Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/ePoIjSzwu99M4WhvEDpbXSDvvQo.roa
File: ePoIjSzwu99M4WhvEDpbXSDvvQo.roa (raw, json)
Hash identifier: R96ob6c+Fl2Ot6tWCC9JDy+m8b6W3TjrV6Ao1DPqb1c=
Subject key identifier: 78:FA:08:8D:2C:F0:BB:DF:4C:E1:68:6F:10:3A:5B:5D:20:EF:BD:0A
Certificate issuer: /CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Certificate serial: 019425FDE25FC0DD45D8F007D5C188C87B98
Authority key identifier: C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/ePoIjSzwu99M4WhvEDpbXSDvvQo.roa
Signing time: Thu 02 Jan 2025 07:49:42 +0000
ROA not before: Thu 02 Jan 2025 07:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42014
IP address blocks: 213.174.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e2:5f:c0:dd:45:d8:f0:07:d5:c1:88:c8:7b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3fb403a241883e58fced52d39d80eabd52bb36f
Validity
Not Before: Jan 2 07:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78fa088d2cf0bbdf4ce1686f103a5b5d20efbd0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:ee:16:ae:c8:0b:b8:aa:23:b1:5b:1c:9d:c8:
d4:90:5c:66:26:99:eb:f8:c2:b0:d1:3f:70:db:79:
68:b2:2b:b0:38:f3:b0:29:e8:57:8d:39:de:6e:fb:
34:13:de:91:33:ed:6b:f4:ce:c8:69:47:92:99:bf:
8b:e6:85:39:fd:8a:d1:d6:57:cf:8c:4e:25:13:d0:
ba:41:64:4d:29:b1:d4:a4:a6:4d:54:6f:41:c0:f6:
85:6d:a9:1a:be:3a:5f:47:f0:c9:24:75:a8:36:dd:
41:27:6b:8d:e6:fe:1e:b6:89:66:1f:7f:85:74:f7:
da:13:42:25:b6:83:86:5d:03:59:a2:63:94:55:21:
f9:0b:55:57:fa:ca:27:06:c4:69:7b:af:cb:ba:47:
29:5d:48:df:26:aa:6a:fc:80:7f:c8:96:99:6b:62:
60:e8:2b:d6:07:c4:92:43:02:09:68:8a:44:0c:bd:
9f:38:84:cc:8e:1e:bb:f3:e6:ee:9a:14:c5:0f:3d:
50:f7:99:2c:d2:b8:aa:cc:6e:e2:e5:07:09:ee:88:
9c:5a:03:41:4d:d1:34:07:c8:4b:c5:89:e1:b8:27:
0e:19:e0:c8:a1:54:c9:47:3e:8e:00:02:55:22:bb:
b3:89:f5:08:ed:f0:10:8b:38:18:4d:80:7d:39:10:
a2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FA:08:8D:2C:F0:BB:DF:4C:E1:68:6F:10:3A:5B:5D:20:EF:BD:0A
X509v3 Authority Key Identifier:
keyid:C3:FB:40:3A:24:18:83:E5:8F:CE:D5:2D:39:D8:0E:AB:D5:2B:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w_tAOiQYg-WPztUtOdgOq9Urs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/ePoIjSzwu99M4WhvEDpbXSDvvQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4dc625-7c1c-4dac-899e-a9a779026f0a/1/w_tAOiQYg-WPztUtOdgOq9Urs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.174.21.0/24
