Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/397f55-2b76-41de-86aa-a4202a40ce18/1/gF8ZN3C0a45HX0BtFSTg6shwTi4.roa
File: gF8ZN3C0a45HX0BtFSTg6shwTi4.roa (raw, json)
Hash identifier: YzHFKuHmdK7saGrTnv4LM1NaquoFvehSW3aShl6a+YM=
Subject key identifier: 80:5F:19:37:70:B4:6B:8E:47:5F:40:6D:15:24:E0:EA:C8:70:4E:2E
Certificate issuer: /CN=4a4713cc31b7ea3891be1455de11dcc2f329d515
Certificate serial: 01942521DAAA8CFEF56EBF97EEEA6004C859
Authority key identifier: 4A:47:13:CC:31:B7:EA:38:91:BE:14:55:DE:11:DC:C2:F3:29:D5:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkcTzDG36jiRvhRV3hHcwvMp1RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/397f55-2b76-41de-86aa-a4202a40ce18/1/gF8ZN3C0a45HX0BtFSTg6shwTi4.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399686
IP address blocks: 213.232.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:da:aa:8c:fe:f5:6e:bf:97:ee:ea:60:04:c8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a4713cc31b7ea3891be1455de11dcc2f329d515
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=805f193770b46b8e475f406d1524e0eac8704e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7d:23:4d:54:93:40:9f:e9:27:81:2c:17:0a:
c2:39:cf:ed:e9:5a:ec:b5:cb:d2:37:b5:57:74:04:
f5:d7:67:50:ca:e5:82:e7:7f:da:88:56:a2:bd:79:
3e:53:6e:24:b5:87:33:15:cd:b4:71:e8:75:e5:a1:
92:d9:f7:06:c3:bb:2e:b4:52:c2:ae:cb:32:ef:a5:
c2:80:ca:b0:ba:50:c3:1d:e1:4f:0c:3e:eb:e5:48:
71:e8:0c:ca:56:21:f1:cf:ff:b7:10:03:64:08:38:
cc:70:d1:0b:ac:ba:2a:ea:22:c9:03:1c:eb:0b:2a:
d2:cd:4c:91:83:39:db:0e:51:e0:42:32:0a:56:d7:
49:c1:83:c3:8e:52:1c:8b:a5:3e:a7:9a:00:67:ca:
7d:42:f7:b2:10:bd:53:cd:a7:a2:d9:7e:c8:26:fc:
72:6d:56:f8:64:85:3a:91:eb:13:ad:9e:ce:a5:25:
49:fb:a5:ac:3b:d4:09:76:50:df:e0:71:c9:33:ab:
ce:c2:a8:8f:96:9f:4a:7d:76:e6:98:2f:a1:41:90:
af:ae:51:d8:7c:f2:59:c9:25:7b:92:24:e4:bb:40:
73:b9:14:6c:98:ef:77:dd:ac:b5:12:63:91:fa:11:
db:12:0b:f3:cf:18:a3:10:27:e1:bb:f5:b2:67:38:
d2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:5F:19:37:70:B4:6B:8E:47:5F:40:6D:15:24:E0:EA:C8:70:4E:2E
X509v3 Authority Key Identifier:
keyid:4A:47:13:CC:31:B7:EA:38:91:BE:14:55:DE:11:DC:C2:F3:29:D5:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkcTzDG36jiRvhRV3hHcwvMp1RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/397f55-2b76-41de-86aa-a4202a40ce18/1/gF8ZN3C0a45HX0BtFSTg6shwTi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/397f55-2b76-41de-86aa-a4202a40ce18/1/SkcTzDG36jiRvhRV3hHcwvMp1RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.255.0/24
