Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/4wV3tNw8L-G2g-REyKg7rTv19xc.roa
File: 4wV3tNw8L-G2g-REyKg7rTv19xc.roa (raw, json)
Hash identifier: mlDNB6DLTguCsOh+3JJiKoaNz1XvyyZU+vhtwaeg1hU=
Subject key identifier: E3:05:77:B4:DC:3C:2F:E1:B6:83:E4:44:C8:A8:3B:AD:3B:F5:F7:17
Certificate issuer: /CN=193743467b4da41c6295e9351153309586ba2399
Certificate serial: 0194B1BCB549583FC024B53F2377789C5887
Authority key identifier: 19:37:43:46:7B:4D:A4:1C:62:95:E9:35:11:53:30:95:86:BA:23:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GTdDRntNpBxilek1EVMwlYa6I5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/4wV3tNw8L-G2g-REyKg7rTv19xc.roa
Signing time: Wed 29 Jan 2025 11:05:21 +0000
ROA not before: Wed 29 Jan 2025 11:05:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212283
IP address blocks: 213.149.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:bc:b5:49:58:3f:c0:24:b5:3f:23:77:78:9c:58:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=193743467b4da41c6295e9351153309586ba2399
Validity
Not Before: Jan 29 11:05:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e30577b4dc3c2fe1b683e444c8a83bad3bf5f717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:45:3e:df:a6:1a:29:69:a5:44:ac:7d:b0:96:
a6:9f:61:54:b7:55:7f:49:62:65:43:07:be:09:14:
e1:df:24:a0:b7:88:4f:f9:1c:83:12:20:35:e8:55:
15:7c:15:cf:3e:a4:72:da:b0:62:90:95:7c:a5:3b:
90:e5:6d:76:eb:c9:e4:9c:eb:79:47:ae:eb:52:d6:
09:44:b1:83:07:1c:22:21:45:f5:4d:2e:1e:55:14:
15:f9:51:50:8c:41:9a:8f:c3:5c:34:64:0e:3a:19:
07:51:ce:ed:25:48:e2:0a:1a:73:28:d6:5b:1f:19:
7f:0a:3d:6d:b7:0a:62:34:20:c3:e1:ed:da:60:2d:
af:e4:ba:dc:be:e8:97:79:9d:45:18:b4:bc:4b:19:
e4:d9:bf:31:29:f0:38:96:c3:ae:50:05:82:4b:c2:
33:d2:c7:6e:d5:51:ed:2b:64:cf:09:dd:4c:2b:75:
76:67:78:ef:f2:22:35:e0:b2:f2:21:10:49:da:1a:
3a:8c:67:6c:2d:01:b2:8e:ea:30:2c:8b:79:07:df:
24:27:3d:9b:2b:c9:7b:af:6d:3a:70:c2:a9:fe:5b:
19:e4:d3:e5:6f:eb:73:f1:2a:26:7c:f4:56:85:bc:
fd:f3:85:ba:43:b5:9f:a2:20:89:94:e9:c9:b4:90:
12:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:05:77:B4:DC:3C:2F:E1:B6:83:E4:44:C8:A8:3B:AD:3B:F5:F7:17
X509v3 Authority Key Identifier:
keyid:19:37:43:46:7B:4D:A4:1C:62:95:E9:35:11:53:30:95:86:BA:23:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GTdDRntNpBxilek1EVMwlYa6I5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/4wV3tNw8L-G2g-REyKg7rTv19xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/GTdDRntNpBxilek1EVMwlYa6I5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.149.145.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:0d:87:c6:fb:c9:24:a4:b7:09:d4:2c:cc:f3:50:e4:31:87:
