Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BTm3OMQjY7f4flmyBZ1O5fiBDxs.roa
File: BTm3OMQjY7f4flmyBZ1O5fiBDxs.roa (raw, json)
Hash identifier: biLT4JhrLwf2X8ChjWAfH7u0E229MvoO7NLFEuPFfwM=
Subject key identifier: 05:39:B7:38:C4:23:63:B7:F8:7E:59:B2:05:9D:4E:E5:F8:81:0F:1B
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0195DD8D73FE497C3DC297CB7C16FCACCA2B
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BTm3OMQjY7f4flmyBZ1O5fiBDxs.roa
Signing time: Fri 28 Mar 2025 16:19:49 +0000
ROA not before: Fri 28 Mar 2025 16:19:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20648
IP address blocks: 213.220.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:8d:73:fe:49:7c:3d:c2:97:cb:7c:16:fc:ac:ca:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Mar 28 16:19:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0539b738c42363b7f87e59b2059d4ee5f8810f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:28:94:44:cf:41:ff:68:4f:03:44:3f:4c:b2:
17:62:b5:0f:fe:99:4e:63:61:15:dd:2c:1e:37:65:
a8:1f:a4:eb:f4:28:24:3d:d6:eb:56:f1:da:5f:90:
ec:10:a5:ef:9f:d3:61:e1:47:a2:a4:23:2e:fc:f1:
53:da:cd:3d:13:11:4c:84:92:62:0d:95:3a:e0:bf:
dd:3e:38:62:77:18:4d:22:65:82:39:8b:c7:04:9a:
57:9a:2d:74:09:93:fd:4c:04:01:4e:27:08:f1:e2:
54:e9:c8:75:5c:63:2c:d4:23:98:a7:d3:b9:57:7f:
d8:93:af:6d:50:b4:38:21:62:a9:0e:01:dd:28:80:
51:cc:97:2d:e7:46:65:ee:e6:23:e8:50:d7:de:a2:
04:f1:f4:a9:69:16:e5:d8:e0:78:3d:9c:98:a6:36:
53:f4:be:bb:ef:c3:73:40:23:34:46:4c:ce:a4:24:
d8:29:c8:b7:67:7d:0a:c2:87:9e:56:0d:4f:dd:59:
c3:5a:74:1f:50:ac:5f:5b:c5:76:7a:61:b0:a9:a3:
d6:9b:7c:ec:14:e0:d9:7e:6d:f3:5f:3d:bd:a4:cf:
04:e7:a4:53:e9:8b:5f:4c:bf:67:ba:a5:53:55:84:
d8:53:00:d2:86:50:2c:e9:18:a9:86:2d:62:e7:08:
e3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:39:B7:38:C4:23:63:B7:F8:7E:59:B2:05:9D:4E:E5:F8:81:0F:1B
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BTm3OMQjY7f4flmyBZ1O5fiBDxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.220.8.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:96:5a:c5:ec:a6:cc:38:50:56:5e:e1:f0:95:83:99:6c:f2:
2e:44:db:5f:9b:db:79:78:4a:c4:69:47:bc:b8:23:bb:0c:7f:
5a:55:ad:e6:a4:68:82:a7:99:b2:fd:10:95:99:13:cf:b2:df:
dd:52:ee:1b:ee:aa:82:ba:cb:3e:ff:44:3a:c5:ec:ac:aa:24:
9f:c6:a1:b1:a9:f9:33:36:2f:55:d1:e7:aa:f9:12:eb:ef:dd:
e7:3d:a0:f6:4d:c9:66:72:28:b6:f3:07:12:6d:2f:90:45:54:
63:fb:94:6a:1b:d7:bd:7f:8e:7a:fd:f7:93:74:3c:cd:b0:a4:
25:6a:57:03:30:62:80:3a:34:75:1d:6c:9b:92:22:d0:e7:6e:
c6:04:ae:2e:f2:ce:13:ac:df:00:29:2e:a1:24:7d:e8:c3:33:
5d:5a:e3:7e:48:74:f2:e9:23:ef:8f:00:77:82:28:f5:8a:b7:
bc:32:0d:c7:42:0f:67:72:91:b8:e2:85:4f:93:e0:8e:ba:dd:
a1:06:90:6c:ce:29:46:9d:3e:07:7b:2e:14:55:5d:1c:a1:e9:
e9:97:e2:33:c2:fe:6d:79:d5:7b:bb:08:82:82:0e:62:03:9f:
d4:6a:65:79:63:d3:e3:41:9f:f4:d2:1e:06:9a:4c:ee:d7:6a:
52:2c:7b:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXdjXP+SXw9wpfLfBb8rMorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMzI4MTYxOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTM5YjczOGM0MjM2M2I3Zjg3ZTU5YjIwNTlkNGVlNWY4ODEwZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CiURM9B/2hPA0Q/TLIXYrUP/plO
Y2EV3SweN2WoH6Tr9CgkPdbrVvHaX5DsEKXvn9Nh4UeipCMu/PFT2s09ExFMhJJi
DZU64L/dPjhidxhNImWCOYvHBJpXmi10CZP9TAQBTicI8eJU6ch1XGMs1COYp9O5
V3/Yk69tULQ4IWKpDgHdKIBRzJct50Zl7uYj6FDX3qIE8fSpaRbl2OB4PZyYpjZT
9L6778NzQCM0RkzOpCTYKci3Z30KwoeeVg1P3VnDWnQfUKxfW8V2emGwqaPWm3zs
FODZfm3zXz29pM8E56RT6YtfTL9nuqVTVYTYUwDShlAs6Riphi1i5wjjtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAU5tzjEI2O3+H5ZsgWdTuX4gQ8bMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvQlRtM09NUWpZN2Y0ZmxteUJaMU81ZmlCRHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dwIMA0G
CSqGSIb3DQEBCwUAA4IBAQCkllrF7KbMOFBWXuHwlYOZbPIuRNtfm9t5eErEaUe8
uCO7DH9aVa3mpGiCp5my/RCVmRPPst/dUu4b7qqCuss+/0Q6xeysqiSfxqGxqfkz
Ni9V0eeq+RLr793nPaD2Tclmcii28wcSbS+QRVRj+5RqG9e9f456/feTdDzNsKQl
alcDMGKAOjR1HWybkiLQ527GBK4u8s4TrN8AKS6hJH3owzNdWuN+SHTy6SPvjwB3
gij1ire8Mg3HQg9ncpG44oVPk+COut2hBpBszilGnT4Hey4UVV0coenpl+Izwv5t
edV7uwiCgg5iA5/UamV5Y9PjQZ/00h4Gmkzu12pSLHtg
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:26:17 2025 by rpki-client