Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/2O7sNQZ0T60zItImBbQChvCbMF0.roa
File: 2O7sNQZ0T60zItImBbQChvCbMF0.roa (raw, json)
Hash identifier: 1ArFq3bODJcZIbIg/BBDOBc3LPZ3tqG7kGuYdLzsTWY=
Subject key identifier: D8:EE:EC:35:06:74:4F:AD:33:22:D2:26:05:B4:02:86:F0:9B:30:5D
Certificate issuer: /CN=4e9381160d6594049a313a5b7bd531628d7dde1b
Certificate serial: 018C7291C9F687F28CF2FF151105D1F41D9A
Authority key identifier: 4E:93:81:16:0D:65:94:04:9A:31:3A:5B:7B:D5:31:62:8D:7D:DE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/2O7sNQZ0T60zItImBbQChvCbMF0.roa
Signing time: Sat 16 Dec 2023 12:20:06 +0000
ROA not before: Sat 16 Dec 2023 12:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 213.5.174.0/24 maxlen: 24
213.5.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:91:c9:f6:87:f2:8c:f2:ff:15:11:05:d1:f4:1d:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9381160d6594049a313a5b7bd531628d7dde1b
Validity
Not Before: Dec 16 12:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8eeec3506744fad3322d22605b40286f09b305d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1e:59:14:3c:8f:2b:a1:37:4b:76:8c:18:92:
13:c1:af:e2:37:37:d3:73:68:01:b8:bd:a0:40:97:
bb:86:f6:55:bf:a9:82:e6:3c:79:f0:d9:f1:d2:ec:
1c:29:ca:8f:20:9c:86:d0:2c:ac:3e:5e:70:a7:d9:
00:71:81:54:0e:4e:e7:a7:f6:1e:60:3c:6e:2a:e8:
26:32:b7:5a:a5:37:3c:65:96:d6:b4:e0:06:f1:a9:
89:62:18:f6:1c:84:16:2c:70:0f:6d:e1:d4:1c:93:
9b:a0:b8:6e:26:61:c3:a8:06:70:5b:f4:a4:8e:ab:
90:89:f5:74:a5:c2:e3:d7:fb:53:91:5b:e0:98:fe:
2e:74:1c:b8:7a:31:80:e6:ca:ba:72:97:d3:ce:71:
26:ac:88:10:3f:1d:c7:be:bc:76:7b:d7:95:ba:57:
6a:92:eb:c6:1a:fa:d1:ce:26:ec:bb:d6:23:cd:d7:
ed:3d:37:86:85:54:44:e4:56:7d:cf:f6:a6:04:45:
7f:91:7b:df:06:17:7b:2a:83:ca:bb:4e:18:6e:f6:
b5:05:4f:2f:2a:41:66:46:63:dd:c1:93:b4:4c:3b:
27:70:fa:a9:13:af:93:8e:c0:b9:0d:56:6b:95:db:
31:14:c9:b7:dc:f3:bc:dc:0e:28:de:cb:b2:bd:ad:
cb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EE:EC:35:06:74:4F:AD:33:22:D2:26:05:B4:02:86:F0:9B:30:5D
X509v3 Authority Key Identifier:
keyid:4E:93:81:16:0D:65:94:04:9A:31:3A:5B:7B:D5:31:62:8D:7D:DE:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/2O7sNQZ0T60zItImBbQChvCbMF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.173.0-213.5.174.255
Signature Algorithm: sha256WithRSAEncryption
08:8b:37:7b:93:f2:0d:bf:e6:d4:fa:41:5e:5e:47:5b:18:e6:
