Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ezrVSQ0ubysLZBIp0U1n5_nLB9g.roa
File: ezrVSQ0ubysLZBIp0U1n5_nLB9g.roa (raw, json)
Hash identifier: UUGsREmH4B6bDZIO+6B/C16eYMW9FgFYSsuf8rM6E4M=
Subject key identifier: 7B:3A:D5:49:0D:2E:6F:2B:0B:64:12:29:D1:4D:67:E7:F9:CB:07:D8
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228D9FB47BB068623A6241FAD9D214BB
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ezrVSQ0ubysLZBIp0U1n5_nLB9g.roa
Signing time: Wed 01 Jan 2025 15:48:14 +0000
ROA not before: Wed 01 Jan 2025 15:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48313
IP address blocks: 213.14.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9f:b4:7b:b0:68:62:3a:62:41:fa:d9:d2:14:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b3ad5490d2e6f2b0b641229d14d67e7f9cb07d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:62:95:fd:0e:6e:d9:0f:1a:c9:b7:29:92:4e:
8d:68:3c:44:59:37:85:08:6d:64:47:80:ac:ab:ff:
8a:8d:10:c7:7e:14:46:fa:7d:4e:0a:79:2f:bc:90:
f9:a8:a5:e2:36:35:4b:69:0a:e6:78:75:7b:c5:97:
df:95:58:a4:fc:7f:6c:56:f1:60:5f:df:ef:20:6f:
20:67:32:27:54:4d:32:7b:23:91:39:20:87:29:6c:
20:8e:34:ba:e9:53:fe:a7:44:ae:34:2a:1b:06:b9:
90:da:60:ed:43:d3:4f:50:b9:c6:0b:33:96:3d:34:
7d:d1:e8:46:38:a7:ae:27:ad:d8:3e:3a:19:ef:30:
9d:3e:91:b0:4c:b3:4e:ac:51:98:f2:bc:74:1f:e9:
4f:d1:c7:c4:70:f3:84:e4:79:f8:b5:12:56:6f:ff:
45:7c:9b:13:58:67:4b:48:09:ad:89:c2:24:db:63:
d9:d2:b3:a8:8c:a7:0d:c8:a1:fd:9b:6c:54:84:0e:
58:87:20:ee:bf:f5:dc:a6:e5:c3:10:75:a7:27:c7:
f8:38:1d:6c:6a:73:75:8b:5b:52:71:35:26:c8:75:
e8:2a:c2:3a:73:40:e4:8b:db:d8:69:56:f1:0f:5d:
da:d6:0c:09:c8:fe:ed:ca:1b:26:1c:13:de:1d:bd:
a7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:3A:D5:49:0D:2E:6F:2B:0B:64:12:29:D1:4D:67:E7:F9:CB:07:D8
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/ezrVSQ0ubysLZBIp0U1n5_nLB9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.14.254.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:f7:5b:f0:f2:eb:65:c8:1e:26:ee:b7:88:bb:4f:74:10:06:
d8:57:b0:c4:3a:e6:73:ae:34:ae:1b:46:f7:27:c9:56:9f:3c:
42:b5:0c:db:44:c4:6c:2a:7c:83:ff:b2:41:80:5d:e6:6b:67:
47:bb:bd:45:7c:31:1f:c4:86:64:08:34:68:44:a5:98:43:22:
97:2e:de:dd:c7:35:d6:97:b4:9f:73:7a:8a:7a:fa:e7:d9:2a:
cb:d7:9a:b1:98:6a:a7:1a:ff:5f:51:c3:b1:35:9b:1e:a9:03:
2e:0f:0c:8e:3c:07:c8:82:e2:97:4a:c8:41:d7:cb:3a:bc:45:
a0:7d:53:10:ad:95:e9:58:db:cf:1a:a0:41:b2:ee:a0:60:aa:
86:9b:5e:95:1e:ea:e1:e5:2f:ea:53:17:08:2f:e4:6b:b7:03:
29:49:ae:67:f9:3b:82:b8:4b:56:bf:33:1e:a8:d6:8e:05:97:
ec:b7:f1:09:12:2a:17:2a:c2:83:73:99:37:49:84:68:8f:58:
97:fb:60:33:e5:c7:65:b3:b8:da:1b:23:6d:43:d3:ea:a0:5d:
3c:04:d5:c7:85:fc:14:1e:21:d7:41:48:06:df:6d:d1:5e:70:
31:3f:35:87:d6:69:fc:65:50:a3:49:ea:2d:e2:57:e6:74:cb:
88:88:98:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijZ+0e7BoYjpiQfrZ0hS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjNhZDU0OTBkMmU2ZjJiMGI2NDEyMjlkMTRkNjdlN2Y5Y2IwN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumKV/Q5u2Q8aybcpkk6NaDxEWTeF
CG1kR4Csq/+KjRDHfhRG+n1OCnkvvJD5qKXiNjVLaQrmeHV7xZfflVik/H9sVvFg
X9/vIG8gZzInVE0yeyOROSCHKWwgjjS66VP+p0SuNCobBrmQ2mDtQ9NPULnGCzOW
PTR90ehGOKeuJ63YPjoZ7zCdPpGwTLNOrFGY8rx0H+lP0cfEcPOE5Hn4tRJWb/9F
fJsTWGdLSAmticIk22PZ0rOojKcNyKH9m2xUhA5YhyDuv/XcpuXDEHWnJ8f4OB1s
anN1i1tScTUmyHXoKsI6c0Dki9vYaVbxD13a1gwJyP7tyhsmHBPeHb2nhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHs61UkNLm8rC2QSKdFNZ+f5ywfYMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvZXpyVlNRMHVieXNMWkJJcDBVMW41X25MQjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Q7+MA0G
CSqGSIb3DQEBCwUAA4IBAQA991vw8utlyB4m7reIu090EAbYV7DEOuZzrjSuG0b3
J8lWnzxCtQzbRMRsKnyD/7JBgF3ma2dHu71FfDEfxIZkCDRoRKWYQyKXLt7dxzXW
l7Sfc3qKevrn2SrL15qxmGqnGv9fUcOxNZseqQMuDwyOPAfIguKXSshB18s6vEWg
fVMQrZXpWNvPGqBBsu6gYKqGm16VHurh5S/qUxcIL+RrtwMpSa5n+TuCuEtWvzMe
qNaOBZfst/EJEioXKsKDc5k3SYRoj1iX+2Az5cdls7jaGyNtQ9PqoF08BNXHhfwU
HiHXQUgG323RXnAxPzWH1mn8ZVCjSeot4lfmdMuIiJhO
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:46:59 2025 by rpki-client