Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/1heB0YuNq-USGUveTj29qvEG1XU.roa
File: 1heB0YuNq-USGUveTj29qvEG1XU.roa (raw, json)
Hash identifier: 0NZHYUEHQ1C7qLoCH8KkLUBz6NfTEtAiQEDR0MzkAeo=
Subject key identifier: D6:17:81:D1:8B:8D:AB:E5:12:19:4B:DE:4E:3D:BD:AA:F1:06:D5:75
Certificate issuer: /CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd
Certificate serial: 019425FC350010A33C8331D00E37F2DFE146
Authority key identifier: 12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/1heB0YuNq-USGUveTj29qvEG1XU.roa
Signing time: Thu 02 Jan 2025 07:47:52 +0000
ROA not before: Thu 02 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329272
IP address blocks: 213.148.16.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:35:00:10:a3:3c:83:31:d0:0e:37:f2:df:e1:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd
Validity
Not Before: Jan 2 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d61781d18b8dabe512194bde4e3dbdaaf106d575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6d:95:1a:aa:fd:f3:66:0a:90:1f:e3:3b:46:
b7:4b:1a:cf:75:81:09:67:3c:88:98:87:60:ac:1a:
38:b3:b5:87:91:a8:9c:e0:0b:84:d0:48:01:b6:f8:
85:a4:8d:45:0b:15:37:99:8d:cb:b5:b0:8e:ab:98:
bb:0d:95:f0:aa:b1:b2:3c:52:d3:52:f0:e6:5d:f0:
c7:e2:ac:73:b9:de:48:f2:31:7c:7f:a8:e0:31:ea:
15:76:cf:27:0f:fe:0a:6b:5b:8c:29:ed:ea:8a:f1:
d4:6c:33:96:a4:fe:ba:d1:cf:a4:ab:18:48:de:1a:
67:46:fe:6c:5f:7d:35:22:d7:d6:d6:cb:2d:a4:89:
8f:72:a6:0e:7b:c7:10:f7:d8:40:45:cb:60:48:50:
2c:45:5b:90:78:fc:2b:d3:3e:24:ec:71:1b:36:93:
ce:ef:2e:43:1d:c1:63:c6:32:29:9d:43:06:90:3f:
05:da:b4:71:f0:78:dd:bd:a2:f9:4e:43:90:ae:d3:
85:cb:62:a1:07:71:29:9e:49:3f:2f:77:76:2e:24:
ab:bc:26:6e:d0:48:5e:eb:48:5f:1d:91:f9:22:ee:
27:58:98:98:a6:98:20:94:65:ba:f8:8d:98:be:59:
b9:5f:9a:47:0b:d3:71:9d:c5:9b:b2:56:28:f4:33:
6d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:17:81:D1:8B:8D:AB:E5:12:19:4B:DE:4E:3D:BD:AA:F1:06:D5:75
X509v3 Authority Key Identifier:
keyid:12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/1heB0YuNq-USGUveTj29qvEG1XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.148.16.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:20:2d:e5:c2:b0:2d:28:2e:0f:95:7f:da:dc:8e:b8:57:68:
b4:2b:60:8b:6e:5e:63:ad:90:c9:fa:af:76:35:d8:04:f5:55:
6c:72:60:6e:d0:0f:e3:e2:17:0c:9f:60:3a:a1:1c:43:3e:fc:
dc:56:ed:3d:8b:c6:6f:33:fe:ff:c2:e7:89:d2:e1:2f:18:62:
a0:e2:4b:f0:da:ed:be:1f:81:20:84:d8:7a:8e:44:75:d7:3c:
29:b8:47:fa:55:b5:27:02:b6:75:5a:ee:6f:1b:40:c0:2a:eb:
4e:b1:70:e5:6d:eb:20:be:4e:40:f8:55:50:62:01:a5:74:a7:
16:93:90:49:2c:1a:0c:d0:36:c5:36:a9:b0:b7:05:bd:80:30:
76:b0:ab:39:d0:57:52:ed:3e:55:83:df:6b:bb:c3:29:7b:ec:
df:37:06:46:7f:f1:ca:39:c5:47:a5:9c:17:7d:7b:ce:94:e2:
fb:37:7a:8e:fb:89:69:67:be:06:da:91:85:e8:9c:cc:74:a7:
ed:6d:3f:eb:94:09:cf:ca:ac:6e:77:10:1a:e3:fa:69:15:1e:
97:51:dd:84:f7:4e:98:28:73:41:15:b4:bc:8c:00:8a:4a:41:
e5:51:52:38:f4:fd:55:d5:61:d0:bd:cf:55:f2:97:21:9c:da:
6e:b6:a7:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/DUAEKM8gzHQDjfy3+FGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOTQ2MmQ0NWI4YWI5NWQ0YzM1YzQwMjY1YjMxYjUyYmYx
ZThkYmQwHhcNMjUwMTAyMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE3ODFkMThiOGRhYmU1MTIxOTRiZGU0ZTNkYmRhYWYxMDZkNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv22VGqr982YKkB/jO0a3SxrPdYEJ
ZzyImIdgrBo4s7WHkaic4AuE0EgBtviFpI1FCxU3mY3LtbCOq5i7DZXwqrGyPFLT
UvDmXfDH4qxzud5I8jF8f6jgMeoVds8nD/4Ka1uMKe3qivHUbDOWpP660c+kqxhI
3hpnRv5sX301ItfW1sstpImPcqYOe8cQ99hARctgSFAsRVuQePwr0z4k7HEbNpPO
7y5DHcFjxjIpnUMGkD8F2rRx8HjdvaL5TkOQrtOFy2KhB3Epnkk/L3d2LiSrvCZu
0Ehe60hfHZH5Iu4nWJiYppgglGW6+I2Yvlm5X5pHC9NxncWbslYo9DNtVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYXgdGLjavlEhlL3k49varxBtV1MB8GA1UdIwQY
MBaAFBKUYtRbirldTDXEAmWzG1K/Ho29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQt
M2EzODkzMzJmNzlmLzEvMWhlQjBZdU5xLVVTR1V2ZVRqMjlxdkVHMVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQtM2EzODkzMzJmNzlm
LzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1ZQQMA0G
CSqGSIb3DQEBCwUAA4IBAQA8IC3lwrAtKC4PlX/a3I64V2i0K2CLbl5jrZDJ+q92
NdgE9VVscmBu0A/j4hcMn2A6oRxDPvzcVu09i8ZvM/7/wueJ0uEvGGKg4kvw2u2+
H4EghNh6jkR11zwpuEf6VbUnArZ1Wu5vG0DAKutOsXDlbesgvk5A+FVQYgGldKcW
k5BJLBoM0DbFNqmwtwW9gDB2sKs50FdS7T5Vg99ru8Mpe+zfNwZGf/HKOcVHpZwX
fXvOlOL7N3qO+4lpZ74G2pGF6JzMdKftbT/rlAnPyqxudxAa4/ppFR6XUd2E906Y
KHNBFbS8jACKSkHlUVI49P1V1WHQvc9V8pchnNputqdi
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:32 2025 by rpki-client