Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/B2qXevWL5NVS6Kg_fzotkPM4L0g.roa
File: B2qXevWL5NVS6Kg_fzotkPM4L0g.roa (raw, json)
Hash identifier: Aem8eM748Q8+dOqk2VycAVN7D6Gbjj6owSHy57GoOfc=
Subject key identifier: 07:6A:97:7A:F5:8B:E4:D5:52:E8:A8:3F:7F:3A:2D:90:F3:38:2F:48
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50CBDEFD
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/B2qXevWL5NVS6Kg_fzotkPM4L0g.roa
Signing time: Sat 01 Jan 2022 16:01:44 +0000
ROA not before: Sat 01 Jan 2022 16:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21190
IP address blocks: 194.209.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1355538173 (0x50cbdefd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=076a977af58be4d552e8a83f7f3a2d90f3382f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1b:6f:e6:d3:10:8f:d4:15:e9:08:1b:88:de:
28:d4:4d:82:d6:94:73:c3:35:07:88:44:30:74:04:
15:7e:0d:8c:d8:2e:bb:a4:f5:aa:be:35:4c:03:d3:
bb:c8:5c:3b:3d:fb:7f:cd:4e:5e:57:ff:64:ad:e8:
26:92:77:c1:61:29:85:e7:e5:f3:6e:14:d7:94:78:
72:19:9d:fd:68:43:a6:4f:c4:df:3b:7b:52:dd:82:
e9:3c:cd:64:01:6f:94:43:02:62:33:ce:de:79:ba:
a6:11:30:b4:d0:e9:d6:40:a9:ad:93:aa:6b:a8:ba:
ea:e9:25:e0:bc:25:17:c8:01:c8:b2:51:f1:10:9a:
99:30:e6:57:10:95:1f:1e:37:5a:9d:17:0f:62:7f:
27:2c:53:b5:39:6c:69:02:dc:07:67:73:ce:01:b8:
e1:a0:06:61:4e:c7:7f:48:13:40:10:33:c8:f9:05:
48:37:e1:b9:89:fa:79:61:47:36:73:d3:2f:cc:10:
b9:01:ac:d7:6f:6d:73:56:8b:ff:bb:68:34:70:56:
99:77:3a:5c:9c:4c:3f:37:70:e9:bd:96:41:f5:f2:
44:78:52:d7:95:91:fa:8c:87:f5:bb:54:45:9e:82:
c8:e4:fb:25:22:86:54:c5:e7:f5:b8:db:43:84:13:
ed:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:6A:97:7A:F5:8B:E4:D5:52:E8:A8:3F:7F:3A:2D:90:F3:38:2F:48
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/B2qXevWL5NVS6Kg_fzotkPM4L0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.217.0/24
Signature Algorithm: sha256WithRSAEncryption
33:00:7b:49:85:56:cf:b1:ff:3e:d7:82:ca:2a:b8:4e:07:d1:
2d:8e:3e:03:a8:6a:a7:5c:75:53:11:c7:02:f2:09:33:66:a2:
62:09:50:a6:db:42:a0:aa:e4:54:56:9d:7d:cc:63:95:e2:43:
29:08:c7:e8:6f:e5:d3:36:0a:ff:ee:67:8d:4c:76:50:aa:d6:
b9:fd:ef:e2:e0:5e:8a:01:28:6d:13:28:20:b8:10:66:01:87:
4e:e3:2f:ef:4b:10:84:3b:7d:5b:86:df:8b:f3:44:54:55:4b:
b5:4f:77:62:0f:e3:79:47:6c:13:79:a0:30:ae:7c:fc:8b:4e:
4a:50:22:43:69:43:06:bb:b4:ae:19:6f:1a:76:cd:b8:b2:2b:
02:26:e5:60:94:3b:c4:b1:00:12:89:80:57:96:da:48:9e:3a:
05:bd:09:ca:ed:f2:75:d2:cc:4b:b6:0c:41:b6:7c:ea:e1:41:
93:c9:34:9c:c4:25:3b:9e:0f:b4:11:f5:a5:4a:c0:f7:69:37:
c7:55:c8:6c:2f:75:10:0b:23:c4:44:00:ae:ae:72:3d:40:a5:
d0:a7:b7:91:5a:ff:22:be:84:ba:6b:b5:a1:23:4c:db:06:85:
f2:e9:b5:a7:5a:08:92:56:c9:e4:e0:d4:27:b8:c0:d7:12:fd:
c0:30:53:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEUMve/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc2YTk3N2FmNThi
ZTRkNTUyZThhODNmN2YzYTJkOTBmMzM4MmY0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUbb+bTEI/UFekIG4jeKNRNgtaUc8M1B4hEMHQEFX4NjNgu
u6T1qr41TAPTu8hcOz37f81OXlf/ZK3oJpJ3wWEphefl824U15R4chmd/WhDpk/E
3zt7Ut2C6TzNZAFvlEMCYjPO3nm6phEwtNDp1kCprZOqa6i66ukl4LwlF8gByLJR
8RCamTDmVxCVHx43Wp0XD2J/JyxTtTlsaQLcB2dzzgG44aAGYU7Hf0gTQBAzyPkF
SDfhuYn6eWFHNnPTL8wQuQGs129tc1aL/7toNHBWmXc6XJxMPzdw6b2WQfXyRHhS
15WR+oyH9btURZ6CyOT7JSKGVMXn9bjbQ4QT7VsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQHapd69Yvk1VLoqD9/Oi2Q8zgvSDAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L0IycVhldldMNU5WUzZLZ19mem90a1BNNEwwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMLR2TANBgkqhkiG9w0BAQsFAAOC
AQEAMwB7SYVWz7H/PteCyiq4TgfRLY4+A6hqp1x1UxHHAvIJM2aiYglQpttCoKrk
VFadfcxjleJDKQjH6G/l0zYK/+5njUx2UKrWuf3v4uBeigEobRMoILgQZgGHTuMv
70sQhDt9W4bfi/NEVFVLtU93Yg/jeUdsE3mgMK58/ItOSlAiQ2lDBru0rhlvGnbN
uLIrAiblYJQ7xLEAEomAV5baSJ46Bb0Jyu3yddLMS7YMQbZ86uFBk8k0nMQlO54P
tBH1pUrA92k3x1XIbC91EAsjxEQArq5yPUCl0Ke3kVr/Ir6Eumu1oSNM2waF8um1
p1oIklbJ5ODUJ7jA1xL9wDBTBA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:36:07 2025 by rpki-client