Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/I7dpcVjAHE5hGJn0EYmp-wUevik.roa
File: I7dpcVjAHE5hGJn0EYmp-wUevik.roa (raw, json)
Hash identifier: eOwI5yLF5oxr8SKT6hK3RCMgVUO2F6SCJ9PKWEwThMs=
Subject key identifier: 23:B7:69:71:58:C0:1C:4E:61:18:99:F4:11:89:A9:FB:05:1E:BE:29
Certificate issuer: /CN=3bad9cd5034f81558f83d238eca406332bd7ba85
Certificate serial: 019426D97B2AD168E6141CBD738D9BFF50C4
Authority key identifier: 3B:AD:9C:D5:03:4F:81:55:8F:83:D2:38:EC:A4:06:33:2B:D7:BA:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O62c1QNPgVWPg9I47KQGMyvXuoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/I7dpcVjAHE5hGJn0EYmp-wUevik.roa
Signing time: Thu 02 Jan 2025 11:49:34 +0000
ROA not before: Thu 02 Jan 2025 11:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13054
IP address blocks: 185.253.12.0/22 maxlen: 22
213.164.64.0/19 maxlen: 24
2a03:3500::/32 maxlen: 32
2a0c:3040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7b:2a:d1:68:e6:14:1c:bd:73:8d:9b:ff:50:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bad9cd5034f81558f83d238eca406332bd7ba85
Validity
Not Before: Jan 2 11:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23b7697158c01c4e611899f41189a9fb051ebe29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f0:d1:d6:23:c2:d7:41:d5:32:02:6a:d3:3b:
45:03:90:3c:8b:2a:3d:43:0f:f7:5b:d7:3c:cb:1b:
a8:b6:ab:63:55:02:e8:40:d4:7d:d9:75:3f:81:ee:
4c:7e:16:0a:36:33:af:9e:1a:ee:3c:92:13:6c:44:
d2:3e:9c:3e:83:bb:27:13:9d:2d:e8:b5:dc:70:f5:
41:51:25:3d:f0:97:c5:b1:1e:66:58:71:71:e1:44:
38:76:c5:fc:bd:4c:7c:18:b2:2e:9c:b1:63:1a:86:
c9:57:8e:78:74:1a:5b:6e:b3:52:9b:61:85:cc:c3:
8b:35:d0:f4:cc:0e:c0:13:f2:0d:0a:90:1c:4d:41:
cc:df:73:89:2e:6b:09:1b:3a:46:35:fa:60:1c:37:
2b:e3:7f:19:a2:52:0f:f0:b2:e9:9e:44:39:1e:dd:
d0:01:21:32:89:67:2b:77:97:b3:d0:21:64:09:c2:
05:e8:ec:89:e3:49:0e:f4:e4:ad:5a:6f:88:37:14:
45:96:1b:01:5a:7e:43:f1:5a:0f:d3:5c:53:1c:a6:
0b:fc:df:9b:71:5d:f3:44:50:9c:ca:0e:1d:f5:52:
0c:d6:38:66:f2:84:5e:72:71:d8:ee:ef:64:74:3b:
20:68:f9:6f:d8:79:1b:9b:18:76:1b:a5:92:18:a7:
56:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B7:69:71:58:C0:1C:4E:61:18:99:F4:11:89:A9:FB:05:1E:BE:29
X509v3 Authority Key Identifier:
keyid:3B:AD:9C:D5:03:4F:81:55:8F:83:D2:38:EC:A4:06:33:2B:D7:BA:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O62c1QNPgVWPg9I47KQGMyvXuoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/I7dpcVjAHE5hGJn0EYmp-wUevik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/O62c1QNPgVWPg9I47KQGMyvXuoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.12.0/22
213.164.64.0/19
IPv6:
