Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/iIuGz7RbK5-6_sH4vM6hDlbmm84.roa
File: iIuGz7RbK5-6_sH4vM6hDlbmm84.roa (raw, json)
Hash identifier: NR09n14cZ06DE+j7XwmogKyYaQjIh4GJAdSuXipSGyM=
Subject key identifier: 88:8B:86:CF:B4:5B:2B:9F:BA:FE:C1:F8:BC:CE:A1:0E:56:E6:9B:CE
Certificate issuer: /CN=651bad95276947c7be536af4c870a3721f0b7761
Certificate serial: 0194236A1CCA8C462D2A20306813FF81781B
Authority key identifier: 65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/iIuGz7RbK5-6_sH4vM6hDlbmm84.roa
Signing time: Wed 01 Jan 2025 19:49:04 +0000
ROA not before: Wed 01 Jan 2025 19:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59795
IP address blocks: 213.184.84.0/24 maxlen: 24
213.184.85.0/24 maxlen: 24
213.184.86.0/24 maxlen: 24
2a09:3a00:3000::/40 maxlen: 48
2a09:3a00:3a00::/40 maxlen: 48
2a09:3a00:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1c:ca:8c:46:2d:2a:20:30:68:13:ff:81:78:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=651bad95276947c7be536af4c870a3721f0b7761
Validity
Not Before: Jan 1 19:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=888b86cfb45b2b9fbafec1f8bccea10e56e69bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e7:bf:0c:47:25:e5:cd:ea:b4:17:61:c0:0d:
09:b4:2e:98:73:f2:02:2a:21:40:96:08:3b:f3:43:
af:ba:10:5c:fb:1b:0a:48:2a:ff:53:5d:a8:4d:c9:
f8:60:fe:8f:9f:21:4f:b0:3f:6b:53:d6:73:78:dc:
14:50:dd:9e:69:32:c3:72:a7:b1:eb:68:a9:67:80:
d1:89:64:9f:0b:89:98:e3:0a:c9:3f:50:ce:ed:b9:
59:c7:b8:d8:4f:59:64:80:67:0f:53:91:73:ee:f1:
f5:a4:a7:37:ef:a8:ae:32:1e:31:e1:05:57:45:a9:
f8:6a:21:7e:36:89:81:28:fb:1a:1c:ef:3b:a4:21:
a9:c7:9e:3d:80:27:0c:b4:b5:12:2a:24:e6:0c:ce:
2f:58:23:7b:d8:fd:38:77:24:7c:b0:c0:6d:c3:db:
f1:67:bf:1a:bb:fb:bb:94:b3:9f:1f:e1:71:7b:61:
42:02:34:97:19:da:4e:d7:c4:3d:3d:05:11:74:07:
63:42:c3:84:13:62:9e:94:c4:5c:77:cd:99:f3:47:
1b:64:48:19:ed:d6:89:64:6a:ee:74:99:4f:39:6f:
50:ac:cf:e3:0c:90:c4:39:d6:33:f8:e0:e6:8c:00:
f4:2d:2b:0e:7c:78:6a:dc:8c:16:86:dd:63:3b:10:
f8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8B:86:CF:B4:5B:2B:9F:BA:FE:C1:F8:BC:CE:A1:0E:56:E6:9B:CE
X509v3 Authority Key Identifier:
keyid:65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/iIuGz7RbK5-6_sH4vM6hDlbmm84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.184.84.0-213.184.86.255
IPv6:
2a09:3a00:3000::/40
2a09:3a00:3a00::/40
2a09:3a00:4000::/40
Signature Algorithm: sha256WithRSAEncryption
