Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/a64061-52c9-43dc-9ee0-5afde294d1c2/1/4eleNmX005n7wlXVlehMTBHp9tw.roa
File: 4eleNmX005n7wlXVlehMTBHp9tw.roa (raw, json)
Hash identifier: 5tRtBlf42R6PXZYfZGr+HDlBaIQdiVh4BjlyfhjnVHE=
Subject key identifier: E1:E9:5E:36:65:F4:D3:99:FB:C2:55:D5:95:E8:4C:4C:11:E9:F6:DC
Certificate issuer: /CN=3b13bf822592bd1b54b77cc2c1cc42b28ccf1669
Certificate serial: 018CC56EE541B742F7389E04EC7B1F4DD34C
Authority key identifier: 3B:13:BF:82:25:92:BD:1B:54:B7:7C:C2:C1:CC:42:B2:8C:CF:16:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxO_giWSvRtUt3zCwcxCsozPFmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/a64061-52c9-43dc-9ee0-5afde294d1c2/1/4eleNmX005n7wlXVlehMTBHp9tw.roa
Signing time: Mon 01 Jan 2024 14:30:28 +0000
ROA not before: Mon 01 Jan 2024 14:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 213.178.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e5:41:b7:42:f7:38:9e:04:ec:7b:1f:4d:d3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b13bf822592bd1b54b77cc2c1cc42b28ccf1669
Validity
Not Before: Jan 1 14:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1e95e3665f4d399fbc255d595e84c4c11e9f6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:89:40:ed:f8:46:7e:37:2b:b8:da:de:98:
4e:d1:38:81:69:15:7b:ab:af:78:8c:74:65:72:1e:
52:a8:48:ba:d5:c4:39:32:74:e8:33:25:af:c4:a0:
df:98:9b:61:70:22:57:43:ef:54:7f:f7:f3:29:97:
39:31:5b:cd:fd:a0:73:c8:bd:fa:d0:ec:dd:13:e6:
80:cb:99:3a:8a:08:bc:9d:1a:10:16:85:0b:78:0e:
fb:55:fd:c8:59:a1:4b:04:bf:12:3e:f1:ac:de:be:
db:6f:3c:09:c2:cb:d4:6d:8a:9b:63:db:32:9d:d1:
e2:05:a5:a5:25:5f:7d:10:fc:99:99:f4:c1:5d:9d:
73:49:c6:e2:1b:ba:8c:48:d5:ed:26:1f:6e:3e:39:
6b:2f:6e:8b:ff:83:ad:45:03:23:37:ce:66:bd:13:
d1:c8:a7:bf:14:4b:99:63:79:77:56:b6:11:0b:f1:
aa:a9:76:ed:09:b6:20:50:c7:3e:6c:2a:42:a1:2f:
c2:91:bd:dc:54:17:41:99:12:ff:0e:49:e5:6e:b7:
61:0e:41:f2:f9:9b:21:b9:51:14:1d:1f:0e:6c:db:
17:d5:3c:42:3d:bf:04:47:f2:8b:f9:38:65:da:b6:
81:e4:fe:24:e9:69:85:e3:48:f3:58:47:81:34:d7:
72:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E9:5E:36:65:F4:D3:99:FB:C2:55:D5:95:E8:4C:4C:11:E9:F6:DC
X509v3 Authority Key Identifier:
keyid:3B:13:BF:82:25:92:BD:1B:54:B7:7C:C2:C1:CC:42:B2:8C:CF:16:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxO_giWSvRtUt3zCwcxCsozPFmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/a64061-52c9-43dc-9ee0-5afde294d1c2/1/4eleNmX005n7wlXVlehMTBHp9tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/a64061-52c9-43dc-9ee0-5afde294d1c2/1/OxO_giWSvRtUt3zCwcxCsozPFmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.178.143.0/24
