Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/OBs7tOHp2Wjn-4vQjiF3T1Tvdqo.roa
File: OBs7tOHp2Wjn-4vQjiF3T1Tvdqo.roa (raw, json)
Hash identifier: fvlWOqKo6QA1tHDJxdBzRG65QuYwKPujIF/1V8LwtVw=
Subject key identifier: 38:1B:3B:B4:E1:E9:D9:68:E7:FB:8B:D0:8E:21:77:4F:54:EF:76:AA
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 0194266B57AD2D4649F75D4DF39A8E222AAA
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/OBs7tOHp2Wjn-4vQjiF3T1Tvdqo.roa
Signing time: Thu 02 Jan 2025 09:49:16 +0000
ROA not before: Thu 02 Jan 2025 09:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39396
IP address blocks: 212.21.129.0/24 maxlen: 24
212.21.133.0/24 maxlen: 24
212.21.159.0/24 maxlen: 24
2a00:e200:100::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:57:ad:2d:46:49:f7:5d:4d:f3:9a:8e:22:2a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 09:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=381b3bb4e1e9d968e7fb8bd08e21774f54ef76aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:10:e9:39:9a:81:dd:5f:23:73:67:5d:8d:42:
23:5f:92:b8:fd:45:ef:80:9d:7d:5e:42:ca:f3:47:
9e:40:21:14:0e:b9:83:75:34:eb:d5:23:5b:43:10:
c7:61:d8:9b:fb:e6:c4:49:e3:40:99:a3:42:a8:be:
24:b9:e4:c0:54:91:93:ec:18:fd:03:ca:d3:a3:3d:
bb:80:04:09:25:60:7f:61:11:1f:3b:36:10:37:75:
a5:73:d5:50:ae:eb:fb:ac:d1:d8:85:8d:bf:6c:cd:
29:93:4c:30:f9:2f:bb:ab:56:f3:22:a8:69:fa:e6:
d1:c9:96:10:65:0c:90:f0:63:44:e3:a1:f1:a3:69:
99:d6:84:ff:de:88:0d:62:74:e7:ea:37:dd:f6:e9:
9f:56:13:4a:5a:32:4c:43:39:42:86:9b:e9:f6:ee:
d9:08:f3:dc:94:e4:e5:2f:6d:cf:67:01:98:2b:15:
f6:19:b7:49:47:90:cd:11:10:23:0f:a6:33:23:9f:
25:ea:66:2d:ab:d1:e8:bc:8d:aa:61:8a:9a:60:cd:
b1:86:66:29:e6:9b:39:c5:e6:4e:96:16:3a:0c:b4:
7b:b0:56:cb:7c:87:19:fa:69:0e:f3:ae:9c:97:c6:
3e:92:27:20:bd:96:7b:4d:8e:d0:3d:a2:a1:fb:57:
48:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1B:3B:B4:E1:E9:D9:68:E7:FB:8B:D0:8E:21:77:4F:54:EF:76:AA
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/OBs7tOHp2Wjn-4vQjiF3T1Tvdqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.129.0/24
212.21.133.0/24
212.21.159.0/24
IPv6:
2a00:e200:100::/48
Signature Algorithm: sha256WithRSAEncryption
57:29:50:18:9c:54:48:3f:dd:09:8c:14:af:1d:c1:b1:f4:c7:
bc:77:d6:85:40:0b:23:54:85:d5:0c:96:b1:97:81:b9:f4:31:
5b:c4:f5:64:83:e9:e8:d7:c3:55:1c:99:4f:ad:8b:e9:89:2d:
ce:1b:81:d7:3d:f0:c5:95:d5:2c:5e:38:eb:ef:b0:56:e8:e8:
de:0f:57:48:7e:99:fc:7b:6b:95:07:f6:7d:43:de:1b:98:ef:
97:a5:fe:71:37:24:87:09:f8:31:8c:37:be:5c:1a:98:61:2b:
04:ef:00:55:2f:8d:e1:42:a3:37:a1:14:f4:31:eb:84:c4:07:
f6:92:e8:6b:e1:4f:50:a7:67:66:e4:cf:95:55:dc:97:b4:d6:
62:a3:1c:13:4c:96:a4:c9:75:2a:c9:11:d1:13:7e:bc:e4:a2:
54:2f:9d:3a:48:f1:e3:b2:18:8d:be:8c:ff:ce:6f:18:f2:a2:
fa:06:6b:3e:a7:13:e5:ff:02:fe:4c:53:4c:4e:ce:f3:a6:61:
50:3e:36:30:cf:2c:97:1c:c7:ff:ed:9b:07:0d:fd:4b:0f:76:
fc:ca:a5:b5:74:61:a2:af:3d:92:3b:35:e3:67:fa:a5:9d:81:
df:97:4f:45:e8:a9:52:21:16:c5:ec:82:14:89:3d:3f:54:7c:
ac:1f:4b:6e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQma1etLUZJ911N85qOIiqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjUwMTAyMDk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFiM2JiNGUxZTlkOTY4ZTdmYjhiZDA4ZTIxNzc0ZjU0ZWY3NmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBDpOZqB3V8jc2ddjUIjX5K4/UXv
gJ19XkLK80eeQCEUDrmDdTTr1SNbQxDHYdib++bESeNAmaNCqL4kueTAVJGT7Bj9
A8rToz27gAQJJWB/YREfOzYQN3Wlc9VQruv7rNHYhY2/bM0pk0ww+S+7q1bzIqhp
+ubRyZYQZQyQ8GNE46Hxo2mZ1oT/3ogNYnTn6jfd9umfVhNKWjJMQzlChpvp9u7Z
CPPclOTlL23PZwGYKxX2GbdJR5DNERAjD6YzI58l6mYtq9HovI2qYYqaYM2xhmYp
5ps5xeZOlhY6DLR7sFbLfIcZ+mkO866cl8Y+kicgvZZ7TY7QPaKh+1dIIQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDgbO7Th6dlo5/uL0I4hd09U73aqMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvT0JzN3RPSHAyV2puLTR2UWppRjNUMVR2ZHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQA1BWBAwQA
1BWFAwQA1BWfMA8EAgACMAkDBwAqAOIAAQAwDQYJKoZIhvcNAQELBQADggEBAFcp
UBicVEg/3QmMFK8dwbH0x7x31oVACyNUhdUMlrGXgbn0MVvE9WSD6ejXw1UcmU+t
i+mJLc4bgdc98MWV1SxeOOvvsFbo6N4PV0h+mfx7a5UH9n1D3huY75el/nE3JIcJ
+DGMN75cGphhKwTvAFUvjeFCozehFPQx64TEB/aS6GvhT1CnZ2bkz5VV3Je01mKj
HBNMlqTJdSrJEdETfrzkolQvnTpI8eOyGI2+jP/ObxjyovoGaz6nE+X/Av5MU0xO
zvOmYVA+NjDPLJccx//tmwcN/UsPdvzKpbV0YaKvPZI7NeNn+qWdgd+XT0XoqVIh
FsXsghSJPT9UfKwfS24=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:23:35 2025 by rpki-client