Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9fc14c-c366-46ff-aaf7-8949e751b219/1/cEC9bPBmfz9Z43qJKU1IUGSC0lI.roa
File: cEC9bPBmfz9Z43qJKU1IUGSC0lI.roa (raw, json)
Hash identifier: 4mEdeYIHzDK/DCJ4cVdrdS7DkgcRn2OeioiYgUbofOs=
Subject key identifier: 70:40:BD:6C:F0:66:7F:3F:59:E3:7A:89:29:4D:48:50:64:82:D2:52
Certificate issuer: /CN=de19baa8c880a9459dc5f44d675dea4ef96dbdef
Certificate serial: 019425217D293DED33A4C0552BF6F8954D91
Authority key identifier: DE:19:BA:A8:C8:80:A9:45:9D:C5:F4:4D:67:5D:EA:4E:F9:6D:BD:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hm6qMiAqUWdxfRNZ13qTvltve8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9fc14c-c366-46ff-aaf7-8949e751b219/1/cEC9bPBmfz9Z43qJKU1IUGSC0lI.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 141.59.240.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7d:29:3d:ed:33:a4:c0:55:2b:f6:f8:95:4d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de19baa8c880a9459dc5f44d675dea4ef96dbdef
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7040bd6cf0667f3f59e37a89294d48506482d252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f1:fb:65:74:41:48:1f:a5:c0:ff:7e:ad:78:
db:8c:16:0e:e0:64:ac:4c:18:85:7c:d4:1d:45:eb:
6b:73:e7:c4:c1:cd:8d:8b:de:12:69:cb:5e:a0:3d:
0b:50:82:01:ac:db:27:4e:91:b5:77:1f:ad:19:50:
da:13:9f:b8:ec:ed:ca:f5:91:2c:78:42:99:4c:74:
63:90:05:86:27:8f:7d:d4:60:62:cc:31:14:f4:c6:
0e:db:8e:02:c8:3a:2c:b2:25:1c:55:9e:c6:4a:ac:
db:ba:b8:47:bb:69:03:a0:12:90:e7:8f:44:9e:d8:
7a:95:55:2c:cd:7b:22:e9:2a:e6:78:6a:55:88:7a:
46:ec:dc:b6:9a:02:10:ab:73:ab:13:42:f9:6f:79:
d8:bd:85:19:d0:b4:b6:63:ff:51:b5:25:39:85:3f:
a4:f0:83:f3:a5:e5:3b:1f:89:0c:93:aa:75:79:6d:
cc:56:07:32:a8:4f:75:a0:a6:90:b3:2c:33:96:a8:
1f:ca:78:ba:f6:02:76:3d:45:39:ff:75:79:6c:95:
63:3f:5a:69:ce:4f:09:a0:3d:a3:be:e2:ca:12:4a:
82:38:31:b0:c2:07:34:aa:0e:b6:26:89:62:14:84:
2d:b8:7c:8d:12:28:cd:2a:80:75:68:e2:9d:d5:95:
53:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:40:BD:6C:F0:66:7F:3F:59:E3:7A:89:29:4D:48:50:64:82:D2:52
X509v3 Authority Key Identifier:
keyid:DE:19:BA:A8:C8:80:A9:45:9D:C5:F4:4D:67:5D:EA:4E:F9:6D:BD:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hm6qMiAqUWdxfRNZ13qTvltve8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9fc14c-c366-46ff-aaf7-8949e751b219/1/cEC9bPBmfz9Z43qJKU1IUGSC0lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9fc14c-c366-46ff-aaf7-8949e751b219/1/3hm6qMiAqUWdxfRNZ13qTvltve8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.59.240.0/21