Signature Algorithm: sha256WithRSAEncryption
32:e3:75:a0:24:cf:33:9c:e5:bf:cc:b9:29:98:04:28:c9:21:
00:3a:5d:6b:8d:6f:21:df:dc:8e:13:65:6c:73:2d:2a:ef:b4:
2a:7c:44:9a:92:da:b1:e3:7b:1d:22:ba:dc:42:57:dd:f4:82:
e7:d0:ea:6b:96:5a:ed:fe:d1:22:7b:21:d1:74:dd:90:b1:12:
ce:11:a9:63:11:62:05:8b:92:13:d9:90:ad:66:47:84:ba:8e:
28:e0:ef:4d:b0:02:e9:5f:ae:ca:46:fa:0e:9d:13:97:47:10:
1d:53:03:7f:75:c6:b8:be:5f:1d:a3:3f:e8:10:3f:86:00:02:
a6:26:fd:06:3f:36:6d:85:ec:c9:d9:8c:f7:30:ef:25:70:93:
50:8e:40:a2:a8:ff:14:52:c1:41:71:40:52:c5:ba:be:e9:7f:
c9:ec:a7:c2:11:d0:88:db:55:2c:a3:6c:37:9d:bd:69:77:d3:
40:30:3a:84:57:59:f3:5a:2e:ba:7f:16:5b:56:eb:b0:b8:8d:
8a:40:eb:c9:44:07:51:58:6d:4b:e3:13:e5:14:2f:a9:89:39:
97:3b:ef:52:11:fb:9f:f9:50:71:94:0a:1a:3e:e5:f7:65:d4:
3f:7c:47:16:99:7f:bc:94:8b:73:6a:db:e7:14:19:50:2b:0a:
d5:99:da:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/eJfwN1F2PAH1cGIyHuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZmI0MDNhMjQxODgzZTU4ZmNlZDUyZDM5ZDgwZWFiZDUy
YmIzNmYwHhcNMjUwMTAyMDc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGZhMDg4ZDJjZjBiYmRmNGNlMTY4NmYxMDNhNWI1ZDIwZWZiZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8e4WrsgLuKojsVscncjUkFxmJpnr
+MKw0T9w23losiuwOPOwKehXjTnebvs0E96RM+1r9M7IaUeSmb+L5oU5/YrR1lfP
jE4lE9C6QWRNKbHUpKZNVG9BwPaFbakavjpfR/DJJHWoNt1BJ2uN5v4etolmH3+F
dPfaE0IltoOGXQNZomOUVSH5C1VX+sonBsRpe6/LukcpXUjfJqpq/IB/yJaZa2Jg
6CvWB8SSQwIJaIpEDL2fOITMjh678+bumhTFDz1Q95ks0riqzG7i5QcJ7oicWgNB
TdE0B8hLxYnhuCcOGeDIoVTJRz6OAAJVIruzifUI7fAQizgYTYB9ORCiWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHj6CI0s8LvfTOFobxA6W10g770KMB8GA1UdIwQY
MBaAFMP7QDokGIPlj87VLTnYDqvVK7NvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUt
YTlhNzc5MDI2ZjBhLzEvZVBvSWpTend1OTlNNFdodkVEcGJYU0R2dlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80ZGM2MjUtN2MxYy00ZGFjLTg5OWUtYTlhNzc5MDI2ZjBh
LzEvd190QU9pUVlnLVdQenRVdE9kZ09xOVVyczI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1a4VMA0G
CSqGSIb3DQEBCwUAA4IBAQAy43WgJM8znOW/zLkpmAQoySEAOl1rjW8h39yOE2Vs
cy0q77QqfESaktqx43sdIrrcQlfd9ILn0Oprllrt/tEieyHRdN2QsRLOEaljEWIF
i5IT2ZCtZkeEuo4o4O9NsALpX67KRvoOnROXRxAdUwN/dca4vl8doz/oED+GAAKm
Jv0GPzZthezJ2Yz3MO8lcJNQjkCiqP8UUsFBcUBSxbq+6X/J7KfCEdCI21Uso2w3
nb1pd9NAMDqEV1nzWi66fxZbVuuwuI2KQOvJRAdRWG1L4xPlFC+piTmXO+9SEfuf
+VBxlAoaPuX3ZdQ/fEcWmX+8lItzatvnFBlQKwrVmdpW
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:38 2025 by rpki-client