Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/_0nt3lr3_kKXDFb2QdlruJJiTpw.roa
File: _0nt3lr3_kKXDFb2QdlruJJiTpw.roa (raw, json)
Hash identifier: fDzyXmX4R4re/mBPEEi78m7z8nswvGcrgLOZa1uhGgk=
Subject key identifier: FF:49:ED:DE:5A:F7:FE:42:97:0C:56:F6:41:D9:6B:B8:92:62:4E:9C
Certificate issuer: /CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Certificate serial: 019423690403B021BC35F5D59627D461F2A5
Authority key identifier: 13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/_0nt3lr3_kKXDFb2QdlruJJiTpw.roa
Signing time: Wed 01 Jan 2025 19:47:52 +0000
ROA not before: Wed 01 Jan 2025 19:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43858
IP address blocks: 91.198.199.0/24 maxlen: 24
146.255.168.0/21 maxlen: 21
185.11.160.0/22 maxlen: 22
185.80.176.0/22 maxlen: 22
2a03:39c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:04:03:b0:21:bc:35:f5:d5:96:27:d4:61:f2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d83b225dd33860c51dc44aa88db5f03dc15a74
Validity
Not Before: Jan 1 19:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff49edde5af7fe42970c56f641d96bb892624e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ec:4d:f8:55:92:dc:3f:8e:dd:c9:06:15:ca:
24:6b:e0:fb:3c:f5:32:6c:c1:20:ca:d4:68:5e:31:
38:31:34:c9:d8:ad:47:9e:d5:90:f6:d8:6d:22:f8:
7a:03:01:02:00:d8:74:ea:93:31:fd:97:a8:19:b1:
d2:f1:43:bd:3d:bf:4f:39:68:d6:d1:32:55:a4:f8:
ab:e1:48:c2:c4:22:59:23:83:21:95:88:3f:5f:60:
2a:bf:7d:05:5c:48:b7:33:c6:1e:51:27:38:0a:5e:
64:65:50:d8:48:22:b1:b0:7b:d1:52:41:7b:cd:fb:
c2:a3:3a:07:29:3a:95:75:6c:36:38:c4:33:f2:e1:
04:21:cd:10:69:71:ea:b7:14:8b:54:ba:85:aa:4b:
68:b2:a1:29:0e:dd:15:8f:b9:f2:58:9a:45:a9:e0:
10:38:f2:1d:3b:19:09:35:ad:e7:52:6c:76:bd:43:
bb:96:ef:58:80:e2:0a:04:21:d0:1b:cd:fa:09:52:
b3:b0:1a:e5:35:d5:8d:ed:f5:60:06:e5:9b:49:c0:
86:cb:7d:6e:1e:e5:b8:f5:20:dd:fc:5b:7b:72:e5:
ba:3a:41:da:fa:f8:2b:ca:36:e2:40:bb:85:c3:37:
ec:3f:9b:40:ed:20:79:61:9e:00:2c:8e:68:67:d3:
d1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:49:ED:DE:5A:F7:FE:42:97:0C:56:F6:41:D9:6B:B8:92:62:4E:9C
X509v3 Authority Key Identifier:
keyid:13:D8:3B:22:5D:D3:38:60:C5:1D:C4:4A:A8:8D:B5:F0:3D:C1:5A:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9g7Il3TOGDFHcRKqI218D3BWnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/_0nt3lr3_kKXDFb2QdlruJJiTpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/f2111a-3f47-4ff0-a51d-b251377add86/1/E9g7Il3TOGDFHcRKqI218D3BWnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.199.0/24
146.255.168.0/21
185.11.160.0/22
