Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/EJvT73f0zfX6V-sDG90IKMGlbWI.roa
File: EJvT73f0zfX6V-sDG90IKMGlbWI.roa (raw, json)
Hash identifier: S1RfA7O/foGJ4mED+b47KgDXCDBLq2KCHZso3SbwQVs=
Subject key identifier: 10:9B:D3:EF:77:F4:CD:F5:FA:57:EB:03:1B:DD:08:28:C1:A5:6D:62
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 0194266C2AC1A2CDE7AD89648E298BEA0B91
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/EJvT73f0zfX6V-sDG90IKMGlbWI.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216030
IP address blocks: 176.97.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2a:c1:a2:cd:e7:ad:89:64:8e:29:8b:ea:0b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=109bd3ef77f4cdf5fa57eb031bdd0828c1a56d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a1:5e:10:b3:64:5c:a2:2a:51:2e:fe:86:1f:
59:1d:d2:b2:65:bf:54:a6:be:d1:33:71:d6:29:33:
0b:51:d7:a5:7e:8e:4d:4c:35:fd:eb:06:2d:ab:ea:
2f:c0:a6:1b:10:bb:14:cc:17:99:3f:fe:44:ae:e4:
b3:2d:77:f9:de:fd:b7:bf:b8:50:81:79:31:f9:bb:
23:c8:b8:14:df:de:07:34:06:73:f3:04:ef:fb:16:
47:df:78:a6:b1:2b:94:68:07:c9:2c:8e:b4:b7:3a:
85:1f:5f:6d:ab:a7:ff:de:6d:e8:1f:ed:00:57:ee:
ea:63:cd:c7:9f:b1:9a:82:e1:53:79:6f:aa:9a:cf:
8b:4a:b6:26:44:8b:44:d5:9f:14:1d:c9:ce:97:0e:
94:9d:b4:0f:61:c4:7f:07:b2:78:20:b6:e1:a5:bb:
53:60:93:37:7d:a7:c2:ae:07:ef:0b:eb:9c:8b:01:
2a:92:57:7a:e5:bf:5f:3d:6e:69:2d:41:f8:1b:3a:
79:b9:39:a7:13:4c:e3:be:a0:fc:37:36:e7:94:f1:
b2:7c:74:b4:15:cb:86:7b:09:71:32:85:15:41:44:
06:99:83:68:0b:bb:a5:9a:03:23:1f:ef:08:a3:de:
b1:60:6e:aa:62:f8:d8:81:df:ce:a8:ca:6a:04:9d:
68:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9B:D3:EF:77:F4:CD:F5:FA:57:EB:03:1B:DD:08:28:C1:A5:6D:62
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/EJvT73f0zfX6V-sDG90IKMGlbWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.213.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:c1:2c:90:30:9e:c2:f0:35:ba:c2:e4:5d:59:8a:34:ec:bd:
0f:37:d6:c7:05:07:3c:5e:c9:2c:a4:66:ae:23:64:80:d3:c6:
b9:e5:50:68:42:c7:b1:07:fd:ce:9c:e0:4f:99:1a:4a:b4:9f:
32:a3:83:e3:21:ce:dd:38:62:1f:60:8e:80:b5:c0:5a:8a:cb:
8b:3c:ec:7c:be:c9:6c:90:a7:00:19:b6:c0:f3:f8:24:44:6a:
ee:04:bf:c5:28:85:b2:69:73:c4:e0:95:ca:b1:2b:bc:62:7e:
77:7d:9b:f2:87:eb:34:e3:5b:93:a9:b7:3b:4d:8f:f5:a5:d7:
73:69:1f:72:6e:45:42:27:3b:89:03:bd:a5:fb:4e:07:60:77:
fa:24:a4:07:ed:10:43:07:d6:da:8d:ca:a2:6f:a4:09:50:67:
d4:9d:46:f6:54:d4:8c:ec:6a:4c:90:75:d3:b3:40:fb:2e:1b:
2e:ac:3d:f4:fc:0c:ec:78:71:97:b5:94:1b:8f:be:3a:2f:6e:
ef:33:95:2d:fa:34:68:e1:e8:8c:bc:cf:7f:e7:da:14:a7:2c:
c7:59:e9:c9:fb:f7:a6:1f:3b:57:28:5b:1b:7e:29:f7:df:d2:
a6:22:48:bf:b1:23:37:97:42:90:af:d6:da:3c:b6:cc:90:52:
54:a2:7c:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCrBos3nrYlkjimL6guRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDliZDNlZjc3ZjRjZGY1ZmE1N2ViMDMxYmRkMDgyOGMxYTU2ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqFeELNkXKIqUS7+hh9ZHdKyZb9U
pr7RM3HWKTMLUdelfo5NTDX96wYtq+ovwKYbELsUzBeZP/5EruSzLXf53v23v7hQ
gXkx+bsjyLgU394HNAZz8wTv+xZH33imsSuUaAfJLI60tzqFH19tq6f/3m3oH+0A
V+7qY83Hn7GaguFTeW+qms+LSrYmRItE1Z8UHcnOlw6UnbQPYcR/B7J4ILbhpbtT
YJM3fafCrgfvC+uciwEqkld65b9fPW5pLUH4Gzp5uTmnE0zjvqD8NzbnlPGyfHS0
FcuGewlxMoUVQUQGmYNoC7ulmgMjH+8Io96xYG6qYvjYgd/OqMpqBJ1oKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCb0+939M31+lfrAxvdCCjBpW1iMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvRUp2VDczZjB6Zlg2Vi1zREc5MElLTUdsYldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHVMA0G
CSqGSIb3DQEBCwUAA4IBAQC3wSyQMJ7C8DW6wuRdWYo07L0PN9bHBQc8XskspGau
I2SA08a55VBoQsexB/3OnOBPmRpKtJ8yo4PjIc7dOGIfYI6AtcBaisuLPOx8vsls
kKcAGbbA8/gkRGruBL/FKIWyaXPE4JXKsSu8Yn53fZvyh+s041uTqbc7TY/1pddz
aR9ybkVCJzuJA72l+04HYHf6JKQH7RBDB9bajcqib6QJUGfUnUb2VNSM7GpMkHXT
s0D7LhsurD30/AzseHGXtZQbj746L27vM5Ut+jRo4eiMvM9/59oUpyzHWenJ+/em
HztXKFsbfin339KmIki/sSM3l0KQr9baPLbMkFJUonzw
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:24:24 2025 by rpki-client