cf:2e:ad:58:2a:59:3f:0d:4e:52:da:8b:a7:89:64:43:23:3d:
65:f7:f1:60:aa:a3:d0:88:e2:75:d1:02:15:d2:4a:eb:54:f0:
c5:53:fc:33:7a:71:54:36:76:7c:6c:e3:34:fc:e3:fb:62:6b:
2b:65:2b:b4:5c:1b:ee:7e:92:c6:8e:02:9c:d3:a4:10:35:6c:
71:55:e7:a6:37:1b:bd:ba:28:05:d1:55:8a:86:a1:36:93:6d:
c0:80:a7:e2:23:5c:e7:0d:8f:78:fd:83:27:26:73:e8:3e:bb:
3f:00:4e:bf:26:3d:5f:87:c5:36:97:71:79:ed:81:b7:f8:78:
49:30:04:2f:f9:49:c6:fc:86:bf:5a:df:5a:28:fc:3f:64:15:
d8:6f:db:1b:d9:5b:f3:ae:12:9e:1f:86:29:6c:0c:7d:13:ae:
d8:d6:ed:ea:f7:b5:c5:68:c7:1e:65:f1:f3:ef:56:a7:46:f0:
32:35:47:2e:21:06:36:d3:c3:ca:75:84:08:38:a7:e5:37:2e:
35:4c:57:4b:d7:22:2c:d4:7c:36:73:17:1e:7a:89:2d:ab:46:
f1:72:53:08:ca:0d:90:28:29:70:eb:6f:49:25:f2:b7:94:fb:
75:5d:34:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSxvLVJWD/AJLU/I3d4nFiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Mzc0MzQ2N2I0ZGE0MWM2Mjk1ZTkzNTExNTMzMDk1ODZi
YTIzOTkwHhcNMjUwMTI5MTEwNTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA1NzdiNGRjM2MyZmUxYjY4M2U0NDRjOGE4M2JhZDNiZjVmNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskU+36YaKWmlRKx9sJamn2FUt1V/
SWJlQwe+CRTh3ySgt4hP+RyDEiA16FUVfBXPPqRy2rBikJV8pTuQ5W1268nknOt5
R67rUtYJRLGDBxwiIUX1TS4eVRQV+VFQjEGaj8NcNGQOOhkHUc7tJUjiChpzKNZb
Hxl/Cj1ttwpiNCDD4e3aYC2v5LrcvuiXeZ1FGLS8Sxnk2b8xKfA4lsOuUAWCS8Iz
0sdu1VHtK2TPCd1MK3V2Z3jv8iI14LLyIRBJ2ho6jGdsLQGyjuowLIt5B98kJz2b
K8l7r206cMKp/lsZ5NPlb+tz8SomfPRWhbz984W6Q7WfoiCJlOnJtJASnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMFd7TcPC/htoPkRMioO6079fcXMB8GA1UdIwQY
MBaAFBk3Q0Z7TaQcYpXpNRFTMJWGuiOZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1RkRFJudE5wQnhpbGVrMUVWTXdsWWE2STVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNjcwM2EtMTIyYi00MTE2LWIzMTct
Y2E1ZmNjYmY3YThjLzEvNHdWM3ROdzhMLUcyZy1SRXlLZzdyVHYxOXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNjcwM2EtMTIyYi00MTE2LWIzMTctY2E1ZmNjYmY3YThj
LzEvR1RkRFJudE5wQnhpbGVrMUVWTXdsWWE2STVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZWRMA0G
CSqGSIb3DQEBCwUAA4IBAQC1DYfG+8kkpLcJ1CzM81DkMYfPLq1YKlk/DU5S2oun
iWRDIz1l9/FgqqPQiOJ10QIV0krrVPDFU/wzenFUNnZ8bOM0/OP7YmsrZSu0XBvu
fpLGjgKc06QQNWxxVeemNxu9uigF0VWKhqE2k23AgKfiI1znDY94/YMnJnPoPrs/
AE6/Jj1fh8U2l3F57YG3+HhJMAQv+UnG/Ia/Wt9aKPw/ZBXYb9sb2VvzrhKeH4Yp
bAx9E67Y1u3q97XFaMceZfHz71anRvAyNUcuIQY208PKdYQIOKflNy41TFdL1yIs
1Hw2cxceeoktq0bxclMIyg2QKClw629JJfK3lPt1XTQv
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:02:07 2025 by rpki-client