Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/47Db6II4VWguGq1fmON_zyxfDTw.roa
File: 47Db6II4VWguGq1fmON_zyxfDTw.roa (raw, json)
Hash identifier: EtXOL534BY7YerRgShjwEr47qYY33r1iCEI0u/06D0o=
Subject key identifier: E3:B0:DB:E8:82:38:55:68:2E:1A:AD:5F:98:E3:7F:CF:2C:5F:0D:3C
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0194228DFC73B8620D1EA175FEBA68889A50
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/47Db6II4VWguGq1fmON_zyxfDTw.roa
Signing time: Wed 01 Jan 2025 15:48:38 +0000
ROA not before: Wed 01 Jan 2025 15:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51017
IP address blocks: 213.21.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fc:73:b8:62:0d:1e:a1:75:fe:ba:68:88:9a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 1 15:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3b0dbe8823855682e1aad5f98e37fcf2c5f0d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cd:75:f7:2e:75:c4:02:60:05:73:29:32:0a:
4a:61:ea:c1:c8:17:2f:ff:dd:ca:82:58:84:2e:f3:
84:8f:8d:ea:12:3d:59:bb:7c:e7:64:1f:6b:1a:87:
04:7c:c4:e7:90:de:50:32:4d:14:c4:d3:21:6a:ef:
fe:d2:ea:50:7c:1c:cf:75:7a:3a:da:bc:c1:1b:14:
52:26:af:69:3c:35:e1:68:02:62:80:16:7e:7f:60:
38:69:49:6c:1e:e4:50:7f:18:16:e8:fd:d2:c9:c5:
c2:88:4b:e4:0d:1e:1a:b4:f9:2e:e3:f8:72:66:8d:
69:7d:6b:71:81:17:ba:69:53:5c:75:a9:64:e2:37:
65:93:da:4e:5a:06:95:f1:97:f4:72:da:41:c9:53:
e9:71:2b:4b:b5:93:be:53:ce:1c:35:53:44:e8:f5:
02:c8:ef:45:b4:75:34:61:3a:da:65:ff:6a:b2:4d:
9e:54:c3:f0:49:b4:a2:b8:a2:45:25:25:ba:1e:14:
bf:d6:2f:a5:4c:72:89:21:5e:36:1a:04:51:f1:39:
2b:95:58:54:cc:8d:2d:f7:3e:0e:78:53:48:d5:2c:
1f:ef:81:ce:4c:8b:fc:39:71:d1:75:e8:e2:00:46:
26:19:0a:72:00:5f:f4:3b:9c:56:d8:09:97:21:e8:
1e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B0:DB:E8:82:38:55:68:2E:1A:AD:5F:98:E3:7F:CF:2C:5F:0D:3C
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/47Db6II4VWguGq1fmON_zyxfDTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.220.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:8c:f9:00:a2:e7:42:c2:bb:3e:32:35:48:cc:7f:44:b7:0a:
34:1f:9a:e6:2b:01:77:f5:de:8a:87:d5:e8:51:4c:4d:64:11:
83:80:66:d1:be:f2:c1:6f:5f:90:09:29:77:c3:00:61:b3:f1:
56:a7:99:7a:c6:69:57:ad:13:11:5f:98:a7:d6:43:8e:d0:3d:
5f:3f:1a:6c:c4:85:85:7d:2e:d2:cb:4f:f8:d1:66:27:74:15:
4f:b8:28:2b:76:bd:1c:66:7b:24:26:a9:8e:78:4c:58:83:b1:
66:63:00:d9:f3:d2:46:0a:5b:e1:b0:48:15:e0:62:56:a2:13:
59:22:35:9a:99:f0:4e:38:48:f2:cf:ac:78:63:2e:9a:77:81:
92:18:42:71:40:88:fb:e3:45:82:a1:6b:fc:23:81:39:90:e4:
ad:21:1f:6c:39:5c:ba:87:ea:8c:b0:9b:10:b7:77:de:2b:25:
1b:c5:db:b1:53:75:2d:35:d5:e9:93:e2:a5:17:80:36:44:32:
4b:2b:f7:1f:44:7b:0f:b7:5f:89:88:a8:4d:8e:ad:30:1a:43:
79:1f:d2:82:a8:61:84:40:b0:07:c3:86:08:5b:aa:af:ae:b8:
19:d1:3f:09:72:14:32:23:bf:48:56:04:82:15:48:da:6b:4f:
63:51:df:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfxzuGINHqF1/rpoiJpQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwMTAxMTU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2IwZGJlODgyMzg1NTY4MmUxYWFkNWY5OGUzN2ZjZjJjNWYwZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc119y51xAJgBXMpMgpKYerByBcv
/93KgliELvOEj43qEj1Zu3znZB9rGocEfMTnkN5QMk0UxNMhau/+0upQfBzPdXo6
2rzBGxRSJq9pPDXhaAJigBZ+f2A4aUlsHuRQfxgW6P3SycXCiEvkDR4atPku4/hy
Zo1pfWtxgRe6aVNcdalk4jdlk9pOWgaV8Zf0ctpByVPpcStLtZO+U84cNVNE6PUC
yO9FtHU0YTraZf9qsk2eVMPwSbSiuKJFJSW6HhS/1i+lTHKJIV42GgRR8TkrlVhU
zI0t9z4OeFNI1Swf74HOTIv8OXHRdejiAEYmGQpyAF/0O5xW2AmXIegeaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOw2+iCOFVoLhqtX5jjf88sXw08MB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvNDdEYjZJSTRWV2d1R3ExZm1PTl96eXhmRFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXcMA0G
CSqGSIb3DQEBCwUAA4IBAQBsjPkAoudCwrs+MjVIzH9Etwo0H5rmKwF39d6Kh9Xo
UUxNZBGDgGbRvvLBb1+QCSl3wwBhs/FWp5l6xmlXrRMRX5in1kOO0D1fPxpsxIWF
fS7Sy0/40WYndBVPuCgrdr0cZnskJqmOeExYg7FmYwDZ89JGClvhsEgV4GJWohNZ
IjWamfBOOEjyz6x4Yy6ad4GSGEJxQIj740WCoWv8I4E5kOStIR9sOVy6h+qMsJsQ
t3feKyUbxduxU3UtNdXpk+KlF4A2RDJLK/cfRHsPt1+JiKhNjq0wGkN5H9KCqGGE
QLAHw4YIW6qvrrgZ0T8JchQyI79IVgSCFUjaa09jUd+L
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:30 2025 by rpki-client