Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/R0dlQD847tZZ6Sme0uHqVL1A8SE.roa
File: R0dlQD847tZZ6Sme0uHqVL1A8SE.roa (raw, json)
Hash identifier: aqwVbQ/5C0zR8yt+iaSmmHLJT4dD7bnIMHMb82qWbS4=
Subject key identifier: 47:47:65:40:3F:38:EE:D6:59:E9:29:9E:D2:E1:EA:54:BD:40:F1:21
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01942823C81272877F52C436A05E48E85656
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/R0dlQD847tZZ6Sme0uHqVL1A8SE.roa
Signing time: Thu 02 Jan 2025 17:50:21 +0000
ROA not before: Thu 02 Jan 2025 17:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8839
IP address blocks: 213.245.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:c8:12:72:87:7f:52:c4:36:a0:5e:48:e8:56:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 17:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=474765403f38eed659e9299ed2e1ea54bd40f121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:82:14:61:66:50:2a:bc:94:4b:de:28:e0:
ff:68:eb:d0:56:c4:3e:03:4c:8d:5c:3a:63:be:2f:
5a:f6:1d:74:f3:c2:51:41:87:0c:df:01:3a:62:6d:
7e:a1:3f:4a:18:39:98:b3:f0:09:21:66:71:4c:1f:
e5:29:1b:d8:cc:bb:33:48:53:f8:b8:ba:61:40:ce:
8c:90:dc:33:f4:f5:27:d9:6d:91:7d:6e:38:3c:ba:
91:42:b5:40:08:bb:36:6a:06:4b:4b:cc:8f:86:aa:
f8:3c:9f:6b:01:f1:1b:4d:bd:8e:3a:b0:c5:21:9b:
ea:72:81:a2:80:01:5c:1e:e2:4a:af:61:3f:47:05:
29:be:68:61:c3:6f:2a:eb:28:fd:5b:49:e2:6c:34:
90:e5:19:0b:0b:fd:ad:5e:b8:3c:c8:40:e3:4a:5f:
2a:c0:e5:31:a2:d4:93:e5:ad:36:5c:e3:04:87:cd:
de:5c:6d:01:88:52:b4:3d:56:e9:05:aa:5b:96:c5:
94:5e:f8:85:82:1a:eb:82:58:b9:d5:7b:13:f7:1b:
3d:20:f2:39:6d:92:42:ff:0a:91:d1:9e:13:d2:b3:
03:06:fc:5b:25:2a:89:0b:13:5e:88:c1:eb:fd:7c:
1e:fe:a6:c2:89:99:59:d5:ad:ac:c9:c0:bd:a8:02:
04:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:47:65:40:3F:38:EE:D6:59:E9:29:9E:D2:E1:EA:54:BD:40:F1:21
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/R0dlQD847tZZ6Sme0uHqVL1A8SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.245.2.0/24
Signature Algorithm: sha256WithRSAEncryption
37:46:b1:bc:49:74:0c:0d:3a:70:37:26:45:74:0d:b6:6c:71:
f8:ed:5b:90:93:6a:7a:a1:3e:3a:80:b1:df:60:0f:d7:cd:53:
7a:89:9a:23:14:7b:67:b0:66:ef:3f:4c:7b:d4:ba:de:4b:49:
52:0d:64:44:8b:66:3c:4e:ac:b8:c1:3a:94:2d:56:e3:cd:de:
cb:36:8b:23:9e:fd:60:3f:65:14:87:7f:57:7a:0a:57:ff:e3:
cd:29:c7:b9:57:ff:46:27:7a:fc:05:67:dd:53:71:5b:8c:97:
91:06:e7:04:e8:66:90:8c:78:b1:e0:1c:fe:56:eb:29:39:92:
da:c9:89:2b:06:25:5d:d2:a9:14:57:18:ed:3e:a4:46:a1:0d:
e7:c1:2a:1d:af:4f:06:d4:ca:ab:0a:82:56:4a:79:6b:12:84:
54:07:b9:4d:06:cb:44:61:ba:ca:06:05:e1:de:4f:d3:5d:f4:
e6:78:b8:3c:07:80:2a:ad:6d:a7:ae:8b:6c:12:02:68:50:ed:
08:99:f4:6a:61:d2:55:6a:37:9c:e4:49:6c:e8:0b:0b:10:a9:
c4:d9:9a:de:10:86:1f:e1:ee:32:a2:19:cf:49:fa:44:62:86:
f5:59:03:37:a0:eb:54:f9:5a:33:e8:d2:8e:67:38:3d:e3:3c:
50:1e:3e:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI8gScod/UsQ2oF5I6FZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMTAyMTc1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQ3NjU0MDNmMzhlZWQ2NTllOTI5OWVkMmUxZWE1NGJkNDBmMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdKCFGFmUCq8lEveKOD/aOvQVsQ+
A0yNXDpjvi9a9h1088JRQYcM3wE6Ym1+oT9KGDmYs/AJIWZxTB/lKRvYzLszSFP4
uLphQM6MkNwz9PUn2W2RfW44PLqRQrVACLs2agZLS8yPhqr4PJ9rAfEbTb2OOrDF
IZvqcoGigAFcHuJKr2E/RwUpvmhhw28q6yj9W0nibDSQ5RkLC/2tXrg8yEDjSl8q
wOUxotST5a02XOMEh83eXG0BiFK0PVbpBapblsWUXviFghrrgli51XsT9xs9IPI5
bZJC/wqR0Z4T0rMDBvxbJSqJCxNeiMHr/Xwe/qbCiZlZ1a2sycC9qAIEGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdHZUA/OO7WWekpntLh6lS9QPEhMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvUjBkbFFEODQ3dFpaNlNtZTB1SHFWTDFBOFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1fUCMA0G
CSqGSIb3DQEBCwUAA4IBAQA3RrG8SXQMDTpwNyZFdA22bHH47VuQk2p6oT46gLHf
YA/XzVN6iZojFHtnsGbvP0x71LreS0lSDWREi2Y8Tqy4wTqULVbjzd7LNosjnv1g
P2UUh39XegpX/+PNKce5V/9GJ3r8BWfdU3FbjJeRBucE6GaQjHix4Bz+VuspOZLa
yYkrBiVd0qkUVxjtPqRGoQ3nwSodr08G1MqrCoJWSnlrEoRUB7lNBstEYbrKBgXh
3k/TXfTmeLg8B4AqrW2nrotsEgJoUO0ImfRqYdJVajec5Els6AsLEKnE2ZreEIYf
4e4yohnPSfpEYob1WQM3oOtU+Voz6NKOZzg94zxQHj7h
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:11:52 2025 by rpki-client