Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/fFp4eoz-hCMYvsK7dXrDp_8e8GQ.roa
File: fFp4eoz-hCMYvsK7dXrDp_8e8GQ.roa (raw, json)
Hash identifier: y7HumSc3YJoxyBoO8b97/GWLbqjWtFMAV/IOwgPMrlM=
Subject key identifier: 7C:5A:78:7A:8C:FE:84:23:18:BE:C2:BB:75:7A:C3:A7:FF:1E:F0:64
Certificate issuer: /CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Certificate serial: 01942068112F23C14C649E1A8444C67D2709
Authority key identifier: DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/fFp4eoz-hCMYvsK7dXrDp_8e8GQ.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212027
IP address blocks: 213.232.236.0/24 maxlen: 24
2a06:2840::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:11:2f:23:c1:4c:64:9e:1a:84:44:c6:7d:27:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c5a787a8cfe842318bec2bb757ac3a7ff1ef064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:98:78:7c:b6:97:cb:1e:d8:f1:1c:b3:cf:db:
87:2c:d1:6f:03:6a:42:a9:e0:00:b4:36:7a:00:1f:
b6:16:1e:de:3d:82:22:27:d6:d1:0d:a9:79:11:a6:
ae:83:c4:eb:15:18:4b:f8:08:a8:b1:e6:26:59:ce:
1a:11:e3:ec:b0:b0:37:97:7b:57:38:99:02:14:44:
f5:c6:77:9e:f6:0f:69:e0:64:75:3f:23:73:94:79:
3b:a5:11:a2:d1:fd:7e:96:b2:eb:26:dd:97:fb:d0:
df:80:39:70:23:3f:1b:a2:26:07:38:e1:4a:a3:95:
ae:59:62:f9:aa:a6:b0:bd:4c:de:03:fb:62:a0:49:
49:ba:76:b3:6b:c6:26:14:21:8a:74:63:73:9c:20:
04:3d:af:d6:23:ca:9a:8a:71:b0:99:fb:f7:56:c8:
16:eb:47:4c:d9:73:97:b5:3f:70:a2:47:c4:66:4f:
c0:2b:43:1c:a3:16:88:e8:7d:34:9a:9e:13:2b:78:
20:d2:17:02:51:0e:e8:3d:e6:61:5d:fe:b2:63:e7:
5a:95:51:f1:a6:83:c2:a4:4b:da:19:80:33:90:5b:
5f:f2:85:5f:03:33:72:e8:28:e3:36:a9:be:91:a4:
cf:3a:87:84:a0:f0:96:a8:8a:be:59:8a:87:0b:e7:
81:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5A:78:7A:8C:FE:84:23:18:BE:C2:BB:75:7A:C3:A7:FF:1E:F0:64
X509v3 Authority Key Identifier:
keyid:DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/fFp4eoz-hCMYvsK7dXrDp_8e8GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.236.0/24
IPv6:
2a06:2840::/48
Signature Algorithm: sha256WithRSAEncryption
18:16:a3:ed:0e:94:60:33:ae:8e:dd:ba:32:9a:d5:f1:05:42:
3e:cf:8f:9f:8e:33:aa:f5:3d:b5:2e:b6:ea:86:db:ad:35:e4:
0f:c4:e1:b5:af:9d:44:88:a9:4c:0c:d6:d2:79:48:92:6e:7d:
3c:24:ea:3c:90:c5:88:84:6a:70:77:1b:e8:be:c4:36:24:62:
06:47:3f:ea:a7:cd:fb:55:e1:d4:f4:cb:f5:15:18:c5:52:6d:
d6:79:ac:c4:d4:81:0d:92:d4:b4:34:82:58:5b:91:97:d5:be:
03:38:e0:38:95:ca:71:6d:e5:5f:aa:24:69:e6:c1:7e:b0:64:
76:5c:1e:75:cf:a5:f6:80:85:1d:ff:34:5c:4f:b9:44:b7:21:
40:e5:48:4c:ca:98:a8:8a:b4:d9:c9:a6:49:4c:0b:0f:dc:e5:
9a:5c:b7:29:7c:af:e4:e8:da:e1:b3:f1:36:9d:0e:a0:76:10:
ba:0b:30:e5:12:90:52:5f:91:7f:e5:f4:5c:6c:b3:1a:88:8d:
66:d3:42:f3:89:a6:ab:7e:bc:16:43:3d:5a:17:4a:35:11:6f:
97:2c:87:a9:f0:c0:b5:e5:c7:9b:7c:a2:e5:d8:ce:9b:a0:a3:
3a:bf:61:9d:1e:6d:b1:2b:23:95:27:17:d9:61:42:de:0e:5d:
da:88:01:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgaBEvI8FMZJ4ahETGfScJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWQ2ZWJhNDYzYjc1NjRhYmZhZTkzOGI0NmVkNDcxODdk
ZTBlYzAwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVhNzg3YThjZmU4NDIzMThiZWMyYmI3NTdhYzNhN2ZmMWVmMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5h4fLaXyx7Y8Ryzz9uHLNFvA2pC
qeAAtDZ6AB+2Fh7ePYIiJ9bRDal5Eaaug8TrFRhL+AioseYmWc4aEePssLA3l3tX
OJkCFET1xnee9g9p4GR1PyNzlHk7pRGi0f1+lrLrJt2X+9DfgDlwIz8boiYHOOFK
o5WuWWL5qqawvUzeA/tioElJunaza8YmFCGKdGNznCAEPa/WI8qainGwmfv3VsgW
60dM2XOXtT9wokfEZk/AK0McoxaI6H00mp4TK3gg0hcCUQ7oPeZhXf6yY+dalVHx
poPCpEvaGYAzkFtf8oVfAzNy6CjjNqm+kaTPOoeEoPCWqIq+WYqHC+eBYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHxaeHqM/oQjGL7Cu3V6w6f/HvBkMB8GA1UdIwQY
MBaAFNsdbrpGO3Vkq/rpOLRu1HGH3g7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAt
NmYyY2Y0ZjAzY2ViLzEvZkZwNGVvei1oQ01ZdnNLN2RYckRwXzhlOEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAtNmYyY2Y0ZjAzY2Vi
LzEvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1ejsMA8E
AgACMAkDBwAqBihAAAAwDQYJKoZIhvcNAQELBQADggEBABgWo+0OlGAzro7dujKa
1fEFQj7Pj5+OM6r1PbUutuqG26015A/E4bWvnUSIqUwM1tJ5SJJufTwk6jyQxYiE
anB3G+i+xDYkYgZHP+qnzftV4dT0y/UVGMVSbdZ5rMTUgQ2S1LQ0glhbkZfVvgM4
4DiVynFt5V+qJGnmwX6wZHZcHnXPpfaAhR3/NFxPuUS3IUDlSEzKmKiKtNnJpklM
Cw/c5Zpctyl8r+To2uGz8TadDqB2ELoLMOUSkFJfkX/l9FxssxqIjWbTQvOJpqt+
vBZDPVoXSjURb5csh6nwwLXlx5t8ouXYzpugozq/YZ0ebbErI5UnF9lhQt4OXdqI
AaI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:24:21 2025 by rpki-client