Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ed3ae3-7bdd-4fdb-b0e9-61243a4d4c81/1/39OMsCxHrQ9bT33bjDXwiUpj1Zc.roa
File: 39OMsCxHrQ9bT33bjDXwiUpj1Zc.roa (raw, json)
Hash identifier: hdU2IkOEfwdljL5/z/TP+Axg9X82iYsFrqkCdlieGiE=
Subject key identifier: DF:D3:8C:B0:2C:47:AD:0F:5B:4F:7D:DB:8C:35:F0:89:4A:63:D5:97
Certificate issuer: /CN=bfe5d9bcf68e5da676c1f06f80b097d7e3129081
Certificate serial: 0A0B7189
Authority key identifier: BF:E5:D9:BC:F6:8E:5D:A6:76:C1:F0:6F:80:B0:97:D7:E3:12:90:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-XZvPaOXaZ2wfBvgLCX1-MSkIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ed3ae3-7bdd-4fdb-b0e9-61243a4d4c81/1/39OMsCxHrQ9bT33bjDXwiUpj1Zc.roa
Signing time: Mon 03 Jan 2022 15:01:46 +0000
ROA not before: Mon 03 Jan 2022 15:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200848
IP address blocks: 213.109.174.0/24 maxlen: 32
213.109.172.0/22 maxlen: 32
2a09:fc00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168522121 (0xa0b7189)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe5d9bcf68e5da676c1f06f80b097d7e3129081
Validity
Not Before: Jan 3 15:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfd38cb02c47ad0f5b4f7ddb8c35f0894a63d597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1f:51:22:ad:cf:85:15:e7:a0:72:e1:13:c0:
a2:44:8d:4d:60:61:da:db:96:b2:b8:cd:75:76:1d:
e9:3a:6f:66:2d:7f:21:80:fc:77:28:2f:50:d6:f3:
fe:b7:be:c4:d5:70:c4:82:96:57:61:9b:3b:ec:0f:
0d:4a:58:d1:6a:90:90:75:1d:72:7f:92:dd:b7:a3:
d8:7a:4b:13:c7:8d:0f:72:2a:81:93:47:ff:75:73:
ed:23:e5:9c:2b:df:af:43:8b:04:90:73:16:a9:22:
ba:bc:10:76:52:64:04:12:7b:28:54:ae:fd:cb:f5:
67:57:fa:a3:7e:79:54:d2:18:37:ef:1f:ad:e3:57:
3a:12:35:4d:2a:33:c6:15:12:e9:7f:8c:42:1f:45:
f3:7b:01:18:26:f0:c6:6a:09:0b:06:5f:4d:39:2d:
18:86:8f:19:73:25:51:a1:ae:3c:7c:62:77:e3:85:
57:c3:6b:1d:74:5e:5b:64:cf:18:db:bf:d5:6c:47:
83:d7:ef:d7:6c:a2:ba:0f:c1:2c:5e:2b:79:4e:13:
36:cf:ca:a4:b2:a7:3f:c3:2b:1b:b6:4a:d9:8d:ba:
25:bf:d6:a5:58:32:41:37:02:7b:a2:8d:f1:17:d8:
b1:9c:5b:66:a3:2b:70:72:e9:85:63:32:bc:d5:7b:
41:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D3:8C:B0:2C:47:AD:0F:5B:4F:7D:DB:8C:35:F0:89:4A:63:D5:97
X509v3 Authority Key Identifier:
keyid:BF:E5:D9:BC:F6:8E:5D:A6:76:C1:F0:6F:80:B0:97:D7:E3:12:90:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-XZvPaOXaZ2wfBvgLCX1-MSkIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ed3ae3-7bdd-4fdb-b0e9-61243a4d4c81/1/39OMsCxHrQ9bT33bjDXwiUpj1Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ed3ae3-7bdd-4fdb-b0e9-61243a4d4c81/1/v-XZvPaOXaZ2wfBvgLCX1-MSkIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.172.0/22
