Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/hefvQQC5HBlbQ-EPV5xNwJ9mr8s.roa
File: hefvQQC5HBlbQ-EPV5xNwJ9mr8s.roa (raw, json)
Hash identifier: Ud9jnh2NMlpw3d8NsGfrdGK8oljkEFrFbqnJTHG6eJE=
Subject key identifier: 85:E7:EF:41:00:B9:1C:19:5B:43:E1:0F:57:9C:4D:C0:9F:66:AF:CB
Certificate issuer: /CN=a8010ceb20f2e076a3f000271a5c375761bec2f5
Certificate serial: 0194228DD3B1F580D2C813BAF25B7060B4C1
Authority key identifier: A8:01:0C:EB:20:F2:E0:76:A3:F0:00:27:1A:5C:37:57:61:BE:C2:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qAEM6yDy4Haj8AAnGlw3V2G-wvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/hefvQQC5HBlbQ-EPV5xNwJ9mr8s.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 213.175.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d3:b1:f5:80:d2:c8:13:ba:f2:5b:70:60:b4:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8010ceb20f2e076a3f000271a5c375761bec2f5
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85e7ef4100b91c195b43e10f579c4dc09f66afcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4f:ae:53:91:0a:07:a8:5c:ae:99:bd:0e:d9:
91:ab:09:cd:8d:3d:89:e5:4f:dd:c5:15:6e:fa:6b:
04:21:6b:46:c6:e7:5f:0a:41:86:54:9e:96:ea:95:
24:ff:8a:bc:19:c5:f7:a3:b5:45:fa:d4:5a:a4:75:
93:df:9d:24:91:b5:80:15:eb:c0:85:9d:73:5c:90:
23:16:27:25:90:61:72:53:2c:86:54:dd:0f:7f:1d:
11:6b:dc:da:fb:0e:7a:d4:58:3e:94:91:42:c9:ea:
1e:6f:94:a5:07:50:e0:95:61:e2:d6:f8:e1:a7:c5:
72:64:78:7d:7f:10:b0:b8:b3:94:22:b4:f6:e9:5b:
f6:0b:a2:95:49:9c:b5:a7:4c:42:ef:9d:22:24:35:
b0:dc:16:a6:e0:01:b1:fb:43:05:e2:3c:9e:e1:ce:
89:58:f8:ff:43:f0:7e:5c:8d:b8:d5:94:55:ba:95:
ce:aa:95:ac:5d:bb:94:da:27:5c:18:09:3e:24:2a:
6c:c0:52:bb:89:ad:79:67:c9:04:9a:37:7a:c2:4a:
14:e7:21:33:b8:85:a4:8e:3c:49:37:2e:c1:55:c8:
b8:ff:67:5b:a4:3a:a9:0b:76:eb:73:4c:31:76:c8:
a7:7f:86:bb:64:ce:63:27:01:47:ba:5b:74:ad:fa:
e6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E7:EF:41:00:B9:1C:19:5B:43:E1:0F:57:9C:4D:C0:9F:66:AF:CB
X509v3 Authority Key Identifier:
keyid:A8:01:0C:EB:20:F2:E0:76:A3:F0:00:27:1A:5C:37:57:61:BE:C2:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qAEM6yDy4Haj8AAnGlw3V2G-wvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/hefvQQC5HBlbQ-EPV5xNwJ9mr8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f444aa-ae8c-4d14-a3a3-49f65c6a48bf/1/qAEM6yDy4Haj8AAnGlw3V2G-wvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.175.133.0/24
Signature Algorithm: sha256WithRSAEncryption
