Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/Iiq1HkVTZWG93GXR5SmJNt8J3X0.roa
File: Iiq1HkVTZWG93GXR5SmJNt8J3X0.roa (raw, json)
Hash identifier: ACz9bOMro7XmfGTKe0GkQ+qfpA1L29Dv5xB1Qya9/EA=
Subject key identifier: 22:2A:B5:1E:45:53:65:61:BD:DC:65:D1:E5:29:89:36:DF:09:DD:7D
Certificate issuer: /CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Certificate serial: 01958452971214CFCD4D48117D2A21445E15
Authority key identifier: F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/Iiq1HkVTZWG93GXR5SmJNt8J3X0.roa
Signing time: Tue 11 Mar 2025 08:29:19 +0000
ROA not before: Tue 11 Mar 2025 08:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 83.136.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:52:97:12:14:cf:cd:4d:48:11:7d:2a:21:44:5e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Validity
Not Before: Mar 11 08:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=222ab51e45536561bddc65d1e5298936df09dd7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cd:51:c3:8f:25:cf:54:3e:7f:3e:90:23:7b:
90:d1:c9:3c:4f:8a:2b:d4:2b:f2:98:64:03:da:43:
6b:05:44:22:fd:29:d0:d9:67:75:5e:1f:99:4f:c8:
bf:6b:3e:b3:f1:bb:2a:0d:79:c6:f0:fb:1c:b8:ec:
cd:eb:29:bb:cf:9f:6d:90:4c:31:de:13:e7:aa:91:
aa:44:2d:0d:f6:e8:ac:33:9d:ac:b4:43:b2:e6:1c:
d6:f9:9d:bd:5d:2d:1c:ee:ea:eb:30:43:67:b1:94:
8f:47:a4:44:40:84:a6:76:e4:c3:d2:58:b8:e4:60:
ce:00:1f:04:a6:60:85:62:75:87:57:7c:95:29:b4:
95:51:d6:a3:80:e6:31:4e:eb:c1:7d:47:98:aa:ce:
d1:cb:f7:e3:a8:d3:d3:2e:16:94:fd:d5:1b:ee:43:
37:32:9d:d5:a3:2c:77:21:3c:6a:9a:5f:a7:9c:d5:
19:1c:f6:45:84:01:4e:66:04:4c:44:99:49:6f:2f:
c8:4e:5e:ae:5b:f1:90:9d:e2:2e:b9:ff:29:d3:5b:
0c:84:df:d1:0a:f4:87:ce:68:6e:c8:1b:66:1a:7e:
cd:c9:28:5d:28:a1:69:a4:38:20:a8:41:7c:b3:b6:
ba:4a:7b:0e:9f:59:f9:6c:29:33:07:d8:c0:5b:5e:
8d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2A:B5:1E:45:53:65:61:BD:DC:65:D1:E5:29:89:36:DF:09:DD:7D
X509v3 Authority Key Identifier:
keyid:F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/Iiq1HkVTZWG93GXR5SmJNt8J3X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.212.0/24
Signature Algorithm: sha256WithRSAEncryption
93:d7:3f:90:37:37:74:77:b9:94:f6:f4:fb:be:a3:e1:5f:a8:
d9:1f:e6:01:c5:52:10:43:b9:41:77:d7:df:42:b7:ca:91:b9:
95:12:ff:6c:95:f0:ec:66:53:92:51:e8:06:1b:38:e2:88:2a:
2c:48:44:30:ac:73:2c:32:10:cb:c4:b3:fe:b9:9e:ee:66:96:
e8:d8:5f:98:c7:f1:b9:d3:f7:d6:9e:6f:8a:00:c6:60:48:16:
f1:e0:7d:58:4c:1c:7a:70:42:a7:75:df:0a:30:60:6e:92:8a:
f5:b7:69:b0:3e:f5:e1:4d:e2:b4:98:39:26:9b:79:2a:8f:69:
c4:74:91:ec:80:dd:13:09:bf:1d:33:5a:95:3a:e7:3c:bc:95:
1d:92:cf:9d:c6:02:26:44:91:a2:68:bd:cb:b5:99:3c:22:8e:
66:8f:4c:0b:f3:0a:09:68:f2:6b:30:63:1e:af:c1:0c:56:65:
b7:49:d3:cd:73:43:f7:c1:13:e1:e4:7c:e3:19:27:05:27:36:
98:79:0b:d8:d8:30:c6:e1:96:fd:ce:20:0b:79:31:0c:ba:ec:
f6:c3:b1:28:79:f8:c4:16:a9:00:9f:71:de:3e:bf:1c:b3:98:
38:58:30:73:95:91:a8:dc:31:cf:8e:35:de:ae:36:c2:67:f2:
68:42:bc:23
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZWEUpcSFM/NTUgRfSohRF4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Nzk5ODhlMGY0OTk3MWEzMjZmNDE5ZTVjZmFjYmZkZGNj
OTkzZTcwHhcNMjUwMzExMDgyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJhYjUxZTQ1NTM2NTYxYmRkYzY1ZDFlNTI5ODkzNmRmMDlkZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs81Rw48lz1Q+fz6QI3uQ0ck8T4or
1CvymGQD2kNrBUQi/SnQ2Wd1Xh+ZT8i/az6z8bsqDXnG8PscuOzN6ym7z59tkEwx
3hPnqpGqRC0N9uisM52stEOy5hzW+Z29XS0c7urrMENnsZSPR6REQISmduTD0li4
5GDOAB8EpmCFYnWHV3yVKbSVUdajgOYxTuvBfUeYqs7Ry/fjqNPTLhaU/dUb7kM3
Mp3Voyx3ITxqml+nnNUZHPZFhAFOZgRMRJlJby/ITl6uW/GQneIuuf8p01sMhN/R
CvSHzmhuyBtmGn7NyShdKKFppDggqEF8s7a6SnsOn1n5bCkzB9jAW16NqQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCIqtR5FU2Vhvdxl0eUpiTbfCd19MB8GA1UdIwQY
MBaAFPh5mI4PSZcaMm9Bnlz6y/3cyZPnMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1IbVlqZzlKbHhveWIwR2VYUHJMX2R6SmstYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvYWYzZDgxLTAwNDctNDEzYy05MWY0
LTA0NzBiNGJiMzBkYi8xL0lpcTFIa1ZUWldHOTNHWFI1U21KTnQ4SjNYMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDUvYWYzZDgxLTAwNDctNDEzYy05MWY0LTA0NzBiNGJiMzBk
Yi8xLzEtSG1Zamc5Smx4b3liMEdlWFByTF9kekprLWMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABTiNQw
DQYJKoZIhvcNAQELBQADggEBAJPXP5A3N3R3uZT29Pu+o+FfqNkf5gHFUhBDuUF3
199Ct8qRuZUS/2yV8OxmU5JR6AYbOOKIKixIRDCscywyEMvEs/65nu5mlujYX5jH
8bnT99aeb4oAxmBIFvHgfVhMHHpwQqd13wowYG6SivW3abA+9eFN4rSYOSabeSqP
acR0keyA3RMJvx0zWpU65zy8lR2Sz53GAiZEkaJovcu1mTwijmaPTAvzCglo8msw
Yx6vwQxWZbdJ081zQ/fBE+HkfOMZJwUnNph5C9jYMMbhlv3OIAt5MQy67PbDsSh5
+MQWqQCfcd4+vxyzmDhYMHOVkajcMc+ONd6uNsJn8mhCvCM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:26:45 2025 by rpki-client