Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/GDi32Sl_OrQquHaF5eRnZJe-JNU.roa
File: GDi32Sl_OrQquHaF5eRnZJe-JNU.roa (raw, json)
Hash identifier: SiXuwxSrm46q0wZ0C2mDE4OXGGQ9n7xN1flM/SzNXRA=
Subject key identifier: 18:38:B7:D9:29:7F:3A:B4:2A:B8:76:85:E5:E4:67:64:97:BE:24:D5
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0194228DFBCFF47E2446A14FA3A672401CEE
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/GDi32Sl_OrQquHaF5eRnZJe-JNU.roa
Signing time: Wed 01 Jan 2025 15:48:37 +0000
ROA not before: Wed 01 Jan 2025 15:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 213.21.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fb:cf:f4:7e:24:46:a1:4f:a3:a6:72:40:1c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 1 15:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1838b7d9297f3ab42ab87685e5e4676497be24d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:18:ad:57:b9:77:39:b1:f8:b2:d0:76:18:6e:
60:92:2b:8a:40:e6:2b:bb:3f:02:75:96:07:86:0f:
88:a0:be:94:93:d8:e2:94:9d:7e:ed:8a:ec:0c:bb:
ba:2d:41:48:97:4b:43:0d:7e:65:f6:ec:ae:5d:2a:
b1:f5:31:12:f9:53:c9:80:06:c8:13:02:ae:c4:b0:
db:56:51:3d:dc:a5:3b:11:e6:2e:e0:45:6b:38:4b:
c7:f4:d3:97:6c:a0:18:9e:51:7e:ea:5e:d5:42:d7:
cf:a9:ec:6e:d8:8b:2d:93:0f:e5:da:3d:bd:6c:c1:
b6:55:0f:c6:4b:d2:b9:f6:b2:0c:b3:0a:9a:67:a0:
a4:a4:20:59:51:b3:84:b5:dc:6f:be:a1:6d:9a:94:
68:8d:3e:97:96:9a:f8:96:35:9f:11:db:89:79:a2:
fd:cb:0a:14:81:66:ea:0d:5f:34:54:18:b5:83:b4:
7b:d3:e2:b4:88:7e:60:86:58:09:af:fb:8f:c3:28:
53:e4:d2:72:c5:96:d3:ee:7d:a0:62:1c:d0:70:96:
d1:ef:48:a8:a2:71:ab:55:0d:ca:20:46:48:38:84:
9b:d2:b9:a4:00:cf:6e:8a:9d:19:ff:d4:98:67:12:
fb:a0:f7:b5:56:90:39:b8:6b:81:71:6e:22:fc:19:
b9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:38:B7:D9:29:7F:3A:B4:2A:B8:76:85:E5:E4:67:64:97:BE:24:D5
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/GDi32Sl_OrQquHaF5eRnZJe-JNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:a2:a6:78:0b:18:f4:9e:9c:46:7f:b8:fb:6a:b5:6e:79:1a:
26:ce:cf:5e:85:c4:35:f4:59:27:b2:c8:f5:70:fa:cb:ce:7f:
d6:8e:63:a9:55:d1:53:a9:a3:54:fa:fc:59:f5:d9:a8:e3:a9:
56:93:e3:e6:9b:2f:5e:54:ef:b1:55:e1:45:f1:a5:ae:1d:ad:
a3:57:99:58:8d:39:b6:19:5f:da:b9:8e:69:7b:e7:f9:c5:af:
34:fe:51:71:e3:57:d1:36:dc:55:ed:e2:37:8b:10:05:84:89:
1c:17:75:1d:76:36:e5:dc:8f:86:49:6c:e3:2a:e2:8c:1f:9b:
92:68:18:df:94:ec:18:5d:05:b7:7c:41:37:7d:e9:86:c8:c7:
29:4e:43:b0:11:fa:96:34:d4:56:bb:73:70:32:0c:cd:63:3c:
e4:e9:9d:4b:de:42:64:12:e5:2a:04:54:5a:71:3e:65:09:b7:
76:88:69:eb:6f:fb:32:56:24:0a:aa:6d:5b:fa:1a:4f:b4:de:
fb:b5:ba:6e:1d:3d:71:7f:56:a5:03:84:32:9d:34:8f:d3:98:
a6:e9:68:07:d7:e1:58:bf:5f:b9:f5:f4:79:f7:de:41:6e:61:
22:a5:52:ea:17:5d:1e:7b:3e:c0:1f:82:2e:fa:1c:eb:8c:b3:
44:bc:8f:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfvP9H4kRqFPo6ZyQBzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwMTAxMTU0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODM4YjdkOTI5N2YzYWI0MmFiODc2ODVlNWU0Njc2NDk3YmUyNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxitV7l3ObH4stB2GG5gkiuKQOYr
uz8CdZYHhg+IoL6Uk9jilJ1+7YrsDLu6LUFIl0tDDX5l9uyuXSqx9TES+VPJgAbI
EwKuxLDbVlE93KU7EeYu4EVrOEvH9NOXbKAYnlF+6l7VQtfPqexu2Istkw/l2j29
bMG2VQ/GS9K59rIMswqaZ6CkpCBZUbOEtdxvvqFtmpRojT6Xlpr4ljWfEduJeaL9
ywoUgWbqDV80VBi1g7R70+K0iH5ghlgJr/uPwyhT5NJyxZbT7n2gYhzQcJbR70io
onGrVQ3KIEZIOISb0rmkAM9uip0Z/9SYZxL7oPe1VpA5uGuBcW4i/Bm5VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBg4t9kpfzq0Krh2heXkZ2SXviTVMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvR0RpMzJTbF9PclFxdUhhRjVlUm5aSmUtSk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXzMA0G
CSqGSIb3DQEBCwUAA4IBAQAroqZ4Cxj0npxGf7j7arVueRomzs9ehcQ19Fknssj1
cPrLzn/WjmOpVdFTqaNU+vxZ9dmo46lWk+Pmmy9eVO+xVeFF8aWuHa2jV5lYjTm2
GV/auY5pe+f5xa80/lFx41fRNtxV7eI3ixAFhIkcF3Uddjbl3I+GSWzjKuKMH5uS
aBjflOwYXQW3fEE3femGyMcpTkOwEfqWNNRWu3NwMgzNYzzk6Z1L3kJkEuUqBFRa
cT5lCbd2iGnrb/syViQKqm1b+hpPtN77tbpuHT1xf1alA4QynTSP05im6WgH1+FY
v1+59fR5995BbmEipVLqF10eez7AH4Iu+hzrjLNEvI+m
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:28:00 2025 by rpki-client