Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11df3c-c42a-49cc-956b-2a72176d0abf/1/qeVR6Y0Vn10liar0P8ZD-sAkjM0.roa
File: qeVR6Y0Vn10liar0P8ZD-sAkjM0.roa (raw, json)
Hash identifier: goRKBZZpQ7OPVKsJGI9xwhehMqzYudaQXTJjFjlZgpk=
Subject key identifier: A9:E5:51:E9:8D:15:9F:5D:25:89:AA:F4:3F:C6:43:FA:C0:24:8C:CD
Certificate issuer: /CN=efd250f341ffcc3613b599ea96e0d19c2e6fe350
Certificate serial: 018CC2DAC34329A23A57065259823C572709
Authority key identifier: EF:D2:50:F3:41:FF:CC:36:13:B5:99:EA:96:E0:D1:9C:2E:6F:E3:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79JQ80H_zDYTtZnqluDRnC5v41A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/11df3c-c42a-49cc-956b-2a72176d0abf/1/qeVR6Y0Vn10liar0P8ZD-sAkjM0.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13054
IP address blocks: 213.164.64.0/19 maxlen: 24
2a03:3500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c3:43:29:a2:3a:57:06:52:59:82:3c:57:27:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efd250f341ffcc3613b599ea96e0d19c2e6fe350
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9e551e98d159f5d2589aaf43fc643fac0248ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b3:43:af:de:90:b5:3e:1b:b8:38:2a:43:4c:
eb:e8:59:48:d8:34:7f:12:60:31:af:24:a6:4d:78:
7c:26:85:08:c5:f5:e1:2f:aa:d8:8a:44:2f:9d:75:
30:3a:46:4d:b1:41:2f:2d:19:0d:24:d7:51:4a:8c:
66:85:8f:4b:7e:6f:e8:67:ba:6e:51:d0:08:81:fb:
22:cf:4c:72:1b:e1:9d:f2:db:7d:d5:7c:d0:69:34:
cf:5b:5b:2b:49:af:0d:1d:d8:31:35:88:79:4e:13:
78:50:ea:10:ce:ac:1e:5c:1e:e3:e3:b2:05:08:59:
48:a5:d2:88:7d:cd:8f:6b:a8:11:80:f8:7f:85:64:
91:2e:89:91:65:3d:f0:29:eb:c2:1a:37:30:1f:26:
15:f0:ad:cd:5f:3f:3e:05:d4:64:f2:11:05:18:6a:
33:da:a4:d3:91:4d:c3:68:02:fc:87:be:bc:20:7e:
38:79:b0:02:0f:bb:bb:57:6f:e5:cd:67:86:42:d2:
b7:48:0d:4d:23:a2:ef:a0:1d:e2:a5:c2:f8:60:d2:
bd:27:eb:d0:37:9a:d3:c3:9e:6b:ee:a7:5a:2f:ca:
10:8d:ed:1c:14:02:e7:a9:5f:c4:d7:67:fa:a5:1b:
b8:65:9f:c1:89:3a:d5:2d:cc:0d:91:0e:ab:83:83:
0a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E5:51:E9:8D:15:9F:5D:25:89:AA:F4:3F:C6:43:FA:C0:24:8C:CD
X509v3 Authority Key Identifier:
keyid:EF:D2:50:F3:41:FF:CC:36:13:B5:99:EA:96:E0:D1:9C:2E:6F:E3:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79JQ80H_zDYTtZnqluDRnC5v41A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11df3c-c42a-49cc-956b-2a72176d0abf/1/qeVR6Y0Vn10liar0P8ZD-sAkjM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11df3c-c42a-49cc-956b-2a72176d0abf/1/79JQ80H_zDYTtZnqluDRnC5v41A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.164.64.0/19
IPv6:
