Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/1-Qbe7ItKLmTD3ZT6I_tfhnKA1F0.roa
File: 1-Qbe7ItKLmTD3ZT6I_tfhnKA1F0.roa (raw, json)
Hash identifier: 35+u2TcewFG5MPcgu5/CWUo29LHqw3M3ErLqVomO6t4=
Subject key identifier: F9:06:DE:EC:8B:4A:2E:64:C3:DD:94:FA:23:FB:5F:86:72:80:D4:5D
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 0195D766BF9A7D66AB982A0B11ACE80D2947
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/1-Qbe7ItKLmTD3ZT6I_tfhnKA1F0.roa
Signing time: Thu 27 Mar 2025 11:39:49 +0000
ROA not before: Thu 27 Mar 2025 11:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204457
IP address blocks: 213.238.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:66:bf:9a:7d:66:ab:98:2a:0b:11:ac:e8:0d:29:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Mar 27 11:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f906deec8b4a2e64c3dd94fa23fb5f867280d45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:74:35:c5:15:b1:85:42:ba:05:cc:12:52:f6:
bf:15:52:ac:72:3f:f0:14:ef:83:29:09:10:d3:52:
d7:b3:f1:e4:aa:aa:31:e8:e7:2e:2f:7a:fb:7b:02:
7f:f3:96:85:07:9c:0e:6e:6c:80:00:a7:23:8b:60:
c5:ca:7d:14:94:e3:f4:e4:e9:69:7d:b0:28:af:ad:
26:1f:19:74:d0:3f:8c:6d:c1:aa:14:77:6e:3f:f3:
a0:09:89:36:0e:8d:df:3f:c2:a7:29:f6:00:42:6a:
ec:58:19:97:5f:4e:ae:b5:20:ac:99:84:2a:93:b3:
33:ec:51:b9:bd:3d:18:b8:dd:be:e8:9a:d7:ad:7f:
ea:43:61:ca:66:db:8c:67:ef:fd:57:9f:4f:70:19:
4e:87:f8:18:0b:96:d4:e1:5b:ae:48:39:8c:17:a9:
1c:69:d6:a4:dc:3f:12:81:75:22:67:0c:a1:2a:0c:
56:54:0f:64:98:f5:c9:ab:79:41:35:76:d9:9f:87:
28:5a:39:44:0e:0c:ca:bd:05:74:e0:71:b8:92:df:
ae:f5:4f:78:ca:dc:66:96:a7:87:2c:fb:d0:54:a9:
ef:40:4e:f0:85:2c:3d:a2:6c:d0:f0:61:be:b8:1f:
72:c5:eb:cd:42:bd:92:ff:a9:10:c0:09:89:27:7c:
69:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:06:DE:EC:8B:4A:2E:64:C3:DD:94:FA:23:FB:5F:86:72:80:D4:5D
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/1-Qbe7ItKLmTD3ZT6I_tfhnKA1F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:99:fc:2b:73:8f:cb:e6:a6:3a:72:a1:09:dd:3c:84:35:e6:
3f:25:c5:f1:21:fb:5e:de:90:89:83:c3:cd:a6:b7:f9:48:24:
73:0c:03:b2:54:b8:e1:28:3e:42:a9:f1:e9:f5:0c:fe:61:9e:
d1:1a:42:c1:f2:cc:7a:15:89:ff:c7:3d:7e:86:41:ec:a9:02:
f2:6e:29:0a:97:f5:96:b1:83:6c:b6:c7:74:4b:12:8e:91:75:
05:5b:c7:7b:75:6d:07:b1:35:1e:9d:21:af:ad:41:07:62:93:
ed:a1:30:2a:50:f9:c0:d1:23:96:d1:e3:64:0c:54:1c:96:95:
c3:04:6e:ca:2a:a1:a6:68:02:dc:68:ed:b6:34:3c:87:fc:e3:
83:f8:88:b3:6d:97:65:ac:c9:66:d5:b4:31:5e:d7:de:3b:9d:
49:d5:2b:cd:8f:e0:3f:33:4b:e6:4d:25:e4:0e:9b:4b:01:79:
c2:17:0d:8d:7c:dc:eb:ac:6e:3b:b2:94:84:64:e9:66:a8:14:
dd:90:d0:b4:fb:83:ea:b4:73:a3:ae:1d:eb:82:d6:99:fa:47:
a1:f2:a5:a8:9d:92:b7:0b:d4:9d:2d:3b:69:bc:34:8b:52:46:
a3:2b:57:3e:32:2d:0e:87:c3:b1:70:29:55:17:0a:82:24:ae:
08:b7:57:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXXZr+afWarmCoLEazoDSlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjUwMzI3MTEzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA2ZGVlYzhiNGEyZTY0YzNkZDk0ZmEyM2ZiNWY4NjcyODBkNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3Q1xRWxhUK6BcwSUva/FVKscj/w
FO+DKQkQ01LXs/Hkqqox6OcuL3r7ewJ/85aFB5wObmyAAKcji2DFyn0UlOP05Olp
fbAor60mHxl00D+MbcGqFHduP/OgCYk2Do3fP8KnKfYAQmrsWBmXX06utSCsmYQq
k7Mz7FG5vT0YuN2+6JrXrX/qQ2HKZtuMZ+/9V59PcBlOh/gYC5bU4VuuSDmMF6kc
adak3D8SgXUiZwyhKgxWVA9kmPXJq3lBNXbZn4coWjlEDgzKvQV04HG4kt+u9U94
ytxmlqeHLPvQVKnvQE7whSw9omzQ8GG+uB9yxevNQr2S/6kQwAmJJ3xpUwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkG3uyLSi5kw92U+iP7X4ZygNRdMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvMS1RYmU3SXRLTG1URDNaVDZJX3RmaG5LQTFGMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvNmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFh
OS8xL1ZNdmFlTEhSdGhQZlZsXzVsd0MycnVsQTNqOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXurjAN
BgkqhkiG9w0BAQsFAAOCAQEAnJn8K3OPy+amOnKhCd08hDXmPyXF8SH7Xt6QiYPD
zaa3+UgkcwwDslS44Sg+Qqnx6fUM/mGe0RpCwfLMehWJ/8c9foZB7KkC8m4pCpf1
lrGDbLbHdEsSjpF1BVvHe3VtB7E1Hp0hr61BB2KT7aEwKlD5wNEjltHjZAxUHJaV
wwRuyiqhpmgC3GjttjQ8h/zjg/iIs22XZazJZtW0MV7X3judSdUrzY/gPzNL5k0l
5A6bSwF5whcNjXzc66xuO7KUhGTpZqgU3ZDQtPuD6rRzo64d64LWmfpHofKlqJ2S
twvUnS07abw0i1JGoytXPjItDofDsXApVRcKgiSuCLdXSA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:39:06 2025 by rpki-client