:25:c9:3a:cf:8f:a2:e4:26:c0:04:e2:
2a:ba:87:75:d7:7e:fb:1c:f7:ec:22:9e:22:7f:ff:
70:d9:e7:6a:c2:45:5f:47:1b:62:2c:04:65:bf:ad:
49:e2:3b:04:6e:3e:ec:60:2a:c6:b1:4d:05:33:43:
a7:95:45:f5:f2:a1:99:73:7f:c5:28:53:57:83:68:
be:ca:e2:49:34:c4:06:a5:07:73:28:86:7b:5f:87:
70:11:f6:5f:ad:32:a8:33:39:f4:b4:49:b6:98:9e:
d8:9a:ba:4c:bb:71:8b:58:ae:7e:11:9d:98:cf:ba:
5c:79:f6:00:af:ec:27:9e:3b:e3:a6:66:5c:32:e9:
d9:1d:1a:e8:3e:5a:94:53:a0:31:97:fe:b7:3f:e1:
bf:9d:10:33:0a:38:50:b8:b6:6d:6b:74:1a:0d:f1:
72:ae:d9:de:03:4e:d7:1f:76:35:03:44:9f:ab:4c:
5f:a8:c1:fb:9e:18:b1:35:20:f5:80:43:c4:77:4e:
c8:67:2b:b5:a5:30:ea:a8:2c:d2:14:cb:94:a7:c7:
2f:dd:b5:d5:3c:6e:0b:e4:5e:84:12:21:b1:39:7f:
b0:89:35:34:fe:c0:50:48:fc:cc:dc:5e:df:0d:b8:
c7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D5:C5:91:84:48:1C:60:67:BB:C7:C7:78:7A:AB:BA:E5:CA:D0:48
X509v3 Authority Key Identifier:
keyid:4E:E0:B2:1C:89:A3:02:BE:9D:C0:38:70:C0:98:F2:32:80:30:4B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuCyHImjAr6dwDhwwJjyMoAwSw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/LdXFkYRIHGBnu8fHeHqruuXK0Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/TuCyHImjAr6dwDhwwJjyMoAwSw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.42.0/23
IPv6:
2a0c:9c0::/47
Signature Algorithm: sha256WithRSAEncryption
aa:77:d4:8f:ee:f9:fb:59:d2:ed:1e:83:8a:0b:f9:52:48:9b:
fb:d6:4a:8c:54:66:77:f9:c2:ed:3a:00:02:f7:ba:55:4e:69:
a7:1b:36:81:bb:bc:bd:76:0c:54:c8:72:4c:fb:42:a5:21:02:
47:81:3c:5a:33:aa:64:6d:5c:cc:a8:16:6b:7b:83:01:98:22:
1e:4e:1b:8e:da:51:f7:02:8d:af:5d:1c:9b:c4:09:96:d6:3a:
5d:6e:bd:05:35:d5:ab:f2:98:7f:24:71:a3:a5:22:94:93:6f:
00:26:b7:ab:cd:65:67:0e:48:b2:11:3e:a3:87:1f:2c:59:4e:
f7:3b:1c:1a:5a:03:c1:e9:2d:4d:fb:93:81:c7:ec:f6:06:d2:
29:5f:af:c5:60:d3:52:a4:9f:19:d8:55:e6:6e:1d:8e:ab:78:
01:8f:72:fa:31:0b:2b:a4:62:71:36:40:2f:f8:d7:44:86:25:
53:dd:d2:25:89:77:40:f5:bf:34:71:0f:9a:36:24:2b:8e:90:
13:12:29:a7:a9:77:e1:c7:35:09:38:6f:b7:b2:9f:86:55:8f:
0e:66:d4:0e:1f:8d:1c:7f:c4:d9:f9:8e:7e:54:ca:c9:10:f6:
33:6f:ec:4c:83:4d:bb:85:ea:a1:2a:09:fe:a9:58:41:81:c5:
99:32:04:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnZ/E9mReIepSCXkZUmvzeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTBiMjFjODlhMzAyYmU5ZGMwMzg3MGMwOThmMjMyODAz
MDRiMGYwHhcNMjMwODA5MTEwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ1YzU5MTg0NDgxYzYwNjdiYmM3Yzc3ODdhYWJiYWU1Y2FkMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrln+rRiDrycOL1E9KAeHtAqJck6
z4+i5CbABOIquod11377HPfsIp4if/9w2edqwkVfRxtiLARlv61J4jsEbj7sYCrG
sU0FM0OnlUX18qGZc3/FKFNXg2i+yuJJNMQGpQdzKIZ7X4dwEfZfrTKoMzn0tEm2
mJ7YmrpMu3GLWK5+EZ2Yz7pcefYAr+wnnjvjpmZcMunZHRroPlqUU6Axl/63P+G/
nRAzCjhQuLZta3QaDfFyrtneA07XH3Y1A0Sfq0xfqMH7nhixNSD1gEPEd07IZyu1
pTDqqCzSFMuUp8cv3bXVPG4L5F6EEiGxOX+wiTU0/sBQSPzM3F7fDbjHZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC3VxZGESBxgZ7vHx3h6q7rlytBIMB8GA1UdIwQY
MBaAFE7gshyJowK+ncA4cMCY8jKAMEsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVDeUhJbWpBcjZkd0Rod3dKanlNb0F3U3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYTI3OGItMTI0Ni00OGUzLTlhMDUt
NTA5NjExYjU5YzRhLzEvTGRYRmtZUklIR0JudThmSGVIcXJ1dVhLMEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYTI3OGItMTI0Ni00OGUzLTlhMDUtNTA5NjExYjU5YzRh
LzEvVHVDeUhJbWpBcjZkd0Rod3dKanlNb0F3U3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBvEgqMA8E
AgACMAkDBwEqDAnAAAAwDQYJKoZIhvcNAQELBQADggEBAKp31I/u+ftZ0u0eg4oL
+VJIm/vWSoxUZnf5wu06AAL3ulVOaacbNoG7vL12DFTIckz7QqUhAkeBPFozqmRt
XMyoFmt7gwGYIh5OG47aUfcCja9dHJvECZbWOl1uvQU11avymH8kcaOlIpSTbwAm
t6vNZWcOSLIRPqOHHyxZTvc7HBpaA8HpLU37k4HH7PYG0ilfr8Vg01KknxnYVeZu
HY6reAGPcvoxCyukYnE2QC/410SGJVPd0iWJd0D1vzRxD5o2JCuOkBMSKaepd+HH
NQk4b7eyn4ZVjw5m1A4fjRx/xNn5jn5UyskQ9jNv7EyDTbuF6qEqCf6pWEGBxZky
BKg=
-----END CERTIFICATE-----
Generated at Mon May 12 04:40:22 2025 by rpki-client