2a03:3500::/32
Signature Algorithm: sha256WithRSAEncryption
b4:eb:85:ce:08:aa:08:84:43:5a:6c:ce:f4:f6:91:17:78:54:
11:a9:6c:95:33:70:f8:a5:23:25:cb:d3:16:9f:a9:ec:36:14:
ca:9c:d6:23:c7:57:93:42:01:74:8c:56:d0:50:a2:7c:8c:78:
6e:17:8a:4a:00:2c:21:f9:b1:50:1e:d2:71:68:4d:62:ca:25:
cc:32:12:dc:8e:0e:d3:db:35:18:80:6d:da:2c:55:5c:30:d2:
d9:78:58:80:38:8e:23:b9:25:34:2b:3f:b1:4d:e7:6d:2e:72:
d2:5b:f6:65:f2:11:37:9f:fc:0a:1e:ed:06:3f:63:56:78:fd:
94:d1:2d:04:87:03:4c:5c:a2:52:a4:b2:cf:a7:26:7b:e4:57:
50:02:b2:61:2e:92:a9:a1:c4:06:56:ae:0f:26:7d:81:57:d3:
62:25:20:12:1b:8e:57:86:ca:dc:bd:94:9d:80:e7:7f:85:bb:
0d:0f:cc:4d:59:27:14:68:41:24:70:e4:0f:ae:98:46:a5:ee:
8e:66:81:cb:cb:13:be:62:71:73:36:14:0b:35:1b:2b:7c:0e:
89:c1:0a:ad:97:72:fb:54:3f:9c:cb:46:8b:df:7c:5d:11:98:
66:9b:4b:43:b4:5f:a1:de:c4:b0:4a:ac:09:8a:84:d7:d8:a3:
f1:f5:a8:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2sNDKaI6VwZSWYI8VycJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZDI1MGYzNDFmZmNjMzYxM2I1OTllYTk2ZTBkMTljMmU2
ZmUzNTAwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU1NTFlOThkMTU5ZjVkMjU4OWFhZjQzZmM2NDNmYWMwMjQ4Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLNDr96QtT4buDgqQ0zr6FlI2DR/
EmAxrySmTXh8JoUIxfXhL6rYikQvnXUwOkZNsUEvLRkNJNdRSoxmhY9Lfm/oZ7pu
UdAIgfsiz0xyG+Gd8tt91XzQaTTPW1srSa8NHdgxNYh5ThN4UOoQzqweXB7j47IF
CFlIpdKIfc2Pa6gRgPh/hWSRLomRZT3wKevCGjcwHyYV8K3NXz8+BdRk8hEFGGoz
2qTTkU3DaAL8h768IH44ebACD7u7V2/lzWeGQtK3SA1NI6LvoB3ipcL4YNK9J+vQ
N5rTw55r7qdaL8oQje0cFALnqV/E12f6pRu4ZZ/BiTrVLcwNkQ6rg4MKGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKnlUemNFZ9dJYmq9D/GQ/rAJIzNMB8GA1UdIwQY
MBaAFO/SUPNB/8w2E7WZ6pbg0Zwub+NQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzlKUTgwSF96RFlUdFpucWx1RFJuQzV2NDFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xMWRmM2MtYzQyYS00OWNjLTk1NmIt
MmE3MjE3NmQwYWJmLzEvcWVWUjZZMFZuMTBsaWFyMFA4WkQtc0Frak0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xMWRmM2MtYzQyYS00OWNjLTk1NmItMmE3MjE3NmQwYWJm
LzEvNzlKUTgwSF96RFlUdFpucWx1RFJuQzV2NDFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1aRAMA0E
AgACMAcDBQAqAzUAMA0GCSqGSIb3DQEBCwUAA4IBAQC064XOCKoIhENabM709pEX
eFQRqWyVM3D4pSMly9MWn6nsNhTKnNYjx1eTQgF0jFbQUKJ8jHhuF4pKACwh+bFQ
HtJxaE1iyiXMMhLcjg7T2zUYgG3aLFVcMNLZeFiAOI4juSU0Kz+xTedtLnLSW/Zl
8hE3n/wKHu0GP2NWeP2U0S0EhwNMXKJSpLLPpyZ75FdQArJhLpKpocQGVq4PJn2B
V9NiJSASG45XhsrcvZSdgOd/hbsND8xNWScUaEEkcOQPrphGpe6OZoHLyxO+YnFz
NhQLNRsrfA6JwQqtl3L7VD+cy0aL33xdEZhmm0tDtF+h3sSwSqwJioTX2KPx9ajc
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:12:16 2025 by rpki-client