185.80.176.0/22
IPv6:
2a03:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
57:75:1c:c0:1b:4b:cb:92:12:49:14:a8:66:25:37:4b:73:ea:
65:51:3e:7c:be:e9:8b:d2:2c:69:6c:dd:fc:e4:d4:34:b4:ce:
ca:2f:9d:27:82:7f:05:58:91:d5:3a:41:d5:c8:61:82:12:42:
1e:26:b9:0c:c6:ba:c6:a2:fc:b1:d4:a9:5e:6f:48:e9:4f:b0:
27:91:b0:6a:22:74:3e:ab:b5:69:d4:69:c8:ec:37:da:f6:59:
e8:a2:e9:aa:f2:39:52:3b:7c:f8:c7:35:1f:af:db:8a:9a:47:
be:e0:46:92:bd:49:5d:f8:47:ce:45:af:e9:be:76:90:3a:c8:
52:99:f2:c6:00:32:9e:cc:6f:17:f7:ad:dc:43:49:73:c2:4a:
e0:d8:b3:ff:66:b9:d5:27:9c:8c:7d:5c:0b:e3:8c:52:8d:a7:
35:a5:45:3f:8a:60:18:aa:0b:c8:c3:16:9f:9c:2a:18:0e:cc:
46:6a:29:24:2d:c2:d9:64:83:56:ea:cb:18:41:5b:04:70:c6:
04:81:bf:65:78:16:7b:2c:f5:f6:0d:e9:42:18:20:ba:80:e2:
9c:e4:2a:28:a6:2a:8b:f0:b7:48:75:be:dd:25:4d:57:4c:2a:
b5:ae:91:44:35:38:d4:de:b6:14:87:d3:98:09:8d:3b:f8:e3:
1e:dc:44:b6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQjaQQDsCG8NfXVlifUYfKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDgzYjIyNWRkMzM4NjBjNTFkYzQ0YWE4OGRiNWYwM2Rj
MTVhNzQwHhcNMjUwMTAxMTk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQ5ZWRkZTVhZjdmZTQyOTcwYzU2ZjY0MWQ5NmJiODkyNjI0ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArexN+FWS3D+O3ckGFcoka+D7PPUy
bMEgytRoXjE4MTTJ2K1HntWQ9thtIvh6AwECANh06pMx/ZeoGbHS8UO9Pb9POWjW
0TJVpPir4UjCxCJZI4MhlYg/X2Aqv30FXEi3M8YeUSc4Cl5kZVDYSCKxsHvRUkF7
zfvCozoHKTqVdWw2OMQz8uEEIc0QaXHqtxSLVLqFqktosqEpDt0Vj7nyWJpFqeAQ
OPIdOxkJNa3nUmx2vUO7lu9YgOIKBCHQG836CVKzsBrlNdWN7fVgBuWbScCGy31u
HuW49SDd/Ft7cuW6OkHa+vgryjbiQLuFwzfsP5tA7SB5YZ4ALI5oZ9PRnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFP9J7d5a9/5ClwxW9kHZa7iSYk6cMB8GA1UdIwQY
MBaAFBPYOyJd0zhgxR3ESqiNtfA9wVp0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9mMjExMWEtM2Y0Ny00ZmYwLWE1MWQt
YjI1MTM3N2FkZDg2LzEvXzBudDNscjNfa0tYREZiMlFkbHJ1SkppVHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9mMjExMWEtM2Y0Ny00ZmYwLWE1MWQtYjI1MTM3N2FkZDg2
LzEvRTlnN0lsM1RPR0RGSGNSS3FJMjE4RDNCV25RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW8bHAwQD
kv+oAwQCuQugAwQCuVCwMA0EAgACMAcDBQMqAznAMA0GCSqGSIb3DQEBCwUAA4IB
AQBXdRzAG0vLkhJJFKhmJTdLc+plUT58vumL0ixpbN385NQ0tM7KL50ngn8FWJHV
OkHVyGGCEkIeJrkMxrrGovyx1Kleb0jpT7AnkbBqInQ+q7Vp1GnI7Dfa9lnooumq
8jlSO3z4xzUfr9uKmke+4EaSvUld+EfORa/pvnaQOshSmfLGADKezG8X963cQ0lz
wkrg2LP/ZrnVJ5yMfVwL44xSjac1pUU/imAYqgvIwxafnCoYDsxGaikkLcLZZINW
6ssYQVsEcMYEgb9leBZ7LPX2DelCGCC6gOKc5CoopiqL8LdIdb7dJU1XTCq1rpFE
NTjU3rYUh9OYCY07+OMe3ES2
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:15 2025 by rpki-client