Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/DLlGI8m12QJDZKpjRPFCFCLdu6A.roa
File: DLlGI8m12QJDZKpjRPFCFCLdu6A.roa (raw, json)
Hash identifier: oxt7jnBbOVcGUs8n669A0h/3u42NVRIi4eKnIz1AP4g=
Subject key identifier: 0C:B9:46:23:C9:B5:D9:02:43:64:AA:63:44:F1:42:14:22:DD:BB:A0
Certificate issuer: /CN=4e9381160d6594049a313a5b7bd531628d7dde1b
Certificate serial: 018CCA96C642B7689145A3F48B18E26F2A0B
Authority key identifier: 4E:93:81:16:0D:65:94:04:9A:31:3A:5B:7B:D5:31:62:8D:7D:DE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/DLlGI8m12QJDZKpjRPFCFCLdu6A.roa
Signing time: Tue 02 Jan 2024 14:32:07 +0000
ROA not before: Tue 02 Jan 2024 14:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48937
IP address blocks: 213.5.174.0/24 maxlen: 24
213.5.175.0/24 maxlen: 24
213.5.174.0/23 maxlen: 23
213.5.173.0/24 maxlen: 24
213.5.170.0/24 maxlen: 24
213.5.172.0/23 maxlen: 23
213.5.171.0/24 maxlen: 24
213.5.168.0/24 maxlen: 24
213.5.172.0/24 maxlen: 24
213.5.169.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:c6:42:b7:68:91:45:a3:f4:8b:18:e2:6f:2a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9381160d6594049a313a5b7bd531628d7dde1b
Validity
Not Before: Jan 2 14:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cb94623c9b5d9024364aa6344f1421422ddbba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3b:41:35:f0:6d:80:ee:5f:ea:ae:ce:fb:ac:
b1:53:42:7b:ed:41:60:df:c8:70:2a:14:6a:8f:76:
ac:38:d0:90:4e:a9:2e:62:3b:4a:2c:bc:f7:08:a5:
02:17:26:d8:ae:43:a5:af:d3:45:e7:c2:bc:5f:13:
6a:30:06:a7:d2:3a:9c:36:df:e6:29:72:5d:39:3c:
c6:d2:d8:bf:1f:f2:5b:91:13:20:36:8f:8b:96:50:
99:7b:bb:8a:c3:ea:07:bf:86:1d:20:6d:02:06:7b:
79:3e:57:b8:c0:73:94:42:4f:cf:9c:69:c5:89:73:
2f:20:01:4f:d9:47:0a:15:36:02:5f:31:76:72:85:
ad:47:8e:b5:27:5b:88:38:9e:61:35:d8:79:39:8e:
92:8c:0d:44:83:09:11:66:89:08:84:72:ba:8e:4f:
f9:ee:04:85:d6:eb:cd:6a:35:c2:12:99:ff:50:4e:
6f:18:da:17:3b:68:0c:a2:11:74:83:e2:23:8d:02:
a7:af:50:d8:c7:35:63:57:15:10:3e:81:2b:ad:6f:
8d:1d:e0:a2:00:c3:ba:05:40:ae:21:08:75:39:30:
32:5f:00:d5:ed:44:6f:a5:18:8a:2f:ad:c5:2d:71:
6d:9f:6c:d4:83:89:ad:6e:f9:a2:d0:58:87:82:f9:
66:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B9:46:23:C9:B5:D9:02:43:64:AA:63:44:F1:42:14:22:DD:BB:A0
X509v3 Authority Key Identifier:
keyid:4E:93:81:16:0D:65:94:04:9A:31:3A:5B:7B:D5:31:62:8D:7D:DE:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/DLlGI8m12QJDZKpjRPFCFCLdu6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.168.0/21