IPv6:
2a09:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
95:ec:0a:30:63:eb:41:c6:85:76:b9:c4:ff:1e:64:6c:a8:50:
0f:15:be:1e:bf:a4:e4:eb:c8:00:74:7e:bd:a8:00:58:ed:0c:
f9:3a:cd:5c:ac:71:ed:25:bc:c0:bb:94:6c:ac:83:e0:78:d0:
77:37:28:f8:9c:4a:db:ef:d1:c0:b5:2a:77:cd:bc:37:6c:46:
af:0c:01:6b:58:41:4c:ac:8d:11:97:97:c3:73:a2:e5:b5:a5:
f6:9d:cc:14:27:cb:21:b5:6d:29:f1:dd:0f:4c:bb:fe:87:c5:
db:22:fe:21:7c:a2:a6:12:d1:44:6b:60:24:71:bd:7d:f2:4d:
c1:e4:3e:79:94:4f:62:a9:72:09:38:ca:c3:de:3a:9c:8d:09:
69:18:47:48:ca:1b:c9:6f:85:1e:6e:59:ea:cd:eb:ee:c4:f8:
18:d6:5f:04:6e:9b:1f:d4:65:c8:7e:62:bc:e8:12:a6:3f:74:
1e:a3:41:6b:56:a8:f8:af:cc:f3:5d:22:a2:8c:ad:cc:21:7f:
d9:16:ea:07:cd:66:da:9a:09:a8:d7:de:6c:dc:c9:df:58:c9:
46:00:5c:29:5a:12:46:cb:27:f3:47:5c:36:5c:6c:eb:2f:c4:
80:b8:0c:5c:0f:4a:37:c7:79:7f:7d:71:ea:7c:66:92:f1:d5:
ce:aa:2a:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECgtxiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmU1ZDliY2Y2OGU1ZGE2NzZjMWYwNmY4MGIwOTdkN2UzMTI5MDgxMB4XDTIyMDEw
MzE1MDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZkMzhjYjAyYzQ3
YWQwZjViNGY3ZGRiOGMzNWYwODk0YTYzZDU5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKofUSKtz4UV56By4RPAokSNTWBh2tuWsrjNdXYd6TpvZi1/
IYD8dygvUNbz/re+xNVwxIKWV2GbO+wPDUpY0WqQkHUdcn+S3bej2HpLE8eND3Iq
gZNH/3Vz7SPlnCvfr0OLBJBzFqkiurwQdlJkBBJ7KFSu/cv1Z1f6o355VNIYN+8f
reNXOhI1TSozxhUS6X+MQh9F83sBGCbwxmoJCwZfTTktGIaPGXMlUaGuPHxid+OF
V8NrHXReW2TPGNu/1WxHg9fv12yiug/BLF4reU4TNs/KpLKnP8MrG7ZK2Y26Jb/W
pVgyQTcCe6KN8RfYsZxbZqMrcHLphWMyvNV7QQ0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTf04ywLEetD1tPfduMNfCJSmPVlzAfBgNVHSMEGDAWgBS/5dm89o5dpnbB
8G+AsJfX4xKQgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3YtWFp2UGFPWGFaMndmQnZnTENYMS1NU2tJRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvZWQzYWUzLTdiZGQtNGZkYi1iMGU5LTYxMjQzYTRkNGM4MS8x
LzM5T01zQ3hIclE5YlQzM2JqRFh3aVVwajFaYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
ZWQzYWUzLTdiZGQtNGZkYi1iMGU5LTYxMjQzYTRkNGM4MS8xL3YtWFp2UGFPWGFa
MndmQnZnTENYMS1NU2tJRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAtVtrDANBAIAAjAHAwUDKgn8ADAN
BgkqhkiG9w0BAQsFAAOCAQEAlewKMGPrQcaFdrnE/x5kbKhQDxW+Hr+k5OvIAHR+
vagAWO0M+TrNXKxx7SW8wLuUbKyD4HjQdzco+JxK2+/RwLUqd828N2xGrwwBa1hB
TKyNEZeXw3Oi5bWl9p3MFCfLIbVtKfHdD0y7/ofF2yL+IXyiphLRRGtgJHG9ffJN
weQ+eZRPYqlyCTjKw946nI0JaRhHSMobyW+FHm5Z6s3r7sT4GNZfBG6bH9RlyH5i
vOgSpj90HqNBa1ao+K/M810iooytzCF/2RbqB81m2poJqNfebNzJ31jJRgBcKVoS
Rssn80dcNlxs6y/EgLgMXA9KN8d5f31x6nxmkvHVzqoqsg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:11 2025 by rpki-client