2a03:3500::/32
2a0c:3040::/29
Signature Algorithm: sha256WithRSAEncryption
64:4d:ea:9f:75:be:2d:2e:f9:cd:17:0d:48:e6:de:44:f8:44:
7d:33:6d:44:f2:ec:03:f6:4b:66:15:5b:6d:42:48:ef:36:5e:
92:07:7d:cc:7b:69:25:a5:05:77:19:6e:16:71:f3:6c:69:20:
cf:14:72:02:a3:88:03:6d:6f:4b:41:25:ba:3f:c1:da:ec:7f:
49:a6:56:25:1a:65:1c:8e:8b:65:17:d4:53:b8:fe:a6:8f:1c:
93:25:92:5f:f3:4d:53:90:59:ec:7b:ea:e5:ee:da:7d:ab:4b:
33:9d:e4:9a:ad:40:4e:04:85:0e:fd:88:a3:24:fd:41:09:68:
35:6d:ea:c4:e1:8d:e4:05:90:47:71:3d:af:b0:1d:bb:56:7e:
fd:a6:21:d3:1d:2f:c9:d2:1b:18:c7:a7:a2:3f:7f:f4:d1:06:
84:7e:20:de:a6:c2:6c:f9:f5:10:67:af:a0:eb:a7:c9:84:78:
cc:88:f2:2c:f1:4e:d5:cd:74:bc:38:18:16:cb:6f:cd:3d:b6:
de:12:3e:4d:0e:fa:55:62:f7:04:32:5a:4e:08:59:39:dd:3a:
fd:e2:89:b0:18:90:e4:c9:99:48:fe:33:93:b2:c5:53:66:9c:
43:b8:5d:b3:b3:9f:31:76:b8:cd:e8:6e:a1:4b:4d:59:4c:f7:
25:82:76:c0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQm2Xsq0WjmFBy9c42b/1DEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYWQ5Y2Q1MDM0ZjgxNTU4ZjgzZDIzOGVjYTQwNjMzMmJk
N2JhODUwHhcNMjUwMTAyMTE0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I3Njk3MTU4YzAxYzRlNjExODk5ZjQxMTg5YTlmYjA1MWViZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPDR1iPC10HVMgJq0ztFA5A8iyo9
Qw/3W9c8yxuotqtjVQLoQNR92XU/ge5MfhYKNjOvnhruPJITbETSPpw+g7snE50t
6LXccPVBUSU98JfFsR5mWHFx4UQ4dsX8vUx8GLIunLFjGobJV454dBpbbrNSm2GF
zMOLNdD0zA7AE/INCpAcTUHM33OJLmsJGzpGNfpgHDcr438ZolIP8LLpnkQ5Ht3Q
ASEyiWcrd5ez0CFkCcIF6OyJ40kO9OStWm+INxRFlhsBWn5D8VoP01xTHKYL/N+b
cV3zRFCcyg4d9VIM1jhm8oRecnHY7u9kdDsgaPlv2Hkbmxh2G6WSGKdWiwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCO3aXFYwBxOYRiZ9BGJqfsFHr4pMB8GA1UdIwQY
MBaAFDutnNUDT4FVj4PSOOykBjMr17qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzYyYzFRTlBnVldQZzlJNDdLUUdNeXZYdW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80MTZiYzctY2U4Ny00MmI2LThjNjgt
NGJhNWYyMDZmNjVhLzEvSTdkcGNWakFIRTVoR0puMEVZbXAtd1VldmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80MTZiYzctY2U4Ny00MmI2LThjNjgtNGJhNWYyMDZmNjVh
LzEvTzYyYzFRTlBnVldQZzlJNDdLUUdNeXZYdW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuf0MAwQF
1aRAMBQEAgACMA4DBQAqAzUAAwUDKgwwQDANBgkqhkiG9w0BAQsFAAOCAQEAZE3q
n3W+LS75zRcNSObeRPhEfTNtRPLsA/ZLZhVbbUJI7zZekgd9zHtpJaUFdxluFnHz
bGkgzxRyAqOIA21vS0Eluj/B2ux/SaZWJRplHI6LZRfUU7j+po8ckyWSX/NNU5BZ
7Hvq5e7afatLM53kmq1ATgSFDv2IoyT9QQloNW3qxOGN5AWQR3E9r7Adu1Z+/aYh
0x0vydIbGMenoj9/9NEGhH4g3qbCbPn1EGevoOunyYR4zIjyLPFO1c10vDgYFstv
zT223hI+TQ76VWL3BDJaTghZOd06/eKJsBiQ5MmZSP4zk7LFU2acQ7hds7OfMXa4
zehuoUtNWUz3JYJ2wA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:52 2025 by rpki-client