Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CL21bkaZtCWNnhL-ix59CR8UBfY.roa
File: CL21bkaZtCWNnhL-ix59CR8UBfY.roa (raw, json)
Hash identifier: LRqooD6N4j3ZqGRaQ2aAxylB6oUUHvUm4mU4vxvb7sI=
Subject key identifier: 08:BD:B5:6E:46:99:B4:25:8D:9E:12:FE:8B:1E:7D:09:1F:14:05:F6
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC837AFEFE28E2C16A24BD7DCC04E7
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CL21bkaZtCWNnhL-ix59CR8UBfY.roa
Signing time: Thu 02 Jan 2025 07:48:13 +0000
ROA not before: Thu 02 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211686
IP address blocks: 37.123.192.0/23 maxlen: 24
185.148.12.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:83:7a:fe:fe:28:e2:c1:6a:24:bd:7d:cc:04:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08bdb56e4699b4258d9e12fe8b1e7d091f1405f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7d:48:f3:b8:47:87:ee:b8:6d:a4:1d:a0:92:
84:51:eb:ab:60:84:8c:36:e4:b4:54:5b:6c:ff:e3:
ee:21:da:7e:7a:2d:33:59:22:ed:d9:a8:4f:e9:cd:
a1:b9:1b:93:d7:52:8e:09:5c:b4:9b:d0:63:4b:ca:
65:d8:4a:4f:26:8c:b6:0e:8f:a2:30:e1:44:5f:15:
0c:e3:bd:0a:7c:be:cc:7a:dd:d1:6b:3c:4f:4c:22:
b9:d2:df:23:29:c0:4b:41:b3:6c:59:80:ec:0b:21:
66:2c:60:35:6a:cc:6b:2c:73:1e:f3:a6:11:56:9e:
41:77:0a:bc:50:22:78:dc:6e:46:09:b1:6f:cd:f7:
f6:71:8e:5d:33:28:69:30:61:b2:dd:48:34:fe:b1:
27:fd:f0:4f:1c:cf:b6:72:79:7f:08:41:af:19:8b:
90:3f:2a:ed:62:fe:93:6e:10:66:d6:9f:d2:9e:39:
f5:72:15:c3:29:38:71:8a:cd:ae:e1:ce:f5:1c:d6:
49:f4:4e:81:a5:3e:50:b2:50:20:89:48:0d:5c:2c:
13:72:fc:2d:30:3e:ac:79:00:c0:8d:93:9b:b9:22:
4e:42:3b:9d:02:c0:84:a9:18:d1:4a:2c:8c:74:05:
3b:89:a1:29:10:be:63:00:82:d2:08:57:eb:14:ce:
38:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BD:B5:6E:46:99:B4:25:8D:9E:12:FE:8B:1E:7D:09:1F:14:05:F6
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/CL21bkaZtCWNnhL-ix59CR8UBfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.192.0/23
185.148.12.0/23
Signature Algorithm: sha256WithRSAEncryption
d9:47:1e:9e:28:38:f4:23:1a:35:1c:4c:da:b6:51:2f:76:e1:
88:86:bd:77:58:03:f5:f1:88:bd:3f:22:42:6b:75:a2:e9:f3:
21:f3:53:32:e1:55:e6:21:33:65:7a:a5:3d:4c:b4:03:0e:b1:
dc:0f:c0:74:ad:2e:ac:13:2d:85:5c:d6:31:5a:36:10:c9:18:
ee:31:59:94:d1:64:6d:a8:52:50:05:b8:43:d1:f7:ca:9e:5c:
c5:2a:71:a5:84:c4:3a:81:6a:1a:6e:f1:e7:61:f9:df:35:78:
f3:df:4a:e5:8c:b9:02:6b:44:59:a5:67:c8:f3:e8:25:99:67:
f1:40:0d:78:c1:b5:56:f0:92:50:76:09:b4:cf:70:75:6a:06:
d5:bf:dd:cc:be:a3:36:c1:f9:b5:27:8e:87:7c:31:05:30:d2:
d7:4d:a4:f6:ca:8b:ae:65:fc:5d:ce:c9:61:04:86:9e:10:41:
b3:3e:fe:4d:80:ed:f8:b5:78:f3:2f:ee:dd:f5:ab:4f:22:4c:
09:76:79:07:90:68:3d:1e:65:89:43:9e:5c:97:a7:cc:f1:b5:
83:7a:da:da:9f:7b:cc:bd:49:0e:cb:e2:e9:02:39:c3:9f:70:
4b:46:3a:21:13:16:a7:16:52:d7:95:ad:38:88:34:8a:cd:9b:
a2:93:14:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/IN6/v4o4sFqJL19zATnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJkYjU2ZTQ2OTliNDI1OGQ5ZTEyZmU4YjFlN2QwOTFmMTQwNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX1I87hHh+64baQdoJKEUeurYISM
NuS0VFts/+PuIdp+ei0zWSLt2ahP6c2huRuT11KOCVy0m9BjS8pl2EpPJoy2Do+i
MOFEXxUM470KfL7Met3RazxPTCK50t8jKcBLQbNsWYDsCyFmLGA1asxrLHMe86YR
Vp5Bdwq8UCJ43G5GCbFvzff2cY5dMyhpMGGy3Ug0/rEn/fBPHM+2cnl/CEGvGYuQ
PyrtYv6TbhBm1p/Snjn1chXDKThxis2u4c71HNZJ9E6BpT5QslAgiUgNXCwTcvwt
MD6seQDAjZObuSJOQjudAsCEqRjRSiyMdAU7iaEpEL5jAILSCFfrFM44pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAi9tW5GmbQljZ4S/osefQkfFAX2MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQ0wyMWJrYVp0Q1dObmhMLWl4NTlDUjhVQmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJXvAAwQB
uZQMMA0GCSqGSIb3DQEBCwUAA4IBAQDZRx6eKDj0Ixo1HEzatlEvduGIhr13WAP1
8Yi9PyJCa3Wi6fMh81My4VXmITNleqU9TLQDDrHcD8B0rS6sEy2FXNYxWjYQyRju
MVmU0WRtqFJQBbhD0ffKnlzFKnGlhMQ6gWoabvHnYfnfNXjz30rljLkCa0RZpWfI
8+glmWfxQA14wbVW8JJQdgm0z3B1agbVv93MvqM2wfm1J46HfDEFMNLXTaT2youu
ZfxdzslhBIaeEEGzPv5NgO34tXjzL+7d9atPIkwJdnkHkGg9HmWJQ55cl6fM8bWD
etran3vMvUkOy+LpAjnDn3BLRjohExanFlLXla04iDSKzZuikxSX
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:20:52 2025 by rpki-client