Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/Er4q-ntf21V2LJmOyqXFaXIYKGo.roa
File: Er4q-ntf21V2LJmOyqXFaXIYKGo.roa (raw, json)
Hash identifier: EkLZ1F84utlPvOzImp0rm3mYnabYaklyzxgF/nC7hkE=
Subject key identifier: 12:BE:2A:FA:7B:5F:DB:55:76:2C:99:8E:CA:A5:C5:69:72:18:28:6A
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 018CC94CA5A81AFAFC4C1ED06C36AFD0F85A
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/Er4q-ntf21V2LJmOyqXFaXIYKGo.roa
Signing time: Tue 02 Jan 2024 08:31:32 +0000
ROA not before: Tue 02 Jan 2024 08:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 213.137.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a5:a8:1a:fa:fc:4c:1e:d0:6c:36:af:d0:f8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 2 08:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12be2afa7b5fdb55762c998ecaa5c5697218286a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4d:07:17:d9:58:76:7e:1b:b7:22:0a:74:a9:
b8:64:ed:83:62:cc:69:ec:14:a8:f7:59:e0:73:57:
1a:36:79:fd:6d:5a:d4:d0:13:68:57:39:29:39:1a:
a5:1b:86:7c:9c:16:8b:a2:1f:7f:f6:22:af:23:ae:
af:fe:80:18:c8:cb:a5:7f:f2:e1:ef:1d:16:47:1c:
d1:6e:7c:73:46:81:34:ae:9d:5f:70:0c:53:41:ac:
89:7d:ae:03:56:e8:63:c7:ef:0d:81:40:50:d9:1e:
8b:9e:45:2f:0c:81:67:d3:62:2f:33:03:91:2f:f7:
25:b2:60:1c:04:4f:b7:2c:67:e5:a9:d4:77:47:3a:
c3:6c:2c:a8:22:98:29:81:96:6c:e2:97:54:1c:a3:
0d:46:0b:ef:35:c8:bb:21:31:a3:d0:57:d0:95:af:
26:9d:5f:77:87:97:c0:67:ce:bf:3c:30:0b:6f:c8:
15:2c:84:ea:50:ba:1c:e7:48:f0:20:6b:a8:6d:1b:
e7:59:df:51:40:db:2f:ca:e2:2d:94:fa:c4:7f:31:
03:fa:cd:d6:86:73:e9:ef:4a:02:bb:68:e7:29:3e:
3a:c0:a6:15:e5:6b:29:75:77:0a:67:f5:d7:62:46:
6f:90:1f:73:cd:9e:5a:9f:08:42:65:61:51:bd:bb:
c6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BE:2A:FA:7B:5F:DB:55:76:2C:99:8E:CA:A5:C5:69:72:18:28:6A
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/Er4q-ntf21V2LJmOyqXFaXIYKGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.137.82.0/24
Signature Algorithm: sha256WithRSAEncryption
76:db:29:df:3f:8b:86:d4:dc:d1:66:b9:af:ba:8c:b6:e5:76:
7a:86:32:ab:30:e7:6c:0b:54:20:3f:3f:ed:1d:b4:37:68:1e:
27:6f:3a:54:b9:2e:1f:bb:ee:92:e8:1e:c8:bb:00:6c:93:3a:
d1:e5:35:50:fa:b4:9e:2a:7a:6a:00:cc:98:e9:0c:94:c2:94:
ca:be:37:04:02:2b:80:a7:c2:79:45:32:f7:4b:d2:4b:18:3e:
f4:f8:e1:8e:4a:aa:0d:8c:16:e8:d8:37:d7:a5:ad:83:aa:88:
2b:24:e4:34:ab:c4:7f:94:c0:7a:29:6b:17:1a:1e:8b:66:13:
1e:0a:ea:75:8e:50:a1:66:1b:e8:8b:a9:2c:f2:4d:b0:4f:3d:
8e:05:8e:4c:1a:94:d0:ea:0f:05:40:51:92:47:7e:38:8b:90:
0b:1c:3e:6a:48:81:87:51:89:06:86:7d:05:76:52:fe:d3:cf:
83:ba:5a:6d:56:62:aa:4f:0d:5c:8f:50:fc:8e:ce:14:c1:ff:
51:b3:cc:f8:42:29:ff:03:92:97:24:c0:52:40:5f:23:48:4c:
e8:80:c0:f4:ab:4e:a4:95:81:eb:54:ac:7c:75:7f:f2:63:32:
5d:4e:a7:87:31:a8:be:39:eb:f0:78:0a:26:a9:89:6f:95:4b:
c9:37:27:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTKWoGvr8TB7QbDav0PhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjQwMTAyMDgzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmJlMmFmYTdiNWZkYjU1NzYyYzk5OGVjYWE1YzU2OTcyMTgyODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgU0HF9lYdn4btyIKdKm4ZO2DYsxp
7BSo91ngc1caNnn9bVrU0BNoVzkpORqlG4Z8nBaLoh9/9iKvI66v/oAYyMulf/Lh
7x0WRxzRbnxzRoE0rp1fcAxTQayJfa4DVuhjx+8NgUBQ2R6LnkUvDIFn02IvMwOR
L/clsmAcBE+3LGflqdR3RzrDbCyoIpgpgZZs4pdUHKMNRgvvNci7ITGj0FfQla8m
nV93h5fAZ86/PDALb8gVLITqULoc50jwIGuobRvnWd9RQNsvyuItlPrEfzED+s3W
hnPp70oCu2jnKT46wKYV5WspdXcKZ/XXYkZvkB9zzZ5anwhCZWFRvbvG9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBK+Kvp7X9tVdiyZjsqlxWlyGChqMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvRXI0cS1udGYyMVYyTEptT3lxWEZhWElZS0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YlSMA0G
CSqGSIb3DQEBCwUAA4IBAQB22ynfP4uG1NzRZrmvuoy25XZ6hjKrMOdsC1QgPz/t
HbQ3aB4nbzpUuS4fu+6S6B7IuwBskzrR5TVQ+rSeKnpqAMyY6QyUwpTKvjcEAiuA
p8J5RTL3S9JLGD70+OGOSqoNjBbo2DfXpa2DqogrJOQ0q8R/lMB6KWsXGh6LZhMe
Cup1jlChZhvoi6ks8k2wTz2OBY5MGpTQ6g8FQFGSR344i5ALHD5qSIGHUYkGhn0F
dlL+08+DulptVmKqTw1cj1D8js4Uwf9Rs8z4Qin/A5KXJMBSQF8jSEzogMD0q06k
lYHrVKx8dX/yYzJdTqeHMai+OevweAomqYlvlUvJNye2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:26 2025 by rpki-client