Signature Algorithm: sha256WithRSAEncryption
49:d8:aa:fe:af:d1:23:17:c4:f2:e3:37:8a:27:92:62:94:87:
b5:92:29:bf:18:58:e6:da:d4:55:8f:0c:57:c6:cf:94:f5:e5:
69:0e:a9:13:4b:f1:4a:aa:37:dc:72:89:f6:26:d4:41:7b:4b:
98:69:36:d0:03:58:4e:cd:b1:34:3c:0e:5a:59:12:9b:c0:6b:
35:3d:25:7d:74:07:1a:6e:b5:aa:6a:69:60:71:b7:54:01:01:
8b:ec:7a:22:19:3e:15:43:63:e1:42:c4:61:c6:d5:7d:71:7e:
c0:bf:89:8e:c2:c0:f8:b8:1d:c8:d2:b8:24:5f:44:05:a1:c7:
87:38:9f:c2:8c:1c:49:4a:29:52:81:33:9f:c4:13:20:7e:78:
f5:1d:cd:8c:7c:8f:b9:14:6c:7e:87:06:da:17:36:31:d4:da:
db:c6:30:aa:03:f4:dc:9a:9b:2d:87:39:d8:1c:07:16:ee:de:
a6:15:fb:8a:3c:25:f7:71:7c:7e:55:bd:3d:be:94:41:3a:ab:
27:13:79:a2:ee:c0:be:31:e9:10:3a:c0:2c:f2:29:c9:e1:68:
3f:fb:ed:43:1f:d8:a8:f3:9a:77:62:26:ee:2e:43:cf:54:8f:
84:cd:af:15:6d:d7:73:a4:8f:da:45:11:79:d1:45:78:a1:97:
a0:7a:5f:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIX0pPe0zpMBVK/b4lU2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTliYWE4Yzg4MGE5NDU5ZGM1ZjQ0ZDY3NWRlYTRlZjk2
ZGJkZWYwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQwYmQ2Y2YwNjY3ZjNmNTllMzdhODkyOTRkNDg1MDY0ODJkMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fH7ZXRBSB+lwP9+rXjbjBYO4GSs
TBiFfNQdRetrc+fEwc2Ni94SacteoD0LUIIBrNsnTpG1dx+tGVDaE5+47O3K9ZEs
eEKZTHRjkAWGJ4991GBizDEU9MYO244CyDossiUcVZ7GSqzburhHu2kDoBKQ549E
nth6lVUszXsi6SrmeGpViHpG7Ny2mgIQq3OrE0L5b3nYvYUZ0LS2Y/9RtSU5hT+k
8IPzpeU7H4kMk6p1eW3MVgcyqE91oKaQsywzlqgfyni69gJ2PUU5/3V5bJVjP1pp
zk8JoD2jvuLKEkqCODGwwgc0qg62JoliFIQtuHyNEijNKoB1aOKd1ZVTGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBAvWzwZn8/WeN6iSlNSFBkgtJSMB8GA1UdIwQY
MBaAFN4ZuqjIgKlFncX0TWdd6k75bb3vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2htNnFNaUFxVVdkeGZSTloxM3FUdmx0dmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85ZmMxNGMtYzM2Ni00NmZmLWFhZjct
ODk0OWU3NTFiMjE5LzEvY0VDOWJQQm1mejlaNDNxSktVMUlVR1NDMGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85ZmMxNGMtYzM2Ni00NmZmLWFhZjctODk0OWU3NTFiMjE5
LzEvM2htNnFNaUFxVVdkeGZSTloxM3FUdmx0dmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDjTvwMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ2Kr+r9EjF8Ty4zeKJ5JilIe1kim/GFjm2tRVjwxX
xs+U9eVpDqkTS/FKqjfccon2JtRBe0uYaTbQA1hOzbE0PA5aWRKbwGs1PSV9dAca
brWqamlgcbdUAQGL7HoiGT4VQ2PhQsRhxtV9cX7Av4mOwsD4uB3I0rgkX0QFoceH
OJ/CjBxJSilSgTOfxBMgfnj1Hc2MfI+5FGx+hwbaFzYx1NrbxjCqA/TcmpsthznY
HAcW7t6mFfuKPCX3cXx+Vb09vpRBOqsnE3mi7sC+MekQOsAs8inJ4Wg/++1DH9io
85p3YibuLkPPVI+Eza8VbddzpI/aRRF50UV4oZegel9/
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:41:31 2025 by rpki-client