Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/_7Xrz96iqK0o8cRfpLmW491feYk.roa
File: _7Xrz96iqK0o8cRfpLmW491feYk.roa (raw, json)
Hash identifier: TqwvStP0Oay0JmBPbcrhapGjP0FEFt/xUJr+3HQeNEw=
Subject key identifier: FF:B5:EB:CF:DE:A2:A8:AD:28:F1:C4:5F:A4:B9:96:E3:DD:5F:79:89
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 019423D70584E16170E5DF4EB567A45D4A9C
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/_7Xrz96iqK0o8cRfpLmW491feYk.roa
Signing time: Wed 01 Jan 2025 21:48:01 +0000
ROA not before: Wed 01 Jan 2025 21:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 213.238.166.0/24 maxlen: 24
213.238.173.0/24 maxlen: 24
213.238.177.0/24 maxlen: 24
213.238.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:05:84:e1:61:70:e5:df:4e:b5:67:a4:5d:4a:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 21:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffb5ebcfdea2a8ad28f1c45fa4b996e3dd5f7989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4c:5e:35:68:ae:6d:ac:0f:ed:98:85:6f:c1:
a0:ba:ea:f5:74:75:7c:1d:42:42:08:4a:0e:37:0c:
a0:31:6f:96:7e:75:a8:18:f3:6b:e0:bd:fe:a5:72:
96:b0:db:02:eb:9a:93:d1:e4:7f:a0:d8:99:69:29:
6c:06:6c:4e:02:fc:5a:2a:c0:f1:c3:8b:e3:de:95:
88:6c:9f:ba:6b:76:67:6f:a5:09:36:e7:02:6f:18:
fc:05:50:50:dd:93:5a:98:89:74:06:e6:0c:72:17:
25:46:7a:2f:7d:c5:4f:3c:bd:c3:fb:b8:d0:ab:da:
99:66:4f:ae:db:b5:c2:53:4e:a1:19:a0:c1:4e:5c:
c8:d2:0f:9b:19:f3:0b:5c:42:10:ff:8d:7e:04:c0:
cd:26:ad:f9:67:49:bf:5e:37:d6:51:c8:62:bd:74:
f3:52:8a:6f:c5:c2:31:a3:bc:9c:4c:3f:1e:98:70:
5d:8f:3b:48:0f:6b:8f:8b:da:41:22:0f:85:ba:9c:
66:10:3f:c5:f7:b5:74:a6:46:02:be:c4:42:56:d5:
0e:93:ad:3f:9e:3c:6d:45:8d:c5:5e:07:6f:75:64:
1f:04:8f:ad:54:ea:59:32:3c:da:a3:72:98:0d:ec:
8a:17:8a:a8:39:f3:81:9c:1a:2a:3f:b7:03:b9:8e:
6a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B5:EB:CF:DE:A2:A8:AD:28:F1:C4:5F:A4:B9:96:E3:DD:5F:79:89
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/_7Xrz96iqK0o8cRfpLmW491feYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.166.0/24
213.238.173.0/24
213.238.177.0/24
213.238.184.0/24
Signature Algorithm: sha256WithRSAEncryption
27:15:fb:d0:9e:bf:7a:ce:1c:f2:e4:9f:d7:a7:81:3a:4f:a7:
c9:2f:3f:0e:48:bd:46:cf:bd:e6:34:4a:c6:54:25:53:8e:c8:
2f:c1:87:5c:15:70:7a:9d:8b:ec:d7:3d:ba:73:d1:e6:08:69:
bc:c9:ad:0c:80:a5:d1:bd:76:97:e8:3b:fe:b9:72:87:e7:5d:
34:4d:60:67:f0:6a:a2:15:8f:a7:f8:08:92:00:9a:6c:f3:31:
22:76:28:6b:7a:7a:e9:a4:c7:99:53:db:73:da:fd:96:b5:18:
4b:ba:a7:bf:36:f1:71:be:90:41:b4:c7:2e:b1:ab:42:1a:2d:
66:90:10:c4:f0:ac:23:4e:1f:fb:31:45:6f:2a:01:b7:04:97:
b6:50:da:bf:93:11:6b:0b:93:b1:d6:83:4d:a6:0e:24:b3:44:
18:ec:96:37:59:96:59:41:ff:f0:05:81:53:1b:94:da:1b:e3:
6d:02:c8:98:20:80:81:79:de:49:19:62:92:f8:3b:87:c7:ce:
91:0b:2c:0d:a0:ef:18:e1:4c:79:20:d9:16:ce:9a:d1:2e:84:
cd:ed:d3:c7:d2:62:89:dd:b3:da:bf:ff:90:06:aa:2a:8d:14:
0f:3b:5e:2b:a3:81:7c:8c:f2:d1:9b:18:1b:10:7c:bc:f6:8c:
4a:16:9a:b0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1wWE4WFw5d9OtWekXUqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjUwMTAxMjE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmI1ZWJjZmRlYTJhOGFkMjhmMWM0NWZhNGI5OTZlM2RkNWY3OTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmExeNWiubawP7ZiFb8Gguur1dHV8
HUJCCEoONwygMW+WfnWoGPNr4L3+pXKWsNsC65qT0eR/oNiZaSlsBmxOAvxaKsDx
w4vj3pWIbJ+6a3Znb6UJNucCbxj8BVBQ3ZNamIl0BuYMchclRnovfcVPPL3D+7jQ
q9qZZk+u27XCU06hGaDBTlzI0g+bGfMLXEIQ/41+BMDNJq35Z0m/XjfWUchivXTz
UopvxcIxo7ycTD8emHBdjztID2uPi9pBIg+FupxmED/F97V0pkYCvsRCVtUOk60/
njxtRY3FXgdvdWQfBI+tVOpZMjzao3KYDeyKF4qoOfOBnBoqP7cDuY5qzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP+168/eoqitKPHEX6S5luPdX3mJMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvXzdYcno5NmlxSzBvOGNSZnBMbVc0OTFmZVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1e6mAwQA
1e6tAwQA1e6xAwQA1e64MA0GCSqGSIb3DQEBCwUAA4IBAQAnFfvQnr96zhzy5J/X
p4E6T6fJLz8OSL1Gz73mNErGVCVTjsgvwYdcFXB6nYvs1z26c9HmCGm8ya0MgKXR
vXaX6Dv+uXKH5100TWBn8GqiFY+n+AiSAJps8zEidihrenrppMeZU9tz2v2WtRhL
uqe/NvFxvpBBtMcusatCGi1mkBDE8KwjTh/7MUVvKgG3BJe2UNq/kxFrC5Ox1oNN
pg4ks0QY7JY3WZZZQf/wBYFTG5TaG+NtAsiYIICBed5JGWKS+DuHx86RCywNoO8Y
4Ux5INkWzprRLoTN7dPH0mKJ3bPav/+QBqoqjRQPO14ro4F8jPLRmxgbEHy89oxK
Fpqw
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:12:41 2025 by rpki-client