Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/TdRFPSiE6z0QGX9lW2WUDs-qrvc.roa
File: TdRFPSiE6z0QGX9lW2WUDs-qrvc.roa (raw, json)
Hash identifier: uIOA5ClG5A+YjWezToN8AYQViV6aWN3VOQLxA91W/R8=
Subject key identifier: 4D:D4:45:3D:28:84:EB:3D:10:19:7F:65:5B:65:94:0E:CF:AA:AE:F7
Certificate issuer: /CN=18886007da1730b0770d8604db73d12fd264f3f9
Certificate serial: 019422FB27192FFC3AA7841360954A37068E
Authority key identifier: 18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/TdRFPSiE6z0QGX9lW2WUDs-qrvc.roa
Signing time: Wed 01 Jan 2025 17:47:52 +0000
ROA not before: Wed 01 Jan 2025 17:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56621
IP address blocks: 213.171.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:27:19:2f:fc:3a:a7:84:13:60:95:4a:37:06:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18886007da1730b0770d8604db73d12fd264f3f9
Validity
Not Before: Jan 1 17:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dd4453d2884eb3d10197f655b65940ecfaaaef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:eb:a5:46:d9:92:ec:ee:34:db:b6:f7:1c:eb:
3f:02:8a:57:ab:53:69:c8:60:7b:33:86:85:f4:85:
3a:30:5d:6b:e5:40:25:cb:73:9d:9d:f2:42:f9:52:
7b:c9:98:e7:bf:9e:54:8b:d4:b3:78:2d:b1:3d:98:
d7:4b:57:da:81:26:32:95:6e:6c:c4:ca:4a:0d:7a:
fd:33:65:90:10:f4:bb:ba:8d:f2:41:87:44:fb:dc:
a7:2d:20:70:2c:eb:42:07:67:bb:8a:68:fe:73:9b:
0d:46:b5:48:88:d5:6d:33:cd:e2:da:4e:43:22:b4:
77:a4:18:81:e7:9c:5d:9d:bb:89:e7:5f:29:d2:8d:
23:e3:82:c7:fd:ea:5c:35:39:93:e5:74:d8:fb:93:
ba:7f:95:0b:9a:75:9d:f3:98:c1:87:a7:a5:10:62:
0e:25:ac:82:61:37:f6:af:bd:48:73:69:71:c5:15:
92:71:26:61:9a:a5:7e:99:fb:25:60:b2:24:94:5f:
0e:4e:22:b9:82:e6:1c:93:73:ae:7d:89:1e:d0:5a:
26:52:0c:4a:84:4d:cd:ea:7c:70:5d:a3:0a:ba:40:
e6:c5:94:40:4d:af:10:ba:7b:19:5e:af:0f:68:78:
c6:be:70:c0:b9:56:ad:89:8a:ae:fb:1e:64:4e:4e:
23:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D4:45:3D:28:84:EB:3D:10:19:7F:65:5B:65:94:0E:CF:AA:AE:F7
X509v3 Authority Key Identifier:
keyid:18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/TdRFPSiE6z0QGX9lW2WUDs-qrvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.0.0/24
Signature Algorithm: sha256WithRSAEncryption
97:b8:1c:12:ee:a6:a0:81:6c:d6:48:ef:2f:99:f5:9a:ca:c2:
18:94:fc:0b:95:37:4b:ee:3e:3d:b5:ee:b1:ca:bf:9b:2b:73:
db:1b:9d:4e:3d:89:82:a5:fa:3e:82:31:0f:3a:bd:2c:3e:50:
f7:b7:c1:39:95:15:2a:7b:c8:fd:f8:d1:aa:54:22:38:6e:7d:
62:3b:d8:50:a3:64:1e:6d:b8:0f:9d:77:bb:4c:80:6a:0a:ef:
fc:ab:d8:7f:10:c2:1a:b2:33:60:06:78:a3:d6:eb:dc:ed:cd:
35:cb:4c:68:65:2b:bd:d9:c6:4a:af:82:af:c0:c4:1a:57:86:
cf:80:93:de:33:e1:0c:35:66:bd:9f:a5:80:3f:7f:80:99:12:
c1:a8:d5:51:f7:60:b7:42:1f:fa:a4:69:f5:02:ec:94:76:03:
d6:a6:dd:5a:83:06:12:60:08:0f:a8:c8:f0:28:b5:68:09:be:
d3:b1:9f:86:15:56:55:ed:3e:8e:19:63:c0:f6:33:2e:f2:93:
16:1f:89:80:40:f4:7f:fe:11:5b:f6:fe:b7:e5:07:94:9d:81:
6a:e3:61:a6:d3:26:2b:37:da:d5:49:42:65:03:af:74:5b:45:
87:da:17:9c:a4:a0:dd:df:f1:df:64:13:4b:fb:17:9a:93:43:
20:a1:3b:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+ycZL/w6p4QTYJVKNwaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ODg2MDA3ZGExNzMwYjA3NzBkODYwNGRiNzNkMTJmZDI2
NGYzZjkwHhcNMjUwMTAxMTc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGQ0NDUzZDI4ODRlYjNkMTAxOTdmNjU1YjY1OTQwZWNmYWFhZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeulRtmS7O4027b3HOs/AopXq1Np
yGB7M4aF9IU6MF1r5UAly3OdnfJC+VJ7yZjnv55Ui9SzeC2xPZjXS1fagSYylW5s
xMpKDXr9M2WQEPS7uo3yQYdE+9ynLSBwLOtCB2e7imj+c5sNRrVIiNVtM83i2k5D
IrR3pBiB55xdnbuJ518p0o0j44LH/epcNTmT5XTY+5O6f5ULmnWd85jBh6elEGIO
JayCYTf2r71Ic2lxxRWScSZhmqV+mfslYLIklF8OTiK5guYck3OufYke0FomUgxK
hE3N6nxwXaMKukDmxZRATa8QunsZXq8PaHjGvnDAuVatiYqu+x5kTk4j5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE3URT0ohOs9EBl/ZVtllA7Pqq73MB8GA1UdIwQY
MBaAFBiIYAfaFzCwdw2GBNtz0S/SZPP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEt
MTY5YzgzNmJkNmIwLzEvVGRSRlBTaUU2ejBRR1g5bFcyV1VEcy1xcnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEtMTY5YzgzNmJkNmIw
LzEvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1asAMA0G
CSqGSIb3DQEBCwUAA4IBAQCXuBwS7qaggWzWSO8vmfWaysIYlPwLlTdL7j49te6x
yr+bK3PbG51OPYmCpfo+gjEPOr0sPlD3t8E5lRUqe8j9+NGqVCI4bn1iO9hQo2Qe
bbgPnXe7TIBqCu/8q9h/EMIasjNgBnij1uvc7c01y0xoZSu92cZKr4KvwMQaV4bP
gJPeM+EMNWa9n6WAP3+AmRLBqNVR92C3Qh/6pGn1AuyUdgPWpt1agwYSYAgPqMjw
KLVoCb7TsZ+GFVZV7T6OGWPA9jMu8pMWH4mAQPR//hFb9v635QeUnYFq42Gm0yYr
N9rVSUJlA690W0WH2hecpKDd3/HfZBNL+xeak0MgoTvG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:32 2025 by rpki-client