Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/o_v7snkyubhU1g9qF8yiT78hqA8.roa
File: o_v7snkyubhU1g9qF8yiT78hqA8.roa (raw, json)
Hash identifier: +ybTIrhiV7OhOvFSHVqhrDoBOqjxSGct0vsQWY182NY=
Subject key identifier: A3:FB:FB:B2:79:32:B9:B8:54:D6:0F:6A:17:CC:A2:4F:BF:21:A8:0F
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0193C9F90DB3FC84E181D188E55449D5A24E
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/o_v7snkyubhU1g9qF8yiT78hqA8.roa
Signing time: Sun 15 Dec 2024 10:59:22 +0000
ROA not before: Sun 15 Dec 2024 10:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199152
IP address blocks: 213.21.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c9:f9:0d:b3:fc:84:e1:81:d1:88:e5:54:49:d5:a2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Dec 15 10:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3fbfbb27932b9b854d60f6a17cca24fbf21a80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4d:e4:eb:1e:33:1d:b4:69:30:62:02:a4:76:
60:cf:ea:f7:7b:a5:2b:4d:9b:89:41:35:ed:9f:0c:
c8:94:7c:24:bd:ec:0c:62:32:a5:04:2d:bb:68:c6:
86:91:37:76:f3:f2:10:c0:f8:35:6b:4e:d0:ba:16:
e5:28:de:33:97:17:34:b4:07:e7:06:1e:77:78:83:
e7:cb:99:5f:eb:9a:3f:b8:0c:71:40:1d:56:05:52:
70:6f:2d:8f:09:d9:ae:bc:fd:82:d9:b3:6d:4d:4d:
bb:58:06:f1:95:90:43:7d:a1:d4:f7:c7:1c:5b:0f:
a6:98:64:88:3d:8c:33:f5:97:be:2c:1a:71:16:7b:
63:ac:15:f2:4b:b1:63:74:6a:39:63:6e:84:b3:7b:
85:d8:34:c9:c9:35:86:27:46:67:de:af:5b:56:24:
84:db:98:31:a2:00:4c:fc:3b:6d:ec:0f:4d:13:84:
73:f4:fe:9b:2f:da:b2:2b:d1:7f:71:ff:56:56:e8:
3c:c8:f0:52:a6:1d:50:fd:36:e4:5e:0e:f3:4b:c6:
a1:46:d4:b4:d0:1d:6a:72:97:13:d7:eb:93:6d:bf:
01:f6:01:93:87:14:17:07:ac:0d:59:8c:27:70:a3:
96:88:af:31:6d:e5:c3:44:ae:c1:7e:2f:ee:3b:30:
ee:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FB:FB:B2:79:32:B9:B8:54:D6:0F:6A:17:CC:A2:4F:BF:21:A8:0F
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/o_v7snkyubhU1g9qF8yiT78hqA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.222.0/24
Signature Algorithm: sha256WithRSAEncryption
14:b5:fc:c2:6c:93:de:b6:a6:f3:18:27:19:13:bc:16:23:04:
9b:ca:96:3e:c6:2e:a7:83:c1:56:99:d9:35:3b:27:fe:2b:fe:
0f:ff:4a:24:d4:6e:cd:fd:69:44:e3:dc:a0:ec:65:73:4e:4a:
b0:17:4f:58:83:45:b6:83:53:65:2f:ce:38:dc:58:d7:ac:d1:
e9:ce:d4:90:90:b9:e5:00:20:ff:fa:54:c9:8a:38:7d:c8:c5:
03:92:7c:0d:fc:11:d2:26:ec:78:8f:e5:30:e1:7b:1c:c1:93:
47:ed:08:d1:5a:46:b9:a5:32:3f:1d:2d:52:2b:6d:50:a9:a4:
0e:56:fc:6f:38:b9:d3:8e:f8:3b:36:f8:34:0e:9b:fc:a9:7b:
15:20:a0:5a:fc:d0:1c:e1:60:3a:e0:21:55:e2:4f:19:17:9b:
50:27:79:8f:ed:56:6f:4a:f6:ef:c7:d6:7f:85:07:e4:6f:82:
1b:ca:bb:4b:14:9e:41:7c:21:ea:ef:b3:ff:78:b0:88:88:34:
6c:48:b7:b5:db:22:17:0f:0f:1f:35:65:c2:86:37:d7:00:3a:
11:6e:7b:3a:bf:7e:1a:b7:68:92:6a:57:ab:82:e4:a1:02:6a:
51:10:7d:40:d1:40:2c:5c:fc:da:84:1b:5a:50:3c:41:95:44:
d3:23:df:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPJ+Q2z/IThgdGI5VRJ1aJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjQxMjE1MTA1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2ZiZmJiMjc5MzJiOWI4NTRkNjBmNmExN2NjYTI0ZmJmMjFhODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU3k6x4zHbRpMGICpHZgz+r3e6Ur
TZuJQTXtnwzIlHwkvewMYjKlBC27aMaGkTd28/IQwPg1a07QuhblKN4zlxc0tAfn
Bh53eIPny5lf65o/uAxxQB1WBVJwby2PCdmuvP2C2bNtTU27WAbxlZBDfaHU98cc
Ww+mmGSIPYwz9Ze+LBpxFntjrBXyS7FjdGo5Y26Es3uF2DTJyTWGJ0Zn3q9bViSE
25gxogBM/Dtt7A9NE4Rz9P6bL9qyK9F/cf9WVug8yPBSph1Q/TbkXg7zS8ahRtS0
0B1qcpcT1+uTbb8B9gGThxQXB6wNWYwncKOWiK8xbeXDRK7Bfi/uOzDuRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKP7+7J5Mrm4VNYPahfMok+/IagPMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvb192N3Nua3l1YmhVMWc5cUY4eWlUNzhocUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXeMA0G
CSqGSIb3DQEBCwUAA4IBAQAUtfzCbJPetqbzGCcZE7wWIwSbypY+xi6ng8FWmdk1
Oyf+K/4P/0ok1G7N/WlE49yg7GVzTkqwF09Yg0W2g1NlL8443FjXrNHpztSQkLnl
ACD/+lTJijh9yMUDknwN/BHSJux4j+Uw4XscwZNH7QjRWka5pTI/HS1SK21QqaQO
VvxvOLnTjvg7Nvg0Dpv8qXsVIKBa/NAc4WA64CFV4k8ZF5tQJ3mP7VZvSvbvx9Z/
hQfkb4IbyrtLFJ5BfCHq77P/eLCIiDRsSLe12yIXDw8fNWXChjfXADoRbns6v34a
t2iSalerguShAmpREH1A0UAsXPzahBtaUDxBlUTTI9+n
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:26:48 2025 by rpki-client