Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/ezMLdhISIqr2PAqGoulAf-qQ6FY.roa
File: ezMLdhISIqr2PAqGoulAf-qQ6FY.roa (raw, json)
Hash identifier: MoVmtNQ9G0A/NJidABkGuBmF42AfIIukbBtAhp8lY68=
Subject key identifier: 7B:33:0B:76:12:12:22:AA:F6:3C:0A:86:A2:E9:40:7F:EA:90:E8:56
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0194221FDEBC2C542A9AB26ABFD5DC63A370
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/ezMLdhISIqr2PAqGoulAf-qQ6FY.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 213.137.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:de:bc:2c:54:2a:9a:b2:6a:bf:d5:dc:63:a3:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b330b76121222aaf63c0a86a2e9407fea90e856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c8:1f:22:be:ba:97:fd:c2:85:3f:02:20:4d:
16:c4:f7:94:c7:38:59:7b:1a:79:a3:b0:23:ea:0f:
9d:ac:df:a6:58:ed:3f:c7:eb:c3:21:5f:8d:89:8f:
0a:2c:39:34:fb:d4:06:f6:f4:06:09:87:de:a3:10:
eb:92:10:1c:d8:d4:e0:60:1a:0a:82:46:53:94:70:
6b:cf:33:11:1f:f7:e6:e6:ae:d9:be:cc:06:b7:1a:
1c:66:86:50:78:61:9e:dc:39:d8:be:f0:f3:9d:34:
9a:3e:6a:3b:d6:fd:8f:e0:ad:08:c3:7b:36:38:88:
d7:cf:36:ae:7c:b6:b4:56:02:a3:4a:28:3a:1f:f9:
a9:e4:76:03:d1:9a:79:04:2e:04:22:89:83:51:21:
2c:ba:60:a4:ac:5f:ed:dd:ee:34:c7:e7:98:e0:69:
46:98:0b:de:ac:92:20:c8:d4:88:52:8f:5c:9b:c9:
15:09:6f:8e:92:d9:5a:1c:8e:ee:3a:50:b5:cc:ee:
07:16:34:08:38:ad:38:da:7c:04:0a:f4:6b:ca:1c:
ed:23:b4:c8:e5:af:ee:68:14:3d:10:47:1f:08:2e:
79:ec:d0:49:73:7e:83:b1:2b:24:bc:eb:34:1c:82:
33:20:ad:9c:24:ca:19:2d:1b:b3:ba:3c:e7:32:1e:
10:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:33:0B:76:12:12:22:AA:F6:3C:0A:86:A2:E9:40:7F:EA:90:E8:56
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/ezMLdhISIqr2PAqGoulAf-qQ6FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.137.90.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:8e:47:e8:a3:cc:71:23:7c:5d:1c:f3:f0:66:6f:58:93:59:
59:5c:82:2f:7b:e8:e5:2b:59:9b:7a:42:94:97:42:99:96:4b:
39:50:8f:9a:23:64:30:ca:6c:22:55:83:84:e0:e0:4b:bc:88:
22:b0:5a:2f:75:e7:7b:f0:7d:e3:ee:bb:77:6d:ad:bd:20:02:
ac:3f:f1:15:2a:e3:bd:96:01:46:27:6d:39:02:fc:3b:ca:ec:
87:89:2a:6c:51:aa:6a:a1:1a:c5:1e:dc:4e:a8:84:d6:08:0e:
e3:78:4b:02:63:8e:e9:74:eb:88:4a:72:6a:7b:c0:5c:13:23:
d9:86:8a:57:d2:d5:e3:2f:18:af:ee:fb:4d:05:3a:af:75:a2:
b3:eb:b7:77:94:75:78:2a:24:d9:da:5a:9e:23:cd:c4:9e:38:
3c:a7:1e:1d:a1:5c:b3:b1:2d:10:91:c2:c3:97:56:24:94:cc:
15:1d:cb:d1:fd:15:93:ca:18:02:ad:c7:a3:ac:c6:1b:21:11:
4f:03:57:64:4d:62:29:ab:37:28:4f:4b:20:36:7c:16:f2:f8:
19:e3:ec:7f:07:ad:e6:99:bd:ce:75:1a:d6:b4:6a:fc:5e:66:
05:80:ae:4b:ca:05:86:55:7f:03:a7:fe:7e:f7:f2:c6:2a:4f:
1f:d9:84:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH968LFQqmrJqv9XcY6NwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjMzMGI3NjEyMTIyMmFhZjYzYzBhODZhMmU5NDA3ZmVhOTBlODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsgfIr66l/3ChT8CIE0WxPeUxzhZ
exp5o7Aj6g+drN+mWO0/x+vDIV+NiY8KLDk0+9QG9vQGCYfeoxDrkhAc2NTgYBoK
gkZTlHBrzzMRH/fm5q7ZvswGtxocZoZQeGGe3DnYvvDznTSaPmo71v2P4K0Iw3s2
OIjXzzaufLa0VgKjSig6H/mp5HYD0Zp5BC4EIomDUSEsumCkrF/t3e40x+eY4GlG
mAverJIgyNSIUo9cm8kVCW+OktlaHI7uOlC1zO4HFjQIOK042nwECvRryhztI7TI
5a/uaBQ9EEcfCC557NBJc36DsSskvOs0HIIzIK2cJMoZLRuzujznMh4Q4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHszC3YSEiKq9jwKhqLpQH/qkOhWMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvZXpNTGRoSVNJcXIyUEFxR291bEFmLXFRNkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YlaMA0G
CSqGSIb3DQEBCwUAA4IBAQC4jkfoo8xxI3xdHPPwZm9Yk1lZXIIve+jlK1mbekKU
l0KZlks5UI+aI2QwymwiVYOE4OBLvIgisFovded78H3j7rt3ba29IAKsP/EVKuO9
lgFGJ205Avw7yuyHiSpsUapqoRrFHtxOqITWCA7jeEsCY47pdOuISnJqe8BcEyPZ
hopX0tXjLxiv7vtNBTqvdaKz67d3lHV4KiTZ2lqeI83Enjg8px4doVyzsS0QkcLD
l1YklMwVHcvR/RWTyhgCrcejrMYbIRFPA1dkTWIpqzcoT0sgNnwW8vgZ4+x/B63m
mb3OdRrWtGr8XmYFgK5LygWGVX8Dp/5+9/LGKk8f2YSR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:58 2025 by rpki-client