49:3e:07:17:84:40:c3:7f:e9:93:ba:38:8e:46:11:67:50:5d:
ec:ee:82:03:6b:3d:ad:e9:a9:b4:9b:69:8e:9d:7a:4f:45:50:
db:9c:cb:27:ba:f0:50:bc:2c:5c:11:9d:69:e7:da:c3:b5:53:
9c:54:f2:61:d8:28:1a:6a:c6:fd:5e:7c:f1:49:2b:df:d0:03:
4c:a5:59:11:ab:06:84:e6:9d:6f:71:76:41:eb:01:86:3b:a0:
84:a1:6f:7a:fc:c2:b0:80:a4:05:8e:ad:0e:ee:ce:68:d3:2c:
66:14:b4:c7:6b:c6:b3:69:3c:e4:0b:62:3a:b6:2d:ee:c3:34:
a6:d4:f2:04:13:ad:8c:87:b5:4a:c7:95:42:90:7d:46:23:75:
1b:52:58:42:01:f7:86:6d:08:44:1a:b2:eb:d5:ca:19:0e:93:
d3:39:65:a8:52:da:ee:48:77:10:40:0b:1c:c9:bd:65:4b:b4:
24:fe:09:7d:37:a8:d1:89:e2:22:7a:c5:22:cd:ab:73:3e:4e:
bb:23:58:25:2f:83:b1:0e:6a:6b:9e:99:1c:7e:7b:20:d3:ad:
a2:ad:a5:d1:e6:20:e9:96:f2:d1:94:6f:1f:60:93:63:47:ce:
7d:72:70:76:08:a8:cc:6c:9f:ee:e4:c1:bf:b7:4a:2e:36:27:
28:57:b2:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijdOx9YDSyBO68ltwYLTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MDEwY2ViMjBmMmUwNzZhM2YwMDAyNzFhNWMzNzU3NjFi
ZWMyZjUwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWU3ZWY0MTAwYjkxYzE5NWI0M2UxMGY1NzljNGRjMDlmNjZhZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0+uU5EKB6hcrpm9DtmRqwnNjT2J
5U/dxRVu+msEIWtGxudfCkGGVJ6W6pUk/4q8GcX3o7VF+tRapHWT350kkbWAFevA
hZ1zXJAjFiclkGFyUyyGVN0Pfx0Ra9za+w561Fg+lJFCyeoeb5SlB1DglWHi1vjh
p8VyZHh9fxCwuLOUIrT26Vv2C6KVSZy1p0xC750iJDWw3Bam4AGx+0MF4jye4c6J
WPj/Q/B+XI241ZRVupXOqpWsXbuU2idcGAk+JCpswFK7ia15Z8kEmjd6wkoU5yEz
uIWkjjxJNy7BVci4/2dbpDqpC3brc0wxdsinf4a7ZM5jJwFHult0rfrmtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXn70EAuRwZW0PhD1ecTcCfZq/LMB8GA1UdIwQY
MBaAFKgBDOsg8uB2o/AAJxpcN1dhvsL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUFFTTZ5RHk0SGFqOEFBbkdsdzNWMkctd3ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mNDQ0YWEtYWU4Yy00ZDE0LWEzYTMt
NDlmNjVjNmE0OGJmLzEvaGVmdlFRQzVIQmxiUS1FUFY1eE53SjltcjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mNDQ0YWEtYWU4Yy00ZDE0LWEzYTMtNDlmNjVjNmE0OGJm
LzEvcUFFTTZ5RHk0SGFqOEFBbkdsdzNWMkctd3ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1a+FMA0G
CSqGSIb3DQEBCwUAA4IBAQBJPgcXhEDDf+mTujiORhFnUF3s7oIDaz2t6am0m2mO
nXpPRVDbnMsnuvBQvCxcEZ1p59rDtVOcVPJh2Cgaasb9XnzxSSvf0ANMpVkRqwaE
5p1vcXZB6wGGO6CEoW96/MKwgKQFjq0O7s5o0yxmFLTHa8azaTzkC2I6ti3uwzSm
1PIEE62Mh7VKx5VCkH1GI3UbUlhCAfeGbQhEGrLr1coZDpPTOWWoUtruSHcQQAsc
yb1lS7Qk/gl9N6jRieIiesUizatzPk67I1glL4OxDmprnpkcfnsg062iraXR5iDp
lvLRlG8fYJNjR859cnB2CKjMbJ/u5MG/t0ouNicoV7J0
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:19:37 2025 by rpki-client