Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dU3qmUSa0GUKRhwNtqeBWyfdFgA.roa
File: dU3qmUSa0GUKRhwNtqeBWyfdFgA.roa (raw, json)
Hash identifier: +1noky3lUg4Xw21sSrzlUFu5e24FajFmXh8kqpW0IH8=
Subject key identifier: 75:4D:EA:99:44:9A:D0:65:0A:46:1C:0D:B6:A7:81:5B:27:DD:16:00
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0194228DFCA08986FB552E700AD6B295F2F2
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dU3qmUSa0GUKRhwNtqeBWyfdFgA.roa
Signing time: Wed 01 Jan 2025 15:48:38 +0000
ROA not before: Wed 01 Jan 2025 15:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51396
IP address blocks: 213.21.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fc:a0:89:86:fb:55:2e:70:0a:d6:b2:95:f2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 1 15:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=754dea99449ad0650a461c0db6a7815b27dd1600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bf:11:0c:23:1d:71:3d:d1:28:a9:29:a9:1d:
7e:eb:6f:ab:25:da:4f:13:aa:53:7d:d3:8f:fc:4f:
18:a7:dd:05:6c:d3:0b:57:1b:34:aa:d7:5f:d9:3c:
d3:41:35:19:be:ce:74:49:0a:4d:20:e6:75:8a:d4:
c8:00:f5:8a:f3:00:3b:f6:b0:85:15:d1:11:53:bb:
28:42:ff:5f:b6:ae:28:6b:3a:20:c0:4d:b5:36:05:
d5:60:10:b7:cf:27:cf:7d:08:5d:53:a5:cf:71:a9:
02:70:ea:24:1c:d3:aa:c3:86:8b:82:ff:25:b1:97:
1c:df:3e:e2:17:d9:b8:e8:76:3a:1e:31:98:e0:44:
fb:80:75:56:3a:83:30:a7:de:98:b7:45:fa:33:2a:
cb:a2:b2:f2:b6:57:76:a4:b1:e4:79:99:ea:ac:ca:
ac:45:5e:96:c4:d5:56:c7:bf:63:01:76:6a:7f:10:
54:fc:d2:e5:53:6e:1a:81:15:72:d3:42:59:78:33:
32:0e:74:45:fd:23:ce:38:bf:11:3f:b2:fe:5a:f5:
c0:1c:36:97:e6:d4:cb:66:0b:35:d5:e8:3d:80:4c:
59:66:6d:8f:d4:57:f8:33:8c:ba:c7:d6:a3:b8:88:
8e:fc:be:6a:fa:bd:ce:46:94:90:34:c6:05:93:d8:
5d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4D:EA:99:44:9A:D0:65:0A:46:1C:0D:B6:A7:81:5B:27:DD:16:00
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dU3qmUSa0GUKRhwNtqeBWyfdFgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.232.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ec:c9:0b:30:c9:96:fa:e1:c6:1e:9e:ca:ad:cd:a1:3b:10:
ad:97:9e:50:16:87:d0:af:dc:02:65:e4:09:78:25:92:a6:99:
8a:03:14:48:42:53:0d:af:ae:69:d7:e0:a0:a2:a0:aa:aa:58:
a0:08:3a:05:5c:8f:46:01:8d:5b:f4:0c:e7:8c:6b:f1:97:bc:
35:b6:7e:8e:4d:0e:83:80:8f:25:8a:d2:aa:d7:00:8c:be:3d:
c9:00:0b:5b:ab:b4:a0:f1:9c:f7:03:ed:d6:15:bc:b5:b7:d6:
3b:82:e8:da:5e:a2:c5:cf:f0:d6:3f:70:57:d3:73:f6:db:d5:
8d:06:56:9d:2b:fc:76:c4:d9:8d:fc:1d:11:74:6f:01:bc:b4:
34:7d:fc:09:f1:97:a8:95:a7:e9:fb:d9:c1:02:d9:79:95:0a:
12:d7:9d:d8:b5:f7:e6:28:6c:1e:86:0a:b7:41:df:31:eb:da:
be:45:8b:59:f8:5a:d8:66:07:ce:e3:8d:e6:4d:e5:53:7a:24:
62:bb:1a:30:cc:92:8d:9e:da:75:fa:b7:f0:fa:75:75:c7:de:
5b:59:46:e3:11:06:0b:cc:60:42:90:be:e8:34:4c:5a:ee:28:
26:8b:9b:e2:50:1e:fb:df:b6:d4:a5:b2:ab:4e:03:6a:6e:88:
f6:ca:8d:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfygiYb7VS5wCtaylfLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwMTAxMTU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTRkZWE5OTQ0OWFkMDY1MGE0NjFjMGRiNmE3ODE1YjI3ZGQxNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5L8RDCMdcT3RKKkpqR1+62+rJdpP
E6pTfdOP/E8Yp90FbNMLVxs0qtdf2TzTQTUZvs50SQpNIOZ1itTIAPWK8wA79rCF
FdERU7soQv9ftq4oazogwE21NgXVYBC3zyfPfQhdU6XPcakCcOokHNOqw4aLgv8l
sZcc3z7iF9m46HY6HjGY4ET7gHVWOoMwp96Yt0X6MyrLorLytld2pLHkeZnqrMqs
RV6WxNVWx79jAXZqfxBU/NLlU24agRVy00JZeDMyDnRF/SPOOL8RP7L+WvXAHDaX
5tTLZgs11eg9gExZZm2P1Ff4M4y6x9ajuIiO/L5q+r3ORpSQNMYFk9hd3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHVN6plEmtBlCkYcDbangVsn3RYAMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvZFUzcW1VU2EwR1VLUmh3TnRxZUJXeWZkRmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXoMA0G
CSqGSIb3DQEBCwUAA4IBAQAV7MkLMMmW+uHGHp7Krc2hOxCtl55QFofQr9wCZeQJ
eCWSppmKAxRIQlMNr65p1+CgoqCqqligCDoFXI9GAY1b9AznjGvxl7w1tn6OTQ6D
gI8litKq1wCMvj3JAAtbq7Sg8Zz3A+3WFby1t9Y7gujaXqLFz/DWP3BX03P229WN
BladK/x2xNmN/B0RdG8BvLQ0ffwJ8Zeolafp+9nBAtl5lQoS153YtffmKGwehgq3
Qd8x69q+RYtZ+FrYZgfO443mTeVTeiRiuxowzJKNntp1+rfw+nV1x95bWUbjEQYL
zGBCkL7oNExa7igmi5viUB7737bUpbKrTgNqboj2yo37
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:07:53 2025 by rpki-client