Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/r2nr9uHWjEIdTibij9wAoHFt-FM.roa
File: r2nr9uHWjEIdTibij9wAoHFt-FM.roa (raw, json)
Hash identifier: 9uPtC9m4AAQGXek/5tdGjDekJKVu5XPicOZ4ymE6WZ0=
Subject key identifier: AF:69:EB:F6:E1:D6:8C:42:1D:4E:26:E2:8F:DC:00:A0:71:6D:F8:53
Certificate issuer: /CN=951bb490e09df1467e4eec43d8f20484cee839fe
Certificate serial: 019424B38D2F7CE507081119EDF2EAD9DBB7
Authority key identifier: 95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/r2nr9uHWjEIdTibij9wAoHFt-FM.roa
Signing time: Thu 02 Jan 2025 01:48:54 +0000
ROA not before: Thu 02 Jan 2025 01:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 213.218.36.0/24 maxlen: 24
213.218.37.0/24 maxlen: 24
213.218.48.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8d:2f:7c:e5:07:08:11:19:ed:f2:ea:d9:db:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951bb490e09df1467e4eec43d8f20484cee839fe
Validity
Not Before: Jan 2 01:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af69ebf6e1d68c421d4e26e28fdc00a0716df853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:bd:1e:3e:2b:9c:da:32:91:dc:6b:b4:ec:
9b:69:6c:fd:30:ea:81:ac:a0:4a:dc:fd:df:9f:b1:
68:c9:12:d2:34:20:b0:06:dd:b7:5c:7a:37:74:4a:
d4:f8:01:6e:2b:0c:12:82:2a:a0:d8:60:ec:f0:bf:
d1:55:94:95:2d:2f:66:f0:0f:6d:40:36:e0:4b:19:
1d:c1:ce:c9:fc:8b:0d:65:9d:8d:fd:65:9c:29:bf:
5e:6e:d0:6e:72:14:94:8d:b0:13:12:cd:7f:94:c9:
ff:11:78:00:85:80:b7:6f:90:bf:db:8e:da:0e:ed:
ac:0d:22:da:aa:f9:26:d7:b4:57:fa:ad:9b:e7:11:
e2:ec:90:62:b3:bc:5f:84:89:2f:f9:00:6b:71:91:
78:48:1b:70:dd:55:3c:05:b9:49:93:46:cc:7e:83:
7f:bc:a3:a7:37:c1:a6:f0:32:b8:56:5f:2d:cc:7e:
c3:f4:4e:58:b3:a3:9c:04:91:aa:be:92:6b:fb:64:
d2:a3:32:41:35:6d:08:2c:90:d5:81:38:ee:93:6a:
cb:64:d6:15:99:85:51:bd:83:e4:27:a1:83:7f:8c:
b6:b5:65:6c:e9:f3:a9:78:e9:ca:13:c8:08:45:8a:
af:32:7f:d7:03:9c:ea:c1:0d:bc:e4:d8:59:2e:84:
15:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:69:EB:F6:E1:D6:8C:42:1D:4E:26:E2:8F:DC:00:A0:71:6D:F8:53
X509v3 Authority Key Identifier:
keyid:95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/r2nr9uHWjEIdTibij9wAoHFt-FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.36.0/23
213.218.48.0/22
Signature Algorithm: sha256WithRSAEncryption
09:2e:1d:5c:e5:47:86:83:27:5c:08:59:db:7f:8e:03:e1:39:
6a:34:b6:00:1e:26:3a:b0:49:19:94:30:b4:8e:d8:cb:de:b2:
3d:9b:0b:1e:ba:e2:65:d8:11:53:9c:e6:62:a3:5d:7e:2e:55:
04:c3:3c:eb:1b:b8:ce:7a:a6:93:36:c6:c9:b2:ca:be:b6:95:
f8:28:33:6e:de:84:18:65:64:3e:cb:d8:19:c9:d4:06:f8:62:
ce:8e:e9:b5:63:3f:9f:bb:c3:e2:22:67:64:db:ce:69:ae:ae:
61:d9:15:80:6f:15:aa:9e:a3:6f:a1:dc:92:1d:69:b9:4c:7a:
20:62:dc:ed:8a:3a:77:08:2e:44:62:63:5d:d2:c4:6a:94:f5:
f6:e2:da:b3:fd:c4:d3:ca:c6:01:0f:f0:48:a9:0f:80:d5:b8:
8e:d0:26:76:54:6d:10:48:a6:16:86:ef:c0:ea:8e:34:0f:17:
03:0a:15:ff:05:7c:20:a0:6c:69:2e:54:b6:a4:10:1d:e5:05:
f9:9b:0d:1e:64:63:ea:46:10:93:1b:e5:58:6e:3f:a4:c3:bf:
1b:cb:b4:06:76:47:59:7c:51:5a:87:d4:6f:0a:02:e5:16:89:
f4:54:47:93:4c:0b:0c:14:5b:2a:45:a4:8e:98:17:59:14:c9:
fe:3f:3b:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks40vfOUHCBEZ7fLq2du3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MWJiNDkwZTA5ZGYxNDY3ZTRlZWM0M2Q4ZjIwNDg0Y2Vl
ODM5ZmUwHhcNMjUwMTAyMDE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY5ZWJmNmUxZDY4YzQyMWQ0ZTI2ZTI4ZmRjMDBhMDcxNmRmODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMq9Hj4rnNoykdxrtOybaWz9MOqB
rKBK3P3fn7FoyRLSNCCwBt23XHo3dErU+AFuKwwSgiqg2GDs8L/RVZSVLS9m8A9t
QDbgSxkdwc7J/IsNZZ2N/WWcKb9ebtBuchSUjbATEs1/lMn/EXgAhYC3b5C/247a
Du2sDSLaqvkm17RX+q2b5xHi7JBis7xfhIkv+QBrcZF4SBtw3VU8BblJk0bMfoN/
vKOnN8Gm8DK4Vl8tzH7D9E5Ys6OcBJGqvpJr+2TSozJBNW0ILJDVgTjuk2rLZNYV
mYVRvYPkJ6GDf4y2tWVs6fOpeOnKE8gIRYqvMn/XA5zqwQ285NhZLoQVtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9p6/bh1oxCHU4m4o/cAKBxbfhTMB8GA1UdIwQY
MBaAFJUbtJDgnfFGfk7sQ9jyBITO6Dn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTct
MWRiNGVkMTMxYmMzLzEvcjJucjl1SFdqRUlkVGliaWo5d0FvSEZ0LUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTctMWRiNGVkMTMxYmMz
LzEvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1dokAwQC
1dowMA0GCSqGSIb3DQEBCwUAA4IBAQAJLh1c5UeGgydcCFnbf44D4TlqNLYAHiY6
sEkZlDC0jtjL3rI9mwseuuJl2BFTnOZio11+LlUEwzzrG7jOeqaTNsbJssq+tpX4
KDNu3oQYZWQ+y9gZydQG+GLOjum1Yz+fu8PiImdk285prq5h2RWAbxWqnqNvodyS
HWm5THogYtztijp3CC5EYmNd0sRqlPX24tqz/cTTysYBD/BIqQ+A1biO0CZ2VG0Q
SKYWhu/A6o40DxcDChX/BXwgoGxpLlS2pBAd5QX5mw0eZGPqRhCTG+VYbj+kw78b
y7QGdkdZfFFah9RvCgLlFon0VEeTTAsMFFsqRaSOmBdZFMn+Pzt3
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:51:08 2025 by rpki-client