Signature Algorithm: sha256WithRSAEncryption
74:dd:bc:60:01:c8:ec:00:4d:da:0a:24:ec:2f:2e:04:ef:4a:
98:9d:4b:93:55:cf:09:6e:af:e9:ae:9c:e9:54:b1:2e:18:35:
77:28:31:1d:04:23:ec:bb:3f:51:7e:bb:ce:13:3a:48:28:63:
30:cc:19:54:27:41:26:ad:8c:7d:8f:e0:b7:bb:8c:02:7c:66:
07:0f:6a:cb:32:f6:69:8a:96:f2:e6:24:03:db:cb:54:69:df:
84:39:04:f0:f3:16:a2:8c:bd:f7:e2:87:56:31:67:e5:d1:7e:
cd:b7:eb:6b:92:d2:69:eb:bc:4b:f3:55:89:fb:16:42:a4:39:
ed:7e:88:17:fc:ee:1a:91:b0:03:9a:37:74:31:bb:e3:52:d9:
e2:b0:82:23:42:49:a5:ea:2c:f0:6a:96:5c:7e:d9:e0:7a:f2:
b0:75:7b:85:4e:2b:fd:48:08:bb:84:37:ff:7b:79:39:61:76:
db:fa:01:93:29:a5:70:59:81:80:d8:41:63:63:ba:d3:81:cc:
8b:d1:64:b6:3f:1c:20:9f:47:7a:dd:ec:ad:f2:1f:e2:1d:0e:
68:e8:d6:d0:25:68:35:0e:bb:36:e5:c6:d6:be:cc:68:e0:cd:
54:9c:09:0b:59:b7:f3:6d:33:3e:5c:c8:e5:d3:3f:b1:b2:8b:
7a:43:7f:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKlsZCt2iRRaP0ixjibyoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTM4MTE2MGQ2NTk0MDQ5YTMxM2E1YjdiZDUzMTYyOGQ3
ZGRlMWIwHhcNMjQwMTAyMTQzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2I5NDYyM2M5YjVkOTAyNDM2NGFhNjM0NGYxNDIxNDIyZGRiYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjtBNfBtgO5f6q7O+6yxU0J77UFg
38hwKhRqj3asONCQTqkuYjtKLLz3CKUCFybYrkOlr9NF58K8XxNqMAan0jqcNt/m
KXJdOTzG0ti/H/JbkRMgNo+LllCZe7uKw+oHv4YdIG0CBnt5Ple4wHOUQk/PnGnF
iXMvIAFP2UcKFTYCXzF2coWtR461J1uIOJ5hNdh5OY6SjA1EgwkRZokIhHK6jk/5
7gSF1uvNajXCEpn/UE5vGNoXO2gMohF0g+IjjQKnr1DYxzVjVxUQPoErrW+NHeCi
AMO6BUCuIQh1OTAyXwDV7URvpRiKL63FLXFtn2zUg4mtbvmi0FiHgvlmCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAy5RiPJtdkCQ2SqY0TxQhQi3bugMB8GA1UdIwQY
MBaAFE6TgRYNZZQEmjE6W3vVMWKNfd4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83YTEzYzgtMjIyMy00YWE0LTgwOTQt
OTY0MTExYTllYjIyLzEvRExsR0k4bTEyUUpEWktwalJQRkNGQ0xkdTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83YTEzYzgtMjIyMy00YWE0LTgwOTQtOTY0MTExYTllYjIy
LzEvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1QWoMA0G
CSqGSIb3DQEBCwUAA4IBAQB03bxgAcjsAE3aCiTsLy4E70qYnUuTVc8Jbq/prpzp
VLEuGDV3KDEdBCPsuz9RfrvOEzpIKGMwzBlUJ0EmrYx9j+C3u4wCfGYHD2rLMvZp
ipby5iQD28tUad+EOQTw8xaijL334odWMWfl0X7Nt+trktJp67xL81WJ+xZCpDnt
fogX/O4akbADmjd0MbvjUtnisIIjQkml6izwapZcftngevKwdXuFTiv9SAi7hDf/
e3k5YXbb+gGTKaVwWYGA2EFjY7rTgcyL0WS2Pxwgn0d63eyt8h/iHQ5o6NbQJWg1
Drs25cbWvsxo4M1UnAkLWbfzbTM+XMjl0z+xsot6Q38+
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:59:02 2025 by rpki-client