Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/vesiMa7bRi3z_ddQ-lCFLIWVVb0.roa
File: vesiMa7bRi3z_ddQ-lCFLIWVVb0.roa (raw, json)
Hash identifier: DCA2qdpi/WQzP3NR1nc3vnijbSw4I+3nb058OwBnfSw=
Subject key identifier: BD:EB:22:31:AE:DB:46:2D:F3:FD:D7:50:FA:50:85:2C:85:95:55:BD
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 0193EACF62A79D261CE22983435475055846
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/vesiMa7bRi3z_ddQ-lCFLIWVVb0.roa
Signing time: Sat 21 Dec 2024 20:01:19 +0000
ROA not before: Sat 21 Dec 2024 20:01:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213690
IP address blocks: 185.14.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ea:cf:62:a7:9d:26:1c:e2:29:83:43:54:75:05:58:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: Dec 21 20:01:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdeb2231aedb462df3fdd750fa50852c859555bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:96:9f:9e:97:33:70:91:1e:99:66:1b:79:8b:
33:51:b7:01:eb:b6:3c:77:69:4d:2b:2f:63:31:8b:
1c:2b:18:af:b5:18:7e:2f:17:d8:4d:c4:6a:c6:27:
53:32:58:77:46:7a:2a:8c:ce:d7:aa:fa:3e:ce:b5:
95:bb:f6:d3:cf:a9:b8:7b:e8:a4:f8:3b:cb:8c:c5:
e9:69:91:ed:ad:ff:7b:78:01:a1:97:12:13:15:77:
d4:a1:3b:22:e0:91:fe:2a:82:fd:ff:c0:bb:55:6e:
05:60:29:6e:95:68:ca:56:bc:ea:3b:7f:67:9c:88:
50:93:1d:9a:03:84:f3:60:a0:a8:fa:78:ee:b6:30:
4f:ad:ea:4e:32:f9:ef:e8:89:81:2f:06:53:8c:3b:
bb:b3:2f:4a:ad:94:e0:ef:52:35:c7:c2:6b:0d:cc:
c8:6f:b1:bf:db:70:83:78:0b:b5:da:5e:df:e6:05:
a0:03:40:1e:3a:03:ba:e6:1b:de:66:67:6b:64:0f:
5f:81:e4:43:2f:b6:fa:75:fc:be:dd:97:f7:d9:05:
e3:8d:ab:72:10:6a:b1:ed:f8:e0:df:89:97:3a:a7:
1a:27:6e:a1:f1:1c:12:ba:fa:2b:86:b1:f5:d9:f7:
3e:d0:5e:36:ce:20:fe:45:3e:ce:52:88:91:0b:9c:
db:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EB:22:31:AE:DB:46:2D:F3:FD:D7:50:FA:50:85:2C:85:95:55:BD
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/vesiMa7bRi3z_ddQ-lCFLIWVVb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.238.0/24
Signature Algorithm: sha256WithRSAEncryption
14:f7:f3:a2:b1:c2:a0:ae:32:c5:74:2c:54:70:6b:a1:55:e1:
4f:d3:7f:66:dc:8f:a9:a6:da:25:ae:ba:36:8a:90:c4:a8:5f:
b3:b2:59:fb:5b:c4:1e:93:59:2d:52:47:d5:7f:42:b1:6f:ee:
06:49:97:3a:e1:be:59:32:7b:34:8a:f6:ed:97:d8:56:9a:9b:
e6:11:53:da:ab:3f:e0:b0:b1:48:13:01:e7:0f:62:9f:fc:c4:
d4:fc:a0:4a:fe:ba:66:c9:af:13:75:a6:28:95:c1:e6:f9:4d:
27:28:1d:67:37:da:93:9d:bf:55:9a:93:69:a9:02:fe:6f:1b:
3c:24:ef:16:f6:94:6e:05:ed:bc:ac:44:9c:2d:08:26:82:d2:
61:a4:e0:90:52:bf:a9:a4:40:b9:d4:f7:7d:6a:f4:46:29:d0:
57:47:0a:bd:17:65:19:a9:31:a8:ac:89:81:cc:12:de:0f:6e:
2d:52:ee:e1:46:9a:db:a9:0d:e5:9b:a3:1c:1c:10:21:d6:bc:
bc:b0:90:60:24:fa:54:06:07:02:97:cd:c1:21:12:8a:8a:f2:
c0:42:21:fe:3d:fb:b1:69:62:ce:f4:71:a5:0b:91:4f:c4:45:
e5:e5:89:6b:18:5a:10:0d:d1:ce:5e:c3:60:0a:7e:70:88:8c:
74:e4:e3:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPqz2KnnSYc4imDQ1R1BVhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjQxMjIxMjAwMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGViMjIzMWFlZGI0NjJkZjNmZGQ3NTBmYTUwODUyYzg1OTU1NWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJafnpczcJEemWYbeYszUbcB67Y8
d2lNKy9jMYscKxivtRh+LxfYTcRqxidTMlh3RnoqjM7Xqvo+zrWVu/bTz6m4e+ik
+DvLjMXpaZHtrf97eAGhlxITFXfUoTsi4JH+KoL9/8C7VW4FYClulWjKVrzqO39n
nIhQkx2aA4TzYKCo+njutjBPrepOMvnv6ImBLwZTjDu7sy9KrZTg71I1x8JrDczI
b7G/23CDeAu12l7f5gWgA0AeOgO65hveZmdrZA9fgeRDL7b6dfy+3Zf32QXjjaty
EGqx7fjg34mXOqcaJ26h8RwSuvorhrH12fc+0F42ziD+RT7OUoiRC5zbywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3rIjGu20Yt8/3XUPpQhSyFlVW9MB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEvdmVzaU1hN2JSaTN6X2RkUS1sQ0ZMSVdWVmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ7uMA0G
CSqGSIb3DQEBCwUAA4IBAQAU9/OiscKgrjLFdCxUcGuhVeFP039m3I+pptolrro2
ipDEqF+zsln7W8Qek1ktUkfVf0Kxb+4GSZc64b5ZMns0ivbtl9hWmpvmEVPaqz/g
sLFIEwHnD2Kf/MTU/KBK/rpmya8TdaYolcHm+U0nKB1nN9qTnb9VmpNpqQL+bxs8
JO8W9pRuBe28rEScLQgmgtJhpOCQUr+ppEC51Pd9avRGKdBXRwq9F2UZqTGorImB
zBLeD24tUu7hRprbqQ3lm6McHBAh1ry8sJBgJPpUBgcCl83BIRKKivLAQiH+Pfux
aWLO9HGlC5FPxEXl5YlrGFoQDdHOXsNgCn5wiIx05OOq
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:52:31 2025 by rpki-client