Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/RkzS3eelIoEino_HMYlJP9UsbnM.roa
File: RkzS3eelIoEino_HMYlJP9UsbnM.roa (raw, json)
Hash identifier: E7SZ2+9eKqAQMF/CU+Ef1h7UwfgoQLMTkwa95LVRAK0=
Subject key identifier: 46:4C:D2:DD:E7:A5:22:81:22:9E:8F:C7:31:89:49:3F:D5:2C:6E:73
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018600650ECF567660AB2E6DE7D0EB7759D4
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/RkzS3eelIoEino_HMYlJP9UsbnM.roa
Signing time: Mon 30 Jan 2023 01:57:48 +0000
ROA not before: Mon 30 Jan 2023 01:57:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 84.247.4.0/22 maxlen: 24
84.247.40.0/22 maxlen: 24
86.104.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:00:65:0e:cf:56:76:60:ab:2e:6d:e7:d0:eb:77:59:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 30 01:57:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=464cd2dde7a52281229e8fc73189493fd52c6e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:76:e2:ca:1f:26:d9:5c:38:5f:d6:42:0d:eb:
14:af:18:62:23:fd:3d:cd:93:0c:7b:54:c5:be:0c:
28:5f:bb:97:5b:a0:c8:0c:e2:ca:03:19:64:13:81:
3f:c2:5c:73:cf:74:57:7a:75:b3:39:e0:eb:b5:b1:
c9:0b:f5:1c:ae:20:98:63:b8:91:91:18:75:8e:db:
ea:41:a2:4a:fa:4d:45:5b:8b:d3:88:32:b0:fc:e7:
de:e3:6e:85:87:4c:ef:06:3c:db:00:bd:63:e5:0a:
94:89:9c:4f:22:67:69:0b:f2:0d:50:ed:4e:e1:26:
e2:7d:26:79:cc:2d:2e:e2:c6:cb:81:5c:8e:a9:8a:
88:f3:8c:e0:43:da:3c:2b:f9:b3:f7:e6:40:07:21:
c3:eb:82:93:df:e7:9f:b0:ee:3d:e9:46:34:de:ae:
86:f9:49:2f:0b:52:f1:1a:99:61:fd:55:3f:0e:23:
e0:71:5c:22:48:37:36:60:5f:0a:81:e1:1b:9c:53:
a2:29:1d:d2:a8:3a:dc:35:2b:3b:e9:58:1e:9e:a5:
7e:cb:bb:09:46:fb:87:8b:4e:3a:2d:f0:b8:b5:88:
5c:f2:d0:83:72:21:84:e8:a0:d8:a5:76:a9:bf:69:
a3:bb:e6:23:03:0d:1e:dd:01:8d:7b:cb:d6:f5:ee:
fb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:4C:D2:DD:E7:A5:22:81:22:9E:8F:C7:31:89:49:3F:D5:2C:6E:73
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/RkzS3eelIoEino_HMYlJP9UsbnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.4.0/22
84.247.40.0/22
86.104.20.0/22
Signature Algorithm: sha256WithRSAEncryption
27:5c:0f:a5:da:59:64:f6:5d:8e:33:26:7e:e4:e1:d9:37:7e:
8b:ee:d7:62:32:d3:e8:39:75:93:f3:c7:24:dc:81:23:5f:55:
b9:22:5c:56:28:20:ae:a0:0f:dc:62:b3:ad:ad:22:1a:2a:6b:
6e:84:c2:8a:27:9f:e9:c1:99:da:6a:f6:2f:d5:3a:c5:5f:40:
8c:a9:0b:f7:6a:b2:28:f5:45:71:8d:34:73:09:35:43:65:90:
a5:3a:18:2b:fc:88:d8:54:87:da:f6:a4:b9:dc:2b:e6:f2:06:
9a:a5:16:7e:5c:5d:0a:dd:89:3d:73:0e:8c:33:41:1f:ae:30:
78:fc:22:a9:c1:36:de:a9:cf:d0:e8:07:54:dc:bb:33:39:47:
01:f5:92:06:c0:ac:3d:64:1b:dd:d2:0c:12:18:d4:92:d0:d1:
c8:e0:43:f2:1a:0d:f4:2d:0d:e4:50:46:68:0d:03:b7:59:33:
e9:3b:f8:06:3f:cb:5b:33:96:cc:1b:14:55:0a:03:c3:e2:8c:
ee:49:db:97:8e:f6:3b:c0:08:08:50:53:50:3c:b8:21:95:ca:
4e:64:1d:22:e5:cc:78:9f:ef:06:13:90:02:10:ba:45:2a:72:
6f:a4:84:0d:15:61:4d:1d:de:87:66:48:a4:10:7f:da:aa:3e:
08:89:a8:47
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYAZQ7PVnZgqy5t59Drd1nUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwMTMwMDE1NzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjRjZDJkZGU3YTUyMjgxMjI5ZThmYzczMTg5NDkzZmQ1MmM2ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHbiyh8m2Vw4X9ZCDesUrxhiI/09
zZMMe1TFvgwoX7uXW6DIDOLKAxlkE4E/wlxzz3RXenWzOeDrtbHJC/UcriCYY7iR
kRh1jtvqQaJK+k1FW4vTiDKw/Ofe426Fh0zvBjzbAL1j5QqUiZxPImdpC/INUO1O
4SbifSZ5zC0u4sbLgVyOqYqI84zgQ9o8K/mz9+ZAByHD64KT3+efsO496UY03q6G
+UkvC1LxGplh/VU/DiPgcVwiSDc2YF8KgeEbnFOiKR3SqDrcNSs76VgenqV+y7sJ
RvuHi046LfC4tYhc8tCDciGE6KDYpXapv2mju+YjAw0e3QGNe8vW9e77LQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEZM0t3npSKBIp6PxzGJST/VLG5zMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvUmt6UzNlZWxJb0Vpbm9fSE1ZbEpQOVVzYm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVPcEAwQC
VPcoAwQCVmgUMA0GCSqGSIb3DQEBCwUAA4IBAQAnXA+l2llk9l2OMyZ+5OHZN36L
7tdiMtPoOXWT88ck3IEjX1W5IlxWKCCuoA/cYrOtrSIaKmtuhMKKJ5/pwZnaavYv
1TrFX0CMqQv3arIo9UVxjTRzCTVDZZClOhgr/IjYVIfa9qS53Cvm8gaapRZ+XF0K
3Yk9cw6MM0EfrjB4/CKpwTbeqc/Q6AdU3LszOUcB9ZIGwKw9ZBvd0gwSGNSS0NHI
4EPyGg30LQ3kUEZoDQO3WTPpO/gGP8tbM5bMGxRVCgPD4ozuSduXjvY7wAgIUFNQ
PLghlcpOZB0i5cx4n+8GE5ACELpFKnJvpIQNFWFNHd6HZkikEH/aqj4IiahH
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:01:40 2025 by rpki-client