80:5d:7b:32:56:f1:75:fb:b8:9c:56:e9:d1:b5:fb:c4:07:cb:
f6:ac:1c:7c:87:23:c1:eb:6e:c5:f9:25:9e:2d:1f:7f:88:47:
05:db:ed:3c:ca:0b:06:b1:b1:79:86:da:2c:00:a6:39:22:83:
b3:e6:6a:39:ea:a7:33:31:11:e3:15:01:bd:b9:f0:6a:18:ff:
97:e8:f5:ee:ab:91:02:60:5c:fd:fe:f2:cc:33:dd:a6:44:0a:
ac:60:04:00:69:7d:1d:2f:f6:c7:50:8b:9d:74:65:62:b7:8f:
9c:a4:df:68:aa:79:0e:5b:d5:81:9e:db:3e:73:cb:79:ba:4d:
81:5b:f1:77:f3:3c:70:8d:61:6a:07:4c:c5:70:da:42:b8:9e:
41:59:bd:91:89:55:94:94:35:40:f1:2f:f8:4c:5e:48:6f:3b:
6c:80:5c:4f:db:73:bf:26:64:39:37:b8:86:15:0a:05:6d:32:
1b:9a:ca:17:b0:0e:b7:1d:57:1e:08:37:85:90:e7:26:40:0b:
7e:fa:72:6a:85:0a:91:84:2e:16:eb:07:97:ff:d1:1e:b0:04:
d5:d9:01:1b:f0:a1:87:7e:fa:e3:db:ff:61:57:0c:77:c1:9e:
38:b4:9e:5d:b5:3a:c0:b3:56:3c:e5:a3:7d:91:77:ae:a7:64:
97:73:c1:86
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQjahzKjEYtKiAwaBP/gXgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MWJhZDk1Mjc2OTQ3YzdiZTUzNmFmNGM4NzBhMzcyMWYw
Yjc3NjEwHhcNMjUwMTAxMTk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhiODZjZmI0NWIyYjlmYmFmZWMxZjhiY2NlYTEwZTU2ZTY5YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmee/DEcl5c3qtBdhwA0JtC6Yc/IC
KiFAlgg780OvuhBc+xsKSCr/U12oTcn4YP6PnyFPsD9rU9ZzeNwUUN2eaTLDcqex
62ipZ4DRiWSfC4mY4wrJP1DO7blZx7jYT1lkgGcPU5Fz7vH1pKc376iuMh4x4QVX
Ran4aiF+NomBKPsaHO87pCGpx549gCcMtLUSKiTmDM4vWCN72P04dyR8sMBtw9vx
Z78au/u7lLOfH+Fxe2FCAjSXGdpO18Q9PQURdAdjQsOEE2KelMRcd82Z80cbZEgZ
7daJZGrudJlPOW9QrM/jDJDEOdYz+ODmjAD0LSsOfHhq3IwWht1jOxD4LwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIiLhs+0Wyufuv7B+LzOoQ5W5pvOMB8GA1UdIwQY
MBaAFGUbrZUnaUfHvlNq9Mhwo3IfC3dhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUt
MTk4YjZhNjFjZTg1LzEvaUl1R3o3UmJLNS02X3NINHZNNmhEbGJtbTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUtMTk4YjZhNjFjZTg1
LzEvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAUBAIAATAOMAwDBALVuFQD
BADVuFYwHgQCAAIwGAMGACoJOgAwAwYAKgk6ADoDBgAqCToAQDANBgkqhkiG9w0B
AQsFAAOCAQEAgF17Mlbxdfu4nFbp0bX7xAfL9qwcfIcjwetuxfklni0ff4hHBdvt
PMoLBrGxeYbaLACmOSKDs+ZqOeqnMzER4xUBvbnwahj/l+j17quRAmBc/f7yzDPd
pkQKrGAEAGl9HS/2x1CLnXRlYrePnKTfaKp5DlvVgZ7bPnPLebpNgVvxd/M8cI1h
agdMxXDaQrieQVm9kYlVlJQ1QPEv+ExeSG87bIBcT9tzvyZkOTe4hhUKBW0yG5rK
F7AOtx1XHgg3hZDnJkALfvpyaoUKkYQuFusHl//RHrAE1dkBG/Chh37649v/YVcM
d8GeOLSeXbU6wLNWPOWjfZF3rqdkl3PBhg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:20 2025 by rpki-client