Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/DxQCs-H5Bm9MtMmsKADEGrqo3Is.roa
File: DxQCs-H5Bm9MtMmsKADEGrqo3Is.roa (raw, json)
Hash identifier: fGTSJYx2yKAwhIdsEvOu1SSCzQfRevfbLCpN42iLvtw=
Subject key identifier: 0F:14:02:B3:E1:F9:06:6F:4C:B4:C9:AC:28:00:C4:1A:BA:A8:DC:8B
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 019421B1E0F1262480E8272EE60072F49474
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/DxQCs-H5Bm9MtMmsKADEGrqo3Is.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35638
IP address blocks: 84.239.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e0:f1:26:24:80:e8:27:2e:e6:00:72:f4:94:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f1402b3e1f9066f4cb4c9ac2800c41abaa8dc8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:57:74:32:b8:ba:24:60:e3:d6:32:ee:48:71:
31:fe:8f:5d:85:17:54:f4:16:9c:e3:d2:1e:3c:fe:
4a:1c:e7:df:db:3a:e6:db:64:fb:8f:e4:c7:00:a6:
0e:12:36:a3:ec:58:9d:ae:95:6d:e5:75:54:85:94:
13:26:07:bb:26:aa:cd:39:7c:22:66:6d:23:da:bc:
a1:e2:80:df:f4:b0:40:69:16:b4:75:d7:7e:24:5c:
26:2d:4b:f4:d3:e8:42:3f:07:e1:6b:93:6c:14:13:
6a:44:ca:ab:a2:d3:22:cd:32:c6:08:4d:59:58:d5:
c8:38:98:9f:92:26:f0:2b:b1:b2:be:22:21:d4:34:
66:23:6a:58:81:19:e7:a9:39:3e:f4:3e:bf:9b:92:
5c:52:ac:8d:4f:91:30:93:a0:96:93:09:18:db:f2:
c5:a7:97:62:f7:8b:15:16:7d:68:43:da:8f:de:cb:
c7:f4:33:10:f1:b6:b0:6b:16:ee:0b:e2:92:03:21:
e3:63:53:30:02:06:8f:82:9c:71:6a:fe:f9:b9:f6:
15:2d:80:cd:ed:5f:ca:08:a6:91:dc:99:8a:73:8a:
d2:b7:f2:ee:54:26:e4:24:96:7a:ed:fb:3f:73:d2:
0d:6e:81:e3:09:3e:c5:22:0d:a3:76:08:7e:e3:b2:
31:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:14:02:B3:E1:F9:06:6F:4C:B4:C9:AC:28:00:C4:1A:BA:A8:DC:8B
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/DxQCs-H5Bm9MtMmsKADEGrqo3Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.21.0/24
Signature Algorithm: sha256WithRSAEncryption
82:8a:0a:1c:7a:3a:f0:1a:0e:f1:06:ed:72:01:bc:ea:8f:0d:
ce:de:b9:fa:da:92:f3:30:28:f8:bb:3f:f7:5c:8b:5a:05:e1:
18:c2:87:cb:1a:30:e9:dd:4d:97:b8:f7:fe:c7:b9:e3:0f:96:
35:b6:9b:cb:a6:94:a5:d6:a3:5c:a5:68:98:7d:0e:54:e5:0c:
d7:1d:36:8b:14:0c:7d:d3:68:4c:19:59:f9:37:6d:59:27:3f:
e3:55:9e:27:c3:a0:80:bc:69:45:c2:92:cc:c5:50:fc:36:7f:
22:db:b1:ba:bd:9c:11:26:f4:53:f7:9c:7d:20:50:af:6f:f5:
55:4f:a7:0e:8c:29:e9:f8:de:27:d7:00:c1:dd:1f:43:a1:cc:
2f:73:f4:cc:5a:b9:26:1f:0b:ef:b4:b1:7e:18:de:8a:2c:ca:
0a:9b:ad:56:d3:d6:fe:0b:7f:b9:5f:92:1a:b6:2d:51:fc:6f:
b2:ae:b5:b6:44:b2:53:39:db:bc:8b:8b:91:df:d6:0e:b0:27:
5e:76:a5:89:39:ec:7a:02:b6:9c:ff:a5:2b:05:20:6a:ad:53:
fc:42:27:b7:e1:e6:b9:45:23:19:80:fc:ef:73:6a:0f:08:c3:
20:2f:f1:99:55:5c:1b:75:38:8e:49:ce:94:be:d4:a3:01:ec:
10:a9:c0:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhseDxJiSA6Ccu5gBy9JR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjE0MDJiM2UxZjkwNjZmNGNiNGM5YWMyODAwYzQxYWJhYThkYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ld0Mri6JGDj1jLuSHEx/o9dhRdU
9Bac49IePP5KHOff2zrm22T7j+THAKYOEjaj7FidrpVt5XVUhZQTJge7JqrNOXwi
Zm0j2ryh4oDf9LBAaRa0ddd+JFwmLUv00+hCPwfha5NsFBNqRMqrotMizTLGCE1Z
WNXIOJifkibwK7GyviIh1DRmI2pYgRnnqTk+9D6/m5JcUqyNT5Ewk6CWkwkY2/LF
p5di94sVFn1oQ9qP3svH9DMQ8bawaxbuC+KSAyHjY1MwAgaPgpxxav75ufYVLYDN
7V/KCKaR3JmKc4rSt/LuVCbkJJZ67fs/c9INboHjCT7FIg2jdgh+47IxRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8UArPh+QZvTLTJrCgAxBq6qNyLMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvRHhRQ3MtSDVCbTlNdE1tc0tBREVHcnFvM0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVO8VMA0G
CSqGSIb3DQEBCwUAA4IBAQCCigocejrwGg7xBu1yAbzqjw3O3rn62pLzMCj4uz/3
XItaBeEYwofLGjDp3U2XuPf+x7njD5Y1tpvLppSl1qNcpWiYfQ5U5QzXHTaLFAx9
02hMGVn5N21ZJz/jVZ4nw6CAvGlFwpLMxVD8Nn8i27G6vZwRJvRT95x9IFCvb/VV
T6cOjCnp+N4n1wDB3R9Docwvc/TMWrkmHwvvtLF+GN6KLMoKm61W09b+C3+5X5Ia
ti1R/G+yrrW2RLJTOdu8i4uR39YOsCdedqWJOex6Arac/6UrBSBqrVP8Qie34ea5
RSMZgPzvc2oPCMMgL/GZVVwbdTiOSc6UvtSjAewQqcBr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:33 2025 by rpki-client