Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/pDpBf2nMTCpYHd9x8O_2pXhlVGA.roa
File: pDpBf2nMTCpYHd9x8O_2pXhlVGA.roa (raw, json)
Hash identifier: VFKBYyh8rnZMcbqe86Gx1z5YY9/1XDdVD1stYcF4eac=
Subject key identifier: A4:3A:41:7F:69:CC:4C:2A:58:1D:DF:71:F0:EF:F6:A5:78:65:54:60
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBACA26C9206BFA6AAC2242C903D0F
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/pDpBf2nMTCpYHd9x8O_2pXhlVGA.roa
Signing time: Wed 01 Jan 2025 17:48:26 +0000
ROA not before: Wed 01 Jan 2025 17:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20431
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ac:a2:6c:92:06:bf:a6:aa:c2:24:2c:90:3d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a43a417f69cc4c2a581ddf71f0eff6a578655460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:26:84:da:e5:2a:7c:fa:13:3b:47:19:45:e3:
c4:4a:bc:e1:89:5c:a3:ee:af:3f:88:1d:3d:66:7a:
1b:1a:e5:94:e6:16:3e:b7:3e:73:48:6d:a4:a6:35:
ee:98:fa:c2:9f:27:f6:97:19:42:21:51:60:b2:92:
19:20:db:ad:57:0f:1c:4d:57:56:e4:f8:3a:cc:e5:
f1:a7:5b:93:49:83:f3:96:48:fe:22:00:59:21:7c:
71:92:d0:fb:06:d5:eb:65:43:53:79:e4:48:ed:94:
c7:c2:7d:e5:f0:59:d1:ac:fb:9a:85:18:fc:a9:66:
00:aa:a2:33:72:bc:86:f5:d4:a9:3d:88:46:99:8f:
02:90:f8:58:9b:a1:bf:65:c6:41:92:a3:5e:9b:f8:
78:2e:37:18:63:4a:cc:75:07:6e:e1:d0:7e:e7:79:
2b:73:1c:62:00:79:f1:52:d5:d5:a7:8a:f3:fd:b6:
86:17:7c:fb:11:3f:0d:03:ca:4f:61:dc:d7:b3:0d:
1e:0c:a7:bc:e6:1e:9b:58:d7:25:62:91:b5:ee:d7:
a2:4b:ca:61:0c:5a:fc:23:e3:f3:0c:f8:2b:39:7f:
43:65:a4:1d:4f:11:95:25:89:64:1b:f4:04:2a:ae:
3a:a9:45:59:32:8f:c4:40:1b:9f:06:06:52:bb:d0:
3e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3A:41:7F:69:CC:4C:2A:58:1D:DF:71:F0:EF:F6:A5:78:65:54:60
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/pDpBf2nMTCpYHd9x8O_2pXhlVGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
87:bb:80:d2:19:da:27:62:26:62:fd:2a:43:c4:5d:ed:10:9f:
ee:5e:e0:31:15:f2:94:0a:6c:55:98:ae:b6:75:d3:9d:70:12:
18:6b:a9:07:6a:b6:7a:51:9f:03:43:3b:18:69:26:ec:ae:6e:
ef:34:17:57:9c:af:5c:85:3b:61:61:0b:8d:b1:9c:c1:fa:9a:
01:ad:a9:b8:ed:54:05:93:0e:31:98:29:31:15:a9:ae:45:90:
32:75:8e:dc:d7:22:37:bb:c3:b6:69:02:74:d6:37:49:78:1b:
74:b0:75:2c:aa:98:98:35:1c:d5:4e:33:ec:e3:56:d5:8e:0d:
47:c5:63:10:83:19:c9:66:04:6e:cb:60:fb:81:a4:f4:ea:6e:
ea:d8:f3:12:b3:1e:13:7f:39:cf:ee:3e:14:f9:29:b3:97:c4:
47:16:8f:50:6f:c7:b6:ed:c6:fb:fe:14:f2:c0:92:a4:88:7b:
39:07:45:70:de:d5:b9:b0:50:27:f3:7b:a6:cd:f1:37:f2:83:
22:bf:61:81:82:0f:84:5d:ce:a4:a8:c7:30:a5:60:87:49:29:
b5:c8:1e:57:ff:34:46:ef:f5:9c:71:26:a1:d8:09:7a:dd:e8:
e7:9e:a9:93:fc:60:26:15:ff:2b:a6:a2:32:d8:73:e8:8c:89:
e9:0a:a1:3a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+6yibJIGv6aqwiQskD0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDNhNDE3ZjY5Y2M0YzJhNTgxZGRmNzFmMGVmZjZhNTc4NjU1NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSaE2uUqfPoTO0cZRePESrzhiVyj
7q8/iB09ZnobGuWU5hY+tz5zSG2kpjXumPrCnyf2lxlCIVFgspIZINutVw8cTVdW
5Pg6zOXxp1uTSYPzlkj+IgBZIXxxktD7BtXrZUNTeeRI7ZTHwn3l8FnRrPuahRj8
qWYAqqIzcryG9dSpPYhGmY8CkPhYm6G/ZcZBkqNem/h4LjcYY0rMdQdu4dB+53kr
cxxiAHnxUtXVp4rz/baGF3z7ET8NA8pPYdzXsw0eDKe85h6bWNclYpG17teiS8ph
DFr8I+PzDPgrOX9DZaQdTxGVJYlkG/QEKq46qUVZMo/EQBufBgZSu9A+2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKQ6QX9pzEwqWB3fcfDv9qV4ZVRgMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvcERwQmYybk1UQ3BZSGQ5eDhPXzJwWGhsVkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAIe7gNIZ2idiJmL9KkPEXe0Qn+5e4DEV
8pQKbFWYrrZ1051wEhhrqQdqtnpRnwNDOxhpJuyubu80F1ecr1yFO2FhC42xnMH6
mgGtqbjtVAWTDjGYKTEVqa5FkDJ1jtzXIje7w7ZpAnTWN0l4G3SwdSyqmJg1HNVO
M+zjVtWODUfFYxCDGclmBG7LYPuBpPTqburY8xKzHhN/Oc/uPhT5KbOXxEcWj1Bv
x7btxvv+FPLAkqSIezkHRXDe1bmwUCfze6bN8TfygyK/YYGCD4RdzqSoxzClYIdJ
KbXIHlf/NEbv9ZxxJqHYCXrd6OeeqZP8YCYV/yumojLYc+iMiekKoTo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:03 2025 by rpki-client