Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/6ZeRNkK2gfkBTq-HCKi4E0wDn0g.roa
File: 6ZeRNkK2gfkBTq-HCKi4E0wDn0g.roa (raw, json)
Hash identifier: EG2r/8KWDUcCkyQHYwdunKSI5bgRdtrDYdyzMOQ6sPg=
Subject key identifier: E9:97:91:36:42:B6:81:F9:01:4E:AF:87:08:A8:B8:13:4C:03:9F:48
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 0194228D8017787004BEDD5FC3901E3C278C
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/6ZeRNkK2gfkBTq-HCKi4E0wDn0g.roa
Signing time: Wed 01 Jan 2025 15:48:06 +0000
ROA not before: Wed 01 Jan 2025 15:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15526
IP address blocks: 212.68.145.0/24 maxlen: 24
213.8.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:80:17:78:70:04:be:dd:5f:c3:90:1e:3c:27:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jan 1 15:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e997913642b681f9014eaf8708a8b8134c039f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:23:ab:58:8d:38:6d:60:05:61:be:bb:c0:9f:
8d:5c:76:d6:d9:c1:36:73:98:3f:d4:a4:b9:42:40:
3a:58:cf:3e:aa:4c:4d:13:7a:84:39:d9:14:0a:05:
c0:5d:f1:ed:25:7d:dd:a4:ce:f2:25:66:07:50:66:
90:eb:42:d8:dc:e0:8a:9a:76:72:a1:7c:ba:dc:c2:
94:2d:02:7a:a2:0b:53:06:a8:6c:39:a9:c3:b7:97:
71:27:2f:2b:6a:97:68:3a:48:90:44:b5:97:db:02:
ef:8f:c5:2c:e9:66:4f:71:ef:56:45:4a:90:a1:86:
7f:d8:86:c5:13:f0:93:ab:90:17:86:0b:01:f2:df:
4a:3c:eb:4e:e1:de:d2:54:25:55:7a:96:17:fa:56:
d1:10:a4:7a:1b:c7:19:8d:66:3e:b2:ec:e2:ae:44:
00:e6:c5:11:a1:96:ff:c0:6d:45:e3:0f:d4:82:b6:
5c:74:57:9e:18:1c:8c:43:d4:73:73:2e:a5:f2:14:
91:cc:fd:02:b7:78:9a:dd:8b:5b:99:ed:8b:71:8b:
22:1f:c5:04:c6:52:47:4c:02:0e:8b:51:c0:1b:e2:
ad:c6:a5:cf:b0:ca:0b:97:ba:bd:f3:ee:53:79:18:
84:10:5c:dc:6c:98:2d:39:b6:52:54:9c:99:44:ba:
81:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:97:91:36:42:B6:81:F9:01:4E:AF:87:08:A8:B8:13:4C:03:9F:48
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/6ZeRNkK2gfkBTq-HCKi4E0wDn0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.145.0/24
213.8.23.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:70:45:23:a4:81:02:f3:18:cc:fe:13:16:80:4c:73:2d:58:
5a:e0:a4:a4:28:ec:66:a6:0c:ff:93:20:16:3f:f2:9f:d6:75:
3d:d4:74:ff:1c:9c:7c:e7:68:45:e6:6b:b1:67:c4:c7:bd:fb:
61:8f:13:17:c0:e2:a4:7c:d1:f3:71:d3:81:b5:4c:2c:1b:e2:
96:6a:25:ad:e4:41:f6:72:a5:77:7e:19:22:3b:8b:59:8f:03:
cb:ba:6d:52:9c:89:6e:81:87:b0:d6:60:7d:22:e7:0f:61:67:
17:71:d7:7f:ca:fa:d1:3a:94:c7:fd:fc:af:ba:c4:4d:3d:c6:
82:24:be:fe:6a:b2:e3:ee:13:5f:54:fe:b4:96:55:7e:70:66:
2e:9d:c4:ad:35:ee:67:96:97:31:b6:0e:6d:25:c1:1f:dd:da:
0f:f9:d8:6f:6b:4d:49:a2:bb:d0:0c:d2:fe:fd:05:84:91:9b:
7e:68:bb:d6:23:f8:45:71:0c:e7:1b:1e:28:47:e3:68:f4:22:
7d:7a:26:d2:04:98:fb:a7:78:dd:c0:57:77:44:5f:72:42:55:
38:51:f8:63:59:ff:76:62:14:d7:fb:6e:d2:41:e6:ef:61:e7:
07:2a:15:67:6a:3a:e2:93:82:b0:0d:1b:d3:03:8e:8d:14:19:
a1:98:36:40
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQijYAXeHAEvt1fw5AePCeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjUwMTAxMTU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTk3OTEzNjQyYjY4MWY5MDE0ZWFmODcwOGE4YjgxMzRjMDM5ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iOrWI04bWAFYb67wJ+NXHbW2cE2
c5g/1KS5QkA6WM8+qkxNE3qEOdkUCgXAXfHtJX3dpM7yJWYHUGaQ60LY3OCKmnZy
oXy63MKULQJ6ogtTBqhsOanDt5dxJy8rapdoOkiQRLWX2wLvj8Us6WZPce9WRUqQ
oYZ/2IbFE/CTq5AXhgsB8t9KPOtO4d7SVCVVepYX+lbREKR6G8cZjWY+suzirkQA
5sURoZb/wG1F4w/UgrZcdFeeGByMQ9Rzcy6l8hSRzP0Ct3ia3Ytbme2LcYsiH8UE
xlJHTAIOi1HAG+KtxqXPsMoLl7q98+5TeRiEEFzcbJgtObZSVJyZRLqBRwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOmXkTZCtoH5AU6vhwiouBNMA59IMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xLzZaZVJOa0syZ2ZrQlRxLUhDS2k0RTB3RG4wZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBADURJED
BADVCBcwDQYJKoZIhvcNAQELBQADggEBAKBwRSOkgQLzGMz+ExaATHMtWFrgpKQo
7GamDP+TIBY/8p/WdT3UdP8cnHznaEXma7FnxMe9+2GPExfA4qR80fNx04G1TCwb
4pZqJa3kQfZypXd+GSI7i1mPA8u6bVKciW6Bh7DWYH0i5w9hZxdx13/K+tE6lMf9
/K+6xE09xoIkvv5qsuPuE19U/rSWVX5wZi6dxK017meWlzG2Dm0lwR/d2g/52G9r
TUmiu9AM0v79BYSRm35ou9Yj+EVxDOcbHihH42j0In16JtIEmPuneN3AV3dEX3JC
VThR+GNZ/3ZiFNf7btJB5u9h5wcqFWdqOuKTgrANG9MDjo0UGaGYNkA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:42:48 2025 by rpki-client