Signature Algorithm: sha256WithRSAEncryption
04:68:22:fe:5e:42:98:77:2c:bb:00:54:23:82:26:f7:46:fe:
4a:51:d1:93:05:02:dc:c0:70:a8:c1:8b:89:0f:8f:9d:1e:c5:
b3:b2:3e:c4:d6:56:c9:62:dd:62:21:70:b9:72:97:85:b7:3c:
03:4e:53:7a:63:82:ce:09:7a:14:49:0e:81:76:1f:e5:39:75:
36:8e:58:e4:8f:73:16:60:8b:c5:5f:c5:61:cb:de:a6:d3:59:
86:9d:d9:6c:95:52:e4:e9:ab:bf:5c:69:a3:2e:16:7b:a9:9a:
3b:b5:56:30:2d:c1:3c:81:e7:fc:63:ac:ff:8c:84:fd:e2:5c:
f4:f0:fc:e8:02:90:f4:21:da:15:ce:80:9f:c9:17:2c:de:29:
21:a5:1a:8e:00:2a:6c:20:c3:ab:87:89:2e:54:77:70:c4:34:
89:30:3d:b2:44:42:09:9a:02:8d:cd:a9:b8:1e:07:cd:ca:78:
15:18:4a:1f:cd:57:b3:6d:58:ea:a6:75:7a:7a:b3:f0:30:73:
e4:35:8b:b2:63:99:4c:20:c0:dd:36:b1:b7:fb:ae:11:ee:40:
55:12:05:ea:4d:43:af:07:76:0f:52:af:6a:bc:42:89:e9:f8:
dd:5a:07:09:91:1e:b0:b4:60:12:e5:c6:f3:f1:77:44:30:2b:
a9:3a:8b:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIdqqjP71br+X7upgBMhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxM2NjMzFiN2VhMzg5MWJlMTQ1NWRlMTFkY2MyZjMy
OWQ1MTUwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDVmMTkzNzcwYjQ2YjhlNDc1ZjQwNmQxNTI0ZTBlYWM4NzA0ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz30jTVSTQJ/pJ4EsFwrCOc/t6Vrs
tcvSN7VXdAT112dQyuWC53/aiFaivXk+U24ktYczFc20ceh15aGS2fcGw7sutFLC
rssy76XCgMqwulDDHeFPDD7r5Uhx6AzKViHxz/+3EANkCDjMcNELrLoq6iLJAxzr
CyrSzUyRgznbDlHgQjIKVtdJwYPDjlIci6U+p5oAZ8p9QveyEL1Tzaei2X7IJvxy
bVb4ZIU6kesTrZ7OpSVJ+6WsO9QJdlDf4HHJM6vOwqiPlp9KfXbmmC+hQZCvrlHY
fPJZySV7kiTku0BzuRRsmO933ay1EmOR+hHbEgvzzxijECfhu/WyZzjSfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBfGTdwtGuOR19AbRUk4OrIcE4uMB8GA1UdIwQY
MBaAFEpHE8wxt+o4kb4UVd4R3MLzKdUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjVHpERzM2amlSdmhSVjNoSGN3dk1wMVJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zOTdmNTUtMmI3Ni00MWRlLTg2YWEt
YTQyMDJhNDBjZTE4LzEvZ0Y4Wk4zQzBhNDVIWDBCdEZTVGc2c2h3VGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zOTdmNTUtMmI3Ni00MWRlLTg2YWEtYTQyMDJhNDBjZTE4
LzEvU2tjVHpERzM2amlSdmhSVjNoSGN3dk1wMVJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ej/MA0G
CSqGSIb3DQEBCwUAA4IBAQAEaCL+XkKYdyy7AFQjgib3Rv5KUdGTBQLcwHCowYuJ
D4+dHsWzsj7E1lbJYt1iIXC5cpeFtzwDTlN6Y4LOCXoUSQ6Bdh/lOXU2jljkj3MW
YIvFX8Vhy96m01mGndlslVLk6au/XGmjLhZ7qZo7tVYwLcE8gef8Y6z/jIT94lz0
8PzoApD0IdoVzoCfyRcs3ikhpRqOACpsIMOrh4kuVHdwxDSJMD2yREIJmgKNzam4
HgfNyngVGEofzVezbVjqpnV6erPwMHPkNYuyY5lMIMDdNrG3+64R7kBVEgXqTUOv
B3YPUq9qvEKJ6fjdWgcJkR6wtGAS5cbz8XdEMCupOotm
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:47:31 2025 by rpki-client