Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/d98mF8VuRmp24iJGNGtsA82Qm3k.roa
File: d98mF8VuRmp24iJGNGtsA82Qm3k.roa (raw, json)
Hash identifier: St6m9PVExFvayS/533ff6DbQIFfqWRPHTLli6ct6T54=
Subject key identifier: 77:DF:26:17:C5:6E:46:6A:76:E2:22:46:34:6B:6C:03:CD:90:9B:79
Certificate issuer: /CN=6566addf9ca0de49a6eef49858384f54f47a56f0
Certificate serial: 019422FC297D1AAD12B41B2D95EE37A75FC2
Authority key identifier: 65:66:AD:DF:9C:A0:DE:49:A6:EE:F4:98:58:38:4F:54:F4:7A:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/d98mF8VuRmp24iJGNGtsA82Qm3k.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43229
IP address blocks: 185.213.12.0/24 maxlen: 24
185.213.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:29:7d:1a:ad:12:b4:1b:2d:95:ee:37:a7:5f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6566addf9ca0de49a6eef49858384f54f47a56f0
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77df2617c56e466a76e22246346b6c03cd909b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7a:b0:63:55:cf:f2:c1:07:c3:6b:79:99:c8:
82:1a:92:11:93:ed:0e:40:29:78:7b:6e:27:db:5e:
b2:01:0c:02:b7:fa:00:2b:4d:9a:dc:5c:98:8a:bb:
d0:12:99:d8:0a:d0:66:bf:7d:f4:71:e6:c9:d3:f2:
5f:70:28:fd:62:96:d0:c5:68:30:de:0a:56:92:99:
cd:99:4a:5a:29:ce:30:93:f8:83:e8:bc:96:9f:74:
e1:8f:09:44:91:db:3f:be:05:72:d1:44:61:53:3d:
e9:27:07:c4:1f:51:56:c5:2a:29:e4:82:59:e7:76:
cc:9f:bb:4d:43:da:40:43:72:3e:14:3c:54:ad:cc:
72:65:75:ab:04:4c:75:38:e1:bb:ea:f5:68:9d:be:
03:36:85:ba:9a:20:cd:20:2d:cb:e7:19:29:20:c3:
47:ea:3d:ef:0b:a4:e7:65:28:20:66:25:f2:f8:50:
57:6d:84:22:3c:0f:e2:bd:08:e6:2d:38:77:f0:0c:
32:20:a4:f7:cb:cd:32:41:b8:15:b4:79:f1:de:97:
72:6d:54:c5:61:31:07:b0:1c:22:65:9c:11:2d:a3:
35:f9:30:79:3b:cb:97:49:f7:4a:e6:b0:2c:6a:f1:
c3:48:f2:99:29:38:f1:4b:70:e1:66:07:cc:41:b9:
f2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DF:26:17:C5:6E:46:6A:76:E2:22:46:34:6B:6C:03:CD:90:9B:79
X509v3 Authority Key Identifier:
keyid:65:66:AD:DF:9C:A0:DE:49:A6:EE:F4:98:58:38:4F:54:F4:7A:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/d98mF8VuRmp24iJGNGtsA82Qm3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/ZWat35yg3kmm7vSYWDhPVPR6VvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.12.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:73:99:d7:15:8c:ae:9d:be:ab:ea:49:6d:7a:d2:45:3e:7b:
92:9c:6e:44:1d:9d:3c:90:b6:51:bf:dd:07:cd:fe:05:45:e4:
5f:d0:92:d4:b5:a6:a6:67:9a:47:c7:da:01:d4:38:19:dd:08:
bb:d0:ff:d5:5b:73:44:6f:27:cb:43:22:c1:f0:17:98:4c:8b:
d7:47:b6:59:de:62:5f:bf:94:a4:44:58:88:1a:a8:aa:09:26:
a1:35:bf:ec:7a:1d:19:f3:ef:b4:8d:4b:70:48:c1:5e:d7:e6:
16:fd:53:f3:bb:d2:dc:51:3d:ba:09:e9:13:a6:7c:5a:df:74:
4a:47:f0:a2:d2:a4:f4:f0:56:4d:62:95:44:bb:2b:ff:15:ae:
d5:a9:1e:2c:6c:26:01:35:e0:54:8e:9b:fe:e0:23:f9:5d:14:
36:25:59:a4:a5:2b:f5:9e:22:d7:62:71:c8:b4:0e:b1:e2:c7:
aa:13:1f:dd:97:de:5f:2d:15:c5:59:1a:b5:c6:33:31:95:fc:
2d:ce:08:a1:f7:33:f5:89:b4:31:da:7f:57:ee:c1:2f:89:08:
12:52:6f:12:e3:e6:41:b6:c3:42:9c:b8:9f:3b:e3:da:f9:8e:
6e:6f:20:c3:2f:e8:fb:78:28:82:4c:d2:f8:40:41:0c:92:02:
b7:7e:14:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/Cl9Gq0StBstle43p1/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NjZhZGRmOWNhMGRlNDlhNmVlZjQ5ODU4Mzg0ZjU0ZjQ3
YTU2ZjAwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RmMjYxN2M1NmU0NjZhNzZlMjIyNDYzNDZiNmMwM2NkOTA5Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnqwY1XP8sEHw2t5mciCGpIRk+0O
QCl4e24n216yAQwCt/oAK02a3FyYirvQEpnYCtBmv330cebJ0/JfcCj9YpbQxWgw
3gpWkpnNmUpaKc4wk/iD6LyWn3ThjwlEkds/vgVy0URhUz3pJwfEH1FWxSop5IJZ
53bMn7tNQ9pAQ3I+FDxUrcxyZXWrBEx1OOG76vVonb4DNoW6miDNIC3L5xkpIMNH
6j3vC6TnZSggZiXy+FBXbYQiPA/ivQjmLTh38AwyIKT3y80yQbgVtHnx3pdybVTF
YTEHsBwiZZwRLaM1+TB5O8uXSfdK5rAsavHDSPKZKTjxS3DhZgfMQbnybQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHffJhfFbkZqduIiRjRrbAPNkJt5MB8GA1UdIwQY
MBaAFGVmrd+coN5Jpu70mFg4T1T0elbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWldhdDM1eWcza21tN3ZTWVdEaFBWUFI2VnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iZDU2ZDctMzg5OS00MGU1LTk2MTIt
M2YyOGI2YWRiZGE5LzEvZDk4bUY4VnVSbXAyNGlKR05HdHNBODJRbTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iZDU2ZDctMzg5OS00MGU1LTk2MTItM2YyOGI2YWRiZGE5
LzEvWldhdDM1eWcza21tN3ZTWVdEaFBWUFI2VnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudUMMA0G
CSqGSIb3DQEBCwUAA4IBAQClc5nXFYyunb6r6kltetJFPnuSnG5EHZ08kLZRv90H
zf4FReRf0JLUtaamZ5pHx9oB1DgZ3Qi70P/VW3NEbyfLQyLB8BeYTIvXR7ZZ3mJf
v5SkRFiIGqiqCSahNb/seh0Z8++0jUtwSMFe1+YW/VPzu9LcUT26CekTpnxa33RK
R/Ci0qT08FZNYpVEuyv/Fa7VqR4sbCYBNeBUjpv+4CP5XRQ2JVmkpSv1niLXYnHI
tA6x4seqEx/dl95fLRXFWRq1xjMxlfwtzgih9zP1ibQx2n9X7sEviQgSUm8S4+ZB
tsNCnLifO+Pa+Y5ubyDDL+j7eCiCTNL4QEEMkgK3fhS+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:37 2025 by rpki-client