be:5f:0b:31:75:23:b3:bf:c5:39:43:57:27:25:a8:1b:89:de:
d5:05:3a:9c:a1:66:e1:0b:3f:59:97:71:46:81:ed:33:41:fd:
a7:0d:a8:85:9d:48:05:14:d1:9f:2a:be:34:72:f7:33:32:bd:
d4:d9:c2:b9:2b:63:d0:60:e6:91:58:be:7a:0d:d8:f2:0a:79:
cf:06:4c:0b:4e:99:e2:83:6e:d2:1c:ec:95:5e:92:f1:37:ae:
d3:05:96:5b:7f:5a:3d:44:1a:d2:ee:67:3d:5b:ee:3b:78:24:
e7:23:77:48:cc:e4:42:66:f3:c2:d7:e3:1c:b9:8b:72:78:15:
3d:ce:68:64:d5:a3:c4:e7:b1:82:b2:bd:ae:88:74:d3:63:5f:
c8:f9:bf:30:08:32:30:f7:72:29:12:94:65:ca:c8:4f:24:7e:
2d:b2:30:b3:46:f3:33:f1:1d:ff:83:77:6a:f7:27:ef:2d:df:
2f:4a:97:5e:f5:7e:20:7f:b8:94:e7:16:9b:c8:56:c5:69:05:
6c:2b:e9:f3:a0:16:ff:5c:55:1f:9c:e3:64:ba:37:1b:d3:88:
cc:ea:4d:02:d8:6d:b6:c6:6d:de:35:73:c6:8b:9b:25:16:c3:
49:be:ff:69
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYxykcn2h/KM8v8VEQXR9B2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTM4MTE2MGQ2NTk0MDQ5YTMxM2E1YjdiZDUzMTYyOGQ3
ZGRlMWIwHhcNMjMxMjE2MTIyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGVlZWMzNTA2NzQ0ZmFkMzMyMmQyMjYwNWI0MDI4NmYwOWIzMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR5ZFDyPK6E3S3aMGJITwa/iNzfT
c2gBuL2gQJe7hvZVv6mC5jx58Nnx0uwcKcqPIJyG0CysPl5wp9kAcYFUDk7np/Ye
YDxuKugmMrdapTc8ZZbWtOAG8amJYhj2HIQWLHAPbeHUHJOboLhuJmHDqAZwW/Sk
jquQifV0pcLj1/tTkVvgmP4udBy4ejGA5sq6cpfTznEmrIgQPx3Hvrx2e9eVuldq
kuvGGvrRzibsu9YjzdftPTeGhVRE5FZ9z/amBEV/kXvfBhd7KoPKu04Ybva1BU8v
KkFmRmPdwZO0TDsncPqpE6+TjsC5DVZrldsxFMm33PO83A4o3suyva3LIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNju7DUGdE+tMyLSJgW0AobwmzBdMB8GA1UdIwQY
MBaAFE6TgRYNZZQEmjE6W3vVMWKNfd4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83YTEzYzgtMjIyMy00YWE0LTgwOTQt
OTY0MTExYTllYjIyLzEvMk83c05RWjBUNjB6SXRJbUJiUUNodkNiTUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83YTEzYzgtMjIyMy00YWE0LTgwOTQtOTY0MTExYTllYjIy
LzEvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADVBa0D
BADVBa4wDQYJKoZIhvcNAQELBQADggEBAAiLN3uT8g2/5tT6QV5eR1sY5r5fCzF1
I7O/xTlDVyclqBuJ3tUFOpyhZuELP1mXcUaB7TNB/acNqIWdSAUU0Z8qvjRy9zMy
vdTZwrkrY9Bg5pFYvnoN2PIKec8GTAtOmeKDbtIc7JVekvE3rtMFllt/Wj1EGtLu
Zz1b7jt4JOcjd0jM5EJm88LX4xy5i3J4FT3OaGTVo8TnsYKyva6IdNNjX8j5vzAI
MjD3cikSlGXKyE8kfi2yMLNG8zPxHf+Dd2r3J+8t3y9Kl171fiB/uJTnFpvIVsVp
BWwr6fOgFv9cVR+c42S6NxvTiMzqTQLYbbbGbd41c8aLmyUWw0m+/2k=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:52:02 2025 by rpki-client