Signature Algorithm: sha256WithRSAEncryption
89:9e:f0:be:19:cd:f3:25:b9:01:90:e2:c1:94:0a:ca:c5:12:
3d:4d:cf:c8:b5:ae:61:7c:96:ea:41:52:ec:77:e9:77:5e:90:
f2:bb:58:de:25:af:b6:90:2c:d9:94:df:46:56:84:40:72:18:
fd:ac:23:9c:48:d4:6d:94:55:b4:08:f6:57:cc:79:ef:04:83:
fe:07:90:46:34:cf:af:9c:da:5b:f8:65:16:8a:bf:f0:f0:1d:
aa:ed:6b:9b:64:c1:3d:38:cd:19:82:7b:b9:70:f4:a7:20:18:
8d:7c:2d:2f:09:50:dd:30:72:60:b2:d0:81:94:41:3f:d8:ef:
2a:e9:cb:f5:fd:ad:39:56:9a:2f:d3:2b:b6:c8:fd:81:f3:f8:
6d:a0:60:db:ef:0a:77:a7:66:17:0e:cf:11:36:35:14:51:9b:
cd:9b:38:87:e7:e5:0d:e1:12:27:6c:23:4f:33:5e:be:df:56:
9a:a1:30:f4:74:c4:1a:d7:eb:3e:df:25:74:f9:ff:8a:c5:d5:
fc:88:60:ff:c5:c7:14:ff:98:9f:29:02:34:e8:d3:80:10:e2:
04:ce:af:37:74:ac:6a:da:0c:a1:51:88:24:9b:78:d6:ee:63:
f8:0a:2e:b7:2d:3e:4a:f1:6c:c4:c6:48:12:60:47:08:b3:ff:
a1:8b:d3:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbuVBt0L3OJ4E7HsfTdNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTNiZjgyMjU5MmJkMWI1NGI3N2NjMmMxY2M0MmIyOGNj
ZjE2NjkwHhcNMjQwMTAxMTQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU5NWUzNjY1ZjRkMzk5ZmJjMjU1ZDU5NWU4NGM0YzExZTlmNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc+JQO34Rn43K7ja3phO0TiBaRV7
q694jHRlch5SqEi61cQ5MnToMyWvxKDfmJthcCJXQ+9Uf/fzKZc5MVvN/aBzyL36
0OzdE+aAy5k6igi8nRoQFoULeA77Vf3IWaFLBL8SPvGs3r7bbzwJwsvUbYqbY9sy
ndHiBaWlJV99EPyZmfTBXZ1zScbiG7qMSNXtJh9uPjlrL26L/4OtRQMjN85mvRPR
yKe/FEuZY3l3VrYRC/GqqXbtCbYgUMc+bCpCoS/Ckb3cVBdBmRL/DknlbrdhDkHy
+ZshuVEUHR8ObNsX1TxCPb8ER/KL+Thl2raB5P4k6WmF40jzWEeBNNdy6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOHpXjZl9NOZ+8JV1ZXoTEwR6fbcMB8GA1UdIwQY
MBaAFDsTv4Ilkr0bVLd8wsHMQrKMzxZpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hPX2dpV1N2UnRVdDN6Q3djeENzb3pQRm1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9hNjQwNjEtNTJjOS00M2RjLTllZTAt
NWFmZGUyOTRkMWMyLzEvNGVsZU5tWDAwNW43d2xYVmxlaE1UQkhwOXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9hNjQwNjEtNTJjOS00M2RjLTllZTAtNWFmZGUyOTRkMWMy
LzEvT3hPX2dpV1N2UnRVdDN6Q3djeENzb3pQRm1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1bKPMA0G
CSqGSIb3DQEBCwUAA4IBAQCJnvC+Gc3zJbkBkOLBlArKxRI9Tc/Ita5hfJbqQVLs
d+l3XpDyu1jeJa+2kCzZlN9GVoRAchj9rCOcSNRtlFW0CPZXzHnvBIP+B5BGNM+v
nNpb+GUWir/w8B2q7WubZME9OM0Zgnu5cPSnIBiNfC0vCVDdMHJgstCBlEE/2O8q
6cv1/a05Vpov0yu2yP2B8/htoGDb7wp3p2YXDs8RNjUUUZvNmziH5+UN4RInbCNP
M16+31aaoTD0dMQa1+s+3yV0+f+KxdX8iGD/xccU/5ifKQI06NOAEOIEzq83dKxq
2gyhUYgkm3jW7mP4Ci63LT5K8WzExkgSYEcIs/+hi9Mm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:20 2025 by rpki-client