Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/db-V4RFiWk-DRMRx23Yi5GGB828.roa
File: db-V4RFiWk-DRMRx23Yi5GGB828.roa (raw, json)
Hash identifier: nklnqznrcypY4CcHnGmzs30m8K1faHbW1Og3XBCrp1c=
Subject key identifier: 75:BF:95:E1:11:62:5A:4F:83:44:C4:71:DB:76:22:E4:61:81:F3:6F
Certificate issuer: /CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Certificate serial: 01941F8C3AE86049FC98CAE27A9BA6B8D518
Authority key identifier: E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/db-V4RFiWk-DRMRx23Yi5GGB828.roa
Signing time: Wed 01 Jan 2025 01:47:51 +0000
ROA not before: Wed 01 Jan 2025 01:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199027
IP address blocks: 213.152.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:3a:e8:60:49:fc:98:ca:e2:7a:9b:a6:b8:d5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Validity
Not Before: Jan 1 01:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75bf95e111625a4f8344c471db7622e46181f36f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9c:d8:ab:87:d6:9c:e7:94:79:f6:e0:48:84:
0a:9f:12:e7:64:0c:80:0d:c6:e6:0f:af:1b:be:49:
f7:1a:13:36:8d:95:75:d9:70:b3:3f:05:30:ae:18:
20:aa:a5:a6:67:66:9d:9e:98:f0:16:e6:c6:96:fd:
80:c4:c2:d3:ce:87:0c:8d:95:c2:8d:6a:5c:ef:02:
e7:5c:f1:51:3f:d8:ce:16:27:86:c4:94:2e:28:bb:
19:ac:5d:79:db:70:53:b8:bf:ba:8d:23:71:3b:eb:
30:90:e5:e1:9b:3e:12:ae:65:39:4c:1a:50:04:19:
5c:2c:bd:d7:7f:10:6b:04:2d:6b:1d:57:08:ca:bc:
3a:13:6d:b4:33:74:37:28:36:67:9b:f5:19:77:76:
5a:61:54:c6:59:2f:0b:82:f9:4e:b8:9f:7e:32:a3:
14:63:0e:85:e1:f3:ce:75:60:52:db:97:12:8b:35:
0f:14:a4:62:24:4d:50:53:15:0e:2d:db:8d:6e:db:
5b:45:28:ba:d7:f6:a0:a0:68:41:e3:2e:53:3c:36:
65:be:99:8a:3b:85:a4:6e:d1:56:d7:bb:4b:48:ff:
48:28:f1:c5:a9:f2:8e:f5:37:c1:07:10:76:53:59:
af:f2:b8:7e:ee:d1:b5:ce:4a:71:c0:6d:b5:8c:45:
8d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BF:95:E1:11:62:5A:4F:83:44:C4:71:DB:76:22:E4:61:81:F3:6F
X509v3 Authority Key Identifier:
keyid:E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/db-V4RFiWk-DRMRx23Yi5GGB828.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.152.21.0/24
Signature Algorithm: sha256WithRSAEncryption
68:75:88:f4:ef:e5:0f:a0:9d:ee:5d:2e:b9:b4:73:50:e6:f2:
17:65:1a:eb:b6:ec:06:0d:e1:c4:b5:d3:97:2b:9d:0e:f6:de:
ef:26:be:e8:ca:b3:df:1a:28:1c:c3:35:a0:c1:75:3a:1c:04:
60:80:90:0e:8c:03:d2:ee:b9:21:07:a8:4e:bd:d1:90:87:d6:
12:ad:e4:a4:fd:f8:96:ff:27:b8:ed:29:71:a7:39:69:6d:83:
3b:88:b5:4b:36:d8:2f:0c:82:55:12:63:69:f7:73:b5:c7:9f:
28:41:dc:e9:18:97:84:6a:13:49:22:f5:44:98:53:17:d5:b7:
2d:97:30:12:ca:47:79:d2:85:7b:94:bd:b2:74:b5:58:56:c7:
4d:69:38:fc:2a:0b:06:89:8a:72:0a:96:e2:be:35:21:bf:9c:
d0:8f:cb:38:22:9d:7f:95:83:07:0b:0c:ff:3b:28:ce:33:e2:
0c:8a:0f:49:a2:52:37:f5:97:ef:e6:a3:32:c9:90:2c:f8:90:
64:fe:46:b9:a3:55:fd:10:f6:e7:cc:2a:b1:c8:45:4f:0a:fc:
15:fd:fd:69:61:4b:99:a6:09:7a:a7:aa:82:03:e8:9e:25:ed:
a9:00:34:aa:d4:74:33:32:06:70:96:80:a6:89:73:fe:68:08:
40:0f:fe:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjDroYEn8mMriepumuNUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzlhZjE3MTZkYzQ2MWU1YmIzZjg3NjIxNWJjYjk0ZTg4
MDhiYTAwHhcNMjUwMTAxMDE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJmOTVlMTExNjI1YTRmODM0NGM0NzFkYjc2MjJlNDYxODFmMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJzYq4fWnOeUefbgSIQKnxLnZAyA
DcbmD68bvkn3GhM2jZV12XCzPwUwrhggqqWmZ2adnpjwFubGlv2AxMLTzocMjZXC
jWpc7wLnXPFRP9jOFieGxJQuKLsZrF1523BTuL+6jSNxO+swkOXhmz4SrmU5TBpQ
BBlcLL3XfxBrBC1rHVcIyrw6E220M3Q3KDZnm/UZd3ZaYVTGWS8LgvlOuJ9+MqMU
Yw6F4fPOdWBS25cSizUPFKRiJE1QUxUOLduNbttbRSi61/agoGhB4y5TPDZlvpmK
O4WkbtFW17tLSP9IKPHFqfKO9TfBBxB2U1mv8rh+7tG1zkpxwG21jEWNfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHW/leERYlpPg0TEcdt2IuRhgfNvMB8GA1UdIwQY
MBaAFOR5rxcW3EYeW7P4diFby5TogIugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTIt
MjQxZWFiNjE0ODNmLzEvZGItVjRSRmlXay1EUk1SeDIzWWk1R0dCODI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTItMjQxZWFiNjE0ODNm
LzEvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZgVMA0G
CSqGSIb3DQEBCwUAA4IBAQBodYj07+UPoJ3uXS65tHNQ5vIXZRrrtuwGDeHEtdOX
K50O9t7vJr7oyrPfGigcwzWgwXU6HARggJAOjAPS7rkhB6hOvdGQh9YSreSk/fiW
/ye47SlxpzlpbYM7iLVLNtgvDIJVEmNp93O1x58oQdzpGJeEahNJIvVEmFMX1bct
lzASykd50oV7lL2ydLVYVsdNaTj8KgsGiYpyCpbivjUhv5zQj8s4Ip1/lYMHCwz/
OyjOM+IMig9JolI39Zfv5qMyyZAs+JBk/ka5o1X9EPbnzCqxyEVPCvwV/f1pYUuZ
pgl6p6qCA+ieJe2pADSq1HQzMgZwloCmiXP+aAhAD/7A
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:34 2025 by rpki-client