Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/aEX6iGvtmMCBLbcN3D9lR9wWfYs.roa
File: aEX6iGvtmMCBLbcN3D9lR9wWfYs.roa (raw, json)
Hash identifier: ck3g/sMwdLbMyNkBAAhpjxk0gLfl6oyVxwY3SE1wY/I=
Subject key identifier: 68:45:FA:88:6B:ED:98:C0:81:2D:B7:0D:DC:3F:65:47:DC:16:7D:8B
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 01942444F4E81DBAA4336982A4B362AA4EE1
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/aEX6iGvtmMCBLbcN3D9lR9wWfYs.roa
Signing time: Wed 01 Jan 2025 23:48:06 +0000
ROA not before: Wed 01 Jan 2025 23:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200940
IP address blocks: 213.16.92.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:f4:e8:1d:ba:a4:33:69:82:a4:b3:62:aa:4e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 23:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6845fa886bed98c0812db70ddc3f6547dc167d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:75:5c:e2:44:a0:9a:64:ae:78:bd:63:8d:2d:
eb:c8:87:29:43:1f:03:96:5e:bb:04:9b:17:13:4a:
a0:4e:dc:10:99:7a:51:c6:de:82:a8:5f:c4:a8:a4:
04:11:97:69:da:a7:37:e4:12:36:a4:22:75:db:f1:
b5:a9:75:95:28:03:67:b4:b6:a3:d5:84:4e:f3:28:
dc:53:03:9d:79:c6:fe:6e:14:8c:e5:64:ed:ac:74:
ca:a4:77:ab:d6:29:97:45:22:82:9d:0a:39:5d:56:
b0:92:bf:4a:f1:cc:7c:0d:cc:fd:64:2f:a2:e5:9d:
19:c7:e6:ec:99:ec:1e:2e:f4:ef:77:4d:90:62:1a:
09:f6:5f:e5:17:38:2d:54:89:84:f6:ee:8d:71:70:
2f:4c:80:86:28:78:69:80:67:ba:f2:bc:0b:df:bc:
76:0f:7a:c8:49:31:c5:51:cb:28:4d:12:9e:26:41:
c1:2f:6b:37:c5:b9:a7:d5:b3:47:fe:da:16:5f:55:
9e:ec:50:e9:da:fb:df:17:c4:81:1e:91:23:9f:98:
aa:f9:8c:14:1c:a4:a0:fc:dc:b8:57:87:11:cf:4d:
6f:45:ee:d4:a2:a6:0a:e6:e1:2f:06:be:d8:02:53:
13:f7:36:47:6b:52:b8:78:3e:e9:a1:28:8b:7f:49:
dd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:45:FA:88:6B:ED:98:C0:81:2D:B7:0D:DC:3F:65:47:DC:16:7D:8B
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/aEX6iGvtmMCBLbcN3D9lR9wWfYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.16.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:8c:7c:c5:78:41:0a:7b:b2:8c:36:29:8a:d5:b8:fd:54:4f:
4d:0c:81:29:f1:aa:fb:e6:63:bc:0e:3c:28:95:de:60:95:5a:
44:fd:bb:a2:43:c4:10:08:91:66:c6:ae:b8:b0:d6:03:ae:f3:
4b:65:6b:3f:d3:70:ff:20:e2:0d:29:63:02:a8:df:52:6e:26:
f3:4d:83:33:34:31:09:08:1a:5c:f2:a5:7f:55:af:db:fe:8a:
72:a4:04:49:92:7c:5d:61:01:93:5c:be:2c:ec:02:35:08:31:
31:1a:61:1f:70:84:6b:77:30:34:6d:26:39:92:26:e4:a6:17:
5d:96:d0:bb:06:20:35:d5:ba:26:22:d6:82:a0:e4:1e:06:22:
41:48:df:63:7d:70:45:69:3f:d7:62:b6:69:89:7f:c7:58:ff:
58:eb:ad:b9:2f:25:fc:66:48:2b:f1:00:93:4c:bc:bb:17:3a:
2b:b7:0f:99:2f:0c:e2:48:39:2c:ef:6b:14:e3:9f:e0:04:7c:
42:06:da:63:17:1b:f2:1a:f6:de:a7:d0:db:f2:1f:4f:25:4d:
39:a9:be:45:e0:21:88:61:02:d7:44:4d:3d:aa:76:9a:f9:ba:
7c:e9:62:d9:ed:a2:a8:d2:b1:92:5c:85:6a:49:33:60:9a:6d:
61:53:8b:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRPToHbqkM2mCpLNiqk7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjUwMTAxMjM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQ1ZmE4ODZiZWQ5OGMwODEyZGI3MGRkYzNmNjU0N2RjMTY3ZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HVc4kSgmmSueL1jjS3ryIcpQx8D
ll67BJsXE0qgTtwQmXpRxt6CqF/EqKQEEZdp2qc35BI2pCJ12/G1qXWVKANntLaj
1YRO8yjcUwOdecb+bhSM5WTtrHTKpHer1imXRSKCnQo5XVawkr9K8cx8Dcz9ZC+i
5Z0Zx+bsmeweLvTvd02QYhoJ9l/lFzgtVImE9u6NcXAvTICGKHhpgGe68rwL37x2
D3rISTHFUcsoTRKeJkHBL2s3xbmn1bNH/toWX1We7FDp2vvfF8SBHpEjn5iq+YwU
HKSg/Ny4V4cRz01vRe7UoqYK5uEvBr7YAlMT9zZHa1K4eD7poSiLf0ndvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhF+ohr7ZjAgS23Ddw/ZUfcFn2LMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvYUVYNmlHdnRtTUNCTGJjTjNEOWxSOXdXZllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1RBcMA0G
CSqGSIb3DQEBCwUAA4IBAQA/jHzFeEEKe7KMNimK1bj9VE9NDIEp8ar75mO8Djwo
ld5glVpE/buiQ8QQCJFmxq64sNYDrvNLZWs/03D/IOINKWMCqN9SbibzTYMzNDEJ
CBpc8qV/Va/b/opypARJknxdYQGTXL4s7AI1CDExGmEfcIRrdzA0bSY5kibkphdd
ltC7BiA11bomItaCoOQeBiJBSN9jfXBFaT/XYrZpiX/HWP9Y6625LyX8Zkgr8QCT
TLy7Fzortw+ZLwziSDks72sU45/gBHxCBtpjFxvyGvbep9Db8h9PJU05qb5F4CGI
YQLXRE09qnaa+bp86WLZ7aKo0rGSXIVqSTNgmm1hU4u/
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:31:22 2025 by rpki-client