Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/AgHi8XOuA8AW6mQ9081yaHFi7LY.roa
File: AgHi8XOuA8AW6mQ9081yaHFi7LY.roa (raw, json)
Hash identifier: GntMqrIeYlMh8GQHa17dRcWuW6VcPzJOKzx7OubvqC4=
Subject key identifier: 02:01:E2:F1:73:AE:03:C0:16:EA:64:3D:D3:CD:72:68:71:62:EC:B6
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 019423698B3875738AD2B7AE884D52E906EE
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/AgHi8XOuA8AW6mQ9081yaHFi7LY.roa
Signing time: Wed 01 Jan 2025 19:48:27 +0000
ROA not before: Wed 01 Jan 2025 19:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209575
IP address blocks: 213.208.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8b:38:75:73:8a:d2:b7:ae:88:4d:52:e9:06:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 19:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0201e2f173ae03c016ea643dd3cd72687162ecb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9a:71:53:9e:bf:ef:f2:b4:5e:b1:20:bf:76:
c9:ed:ee:b0:ad:5f:49:a5:41:fb:50:00:3a:9a:b4:
f7:7f:6f:99:56:81:ff:dd:2d:0b:48:f9:ec:5f:63:
48:27:2d:7e:0b:d2:6b:44:34:4b:cb:45:57:1f:1d:
e1:86:5b:47:a4:be:0c:64:e6:ec:cc:1b:6e:81:38:
18:ba:51:75:f4:b3:51:66:eb:fa:44:bd:ec:d9:59:
aa:35:31:6e:d9:4f:78:7a:c0:a0:47:26:86:37:21:
7d:02:c4:d1:59:66:10:74:a2:5d:08:63:a8:07:7c:
3c:ab:8d:85:46:48:f2:d4:ab:8d:65:bd:f1:97:da:
74:5b:0b:55:21:4d:6f:a6:58:bd:e5:84:63:7d:c0:
60:14:57:11:2c:92:50:39:ef:cf:2b:58:eb:3e:50:
a3:e8:fa:19:fe:4d:a5:ce:1f:99:a5:7c:d2:6e:49:
26:30:17:f9:2d:19:7f:43:2c:0b:7a:bf:65:9b:a5:
36:9d:43:d7:47:e9:5d:43:11:0d:e1:b5:4a:b2:ac:
22:a3:31:7f:3e:b4:cb:65:cf:c7:ac:ef:ed:7b:99:
d9:49:7d:bc:8e:91:51:c4:82:27:16:0a:6b:22:10:
20:df:cb:90:62:36:65:84:1d:c3:da:ab:39:6c:81:
35:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:01:E2:F1:73:AE:03:C0:16:EA:64:3D:D3:CD:72:68:71:62:EC:B6
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/AgHi8XOuA8AW6mQ9081yaHFi7LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.208.143.0/24
Signature Algorithm: sha256WithRSAEncryption
de:94:70:54:f7:e0:5e:36:5f:76:4c:a6:9b:d8:e2:ca:bc:c6:
5b:3e:37:45:5a:da:40:66:1d:d7:da:36:da:38:6e:db:46:94:
ee:60:88:ad:38:fd:3a:d2:49:ab:6c:46:ff:f1:c9:32:ce:2b:
1e:cd:8e:a9:42:66:85:2f:bc:4a:68:24:90:27:c0:67:48:b4:
b4:b2:b7:1d:b1:89:12:11:c5:5c:70:90:47:2d:f1:b7:c9:4f:
5a:d5:a9:56:2f:41:52:28:ae:e8:5d:d9:88:4c:2d:9d:ee:53:
2f:b3:ba:23:a0:1c:f2:99:b4:37:a4:0d:cd:84:4e:f1:e7:21:
63:49:9b:4e:e0:71:a8:49:1e:b6:fb:55:c7:ac:0b:b4:82:11:
2f:41:a8:48:24:80:79:2c:16:de:2c:6a:a8:da:e1:5e:79:b6:
dd:ce:65:22:38:26:60:99:38:c9:54:2a:c4:ab:72:17:53:ef:
cd:56:af:00:30:f7:84:cc:0f:c3:90:20:72:85:d7:c1:62:92:
84:e4:82:fa:b9:1c:7e:50:f8:95:16:63:a5:44:1c:be:33:85:
b9:80:4c:34:74:e1:22:6b:d5:ce:b0:ae:aa:79:ca:c1:b9:44:
e8:a3:51:12:1f:d8:f7:89:b9:4f:63:c3:77:06:e2:c5:ea:97:
62:87:25:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaYs4dXOK0reuiE1S6QbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjUwMTAxMTk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjAxZTJmMTczYWUwM2MwMTZlYTY0M2RkM2NkNzI2ODcxNjJlY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJpxU56/7/K0XrEgv3bJ7e6wrV9J
pUH7UAA6mrT3f2+ZVoH/3S0LSPnsX2NIJy1+C9JrRDRLy0VXHx3hhltHpL4MZObs
zBtugTgYulF19LNRZuv6RL3s2VmqNTFu2U94esCgRyaGNyF9AsTRWWYQdKJdCGOo
B3w8q42FRkjy1KuNZb3xl9p0WwtVIU1vpli95YRjfcBgFFcRLJJQOe/PK1jrPlCj
6PoZ/k2lzh+ZpXzSbkkmMBf5LRl/QywLer9lm6U2nUPXR+ldQxEN4bVKsqwiozF/
PrTLZc/HrO/te5nZSX28jpFRxIInFgprIhAg38uQYjZlhB3D2qs5bIE1jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIB4vFzrgPAFupkPdPNcmhxYuy2MB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvQWdIaThYT3VBOEFXNm1ROTA4MXlhSEZpN0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dCPMA0G
CSqGSIb3DQEBCwUAA4IBAQDelHBU9+BeNl92TKab2OLKvMZbPjdFWtpAZh3X2jba
OG7bRpTuYIitOP060kmrbEb/8ckyzisezY6pQmaFL7xKaCSQJ8BnSLS0srcdsYkS
EcVccJBHLfG3yU9a1alWL0FSKK7oXdmITC2d7lMvs7ojoBzymbQ3pA3NhE7x5yFj
SZtO4HGoSR62+1XHrAu0ghEvQahIJIB5LBbeLGqo2uFeebbdzmUiOCZgmTjJVCrE
q3IXU+/NVq8AMPeEzA/DkCByhdfBYpKE5IL6uRx+UPiVFmOlRBy+M4W5gEw0dOEi
a9XOsK6qecrBuUToo1ESH9j3iblPY8N3BuLF6pdihyW2
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:42:07 2025 by rpki-client