Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/IDKX9sPGQlI6MZvv-y5YFAm0ePk.roa
File: IDKX9sPGQlI6MZvv-y5YFAm0ePk.roa (raw, json)
Hash identifier: k1Iw/tEDEs1ds0ZzGmimuwWihzs+ZhkkWmj8r8qIDVY=
Subject key identifier: 20:32:97:F6:C3:C6:42:52:3A:31:9B:EF:FB:2E:58:14:09:B4:78:F9
Certificate issuer: /CN=ea1c951d61b87da19439784d23667a89cb3290a4
Certificate serial: 0194266B63A6526D75C8E74DC56217B68214
Authority key identifier: EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/IDKX9sPGQlI6MZvv-y5YFAm0ePk.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209984
IP address blocks: 213.226.84.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:63:a6:52:6d:75:c8:e7:4d:c5:62:17:b6:82:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1c951d61b87da19439784d23667a89cb3290a4
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=203297f6c3c642523a319beffb2e581409b478f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:2d:3c:c5:d9:e8:15:f0:b4:cd:cd:77:65:
28:1d:9d:b1:dd:97:54:02:97:a5:77:89:d8:6d:c7:
a1:59:e9:ec:44:b3:74:c8:02:7a:f1:95:9b:cf:45:
97:3f:5c:e4:91:12:f5:97:29:a1:5e:65:e4:4f:bb:
2e:85:cf:32:69:20:66:3f:0c:b6:9f:a9:f6:6b:fd:
e7:bb:f9:c9:20:65:08:01:6c:5a:f4:14:90:cd:21:
4b:59:50:3c:1b:f3:d1:40:88:eb:00:bd:d4:fd:5d:
47:eb:b7:b7:1e:d0:a5:cf:00:2d:42:d5:fe:d9:0d:
f6:42:61:0a:2f:2e:55:81:92:a2:5b:a3:1b:e3:fc:
ae:31:5c:d1:d8:af:08:4e:2b:b2:4b:3e:b2:ba:98:
15:16:84:b2:75:3d:96:f0:f5:80:43:ce:ce:bf:4e:
94:eb:7f:d3:b3:a0:0d:c5:6f:71:02:b7:3d:54:66:
11:e7:e0:ff:15:d5:66:c6:04:c3:ab:e7:7c:c5:32:
8c:9f:78:36:32:19:36:f8:52:51:b0:97:1a:0f:72:
7c:8c:fb:7f:f8:0c:00:d8:4e:8e:10:a8:44:09:ab:
3e:c2:91:4d:fa:5c:81:9d:8a:37:60:47:7a:89:f5:
d8:3d:30:0c:98:ba:b3:2e:d4:b3:ee:ac:fe:d8:d3:
f0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:32:97:F6:C3:C6:42:52:3A:31:9B:EF:FB:2E:58:14:09:B4:78:F9
X509v3 Authority Key Identifier:
keyid:EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/IDKX9sPGQlI6MZvv-y5YFAm0ePk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/6hyVHWG4faGUOXhNI2Z6icsykKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.226.84.0/22
Signature Algorithm: sha256WithRSAEncryption
01:08:23:79:08:ba:2c:d1:b0:88:b4:e4:fa:ff:d2:48:51:5c:
8c:70:67:9f:4b:77:84:d6:fa:fc:59:e9:4e:51:fb:38:20:c6:
37:a6:c5:5c:78:5f:f7:dd:c5:c6:ef:68:d1:81:ca:d7:11:6c:
d4:c5:7d:33:e6:a2:b5:ab:b1:e8:04:a5:65:44:70:4f:26:e7:
f7:14:46:ce:b3:18:36:f5:2e:d7:b7:38:4f:3e:0f:02:2c:62:
44:a7:03:43:aa:9b:4a:93:68:02:d4:d8:91:99:a1:65:ff:d8:
8b:9e:a8:62:15:1c:17:60:99:fe:bc:12:91:f3:92:60:55:52:
a7:51:0f:6b:78:b3:b1:3e:6e:17:87:1d:ea:b4:9a:66:c9:9c:
8d:ed:fa:be:91:0e:e9:d8:fb:f7:de:07:aa:57:b6:0e:3c:27:
1e:68:88:30:46:11:da:06:35:d1:51:16:55:20:f4:6a:81:05:
e7:4a:b4:9e:95:8c:26:f6:ae:01:3e:34:5c:75:82:16:70:65:
1e:d5:f9:ce:dd:53:0b:15:41:e9:ce:28:f8:a4:6a:10:5a:f5:
6c:b5:ab:d0:25:b7:31:7c:73:f7:e6:9e:6b:1a:f7:bb:93:87:
2d:f0:71:41:28:36:e8:44:e2:02:0f:57:e0:07:6c:78:89:5e:
37:2e:8d:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma2OmUm11yOdNxWIXtoIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMWM5NTFkNjFiODdkYTE5NDM5Nzg0ZDIzNjY3YTg5Y2Iz
MjkwYTQwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDMyOTdmNmMzYzY0MjUyM2EzMTliZWZmYjJlNTgxNDA5YjQ3OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn20tPMXZ6BXwtM3Nd2UoHZ2x3ZdU
Apeld4nYbcehWensRLN0yAJ68ZWbz0WXP1zkkRL1lymhXmXkT7suhc8yaSBmPwy2
n6n2a/3nu/nJIGUIAWxa9BSQzSFLWVA8G/PRQIjrAL3U/V1H67e3HtClzwAtQtX+
2Q32QmEKLy5VgZKiW6Mb4/yuMVzR2K8ITiuySz6yupgVFoSydT2W8PWAQ87Ov06U
63/Ts6ANxW9xArc9VGYR5+D/FdVmxgTDq+d8xTKMn3g2Mhk2+FJRsJcaD3J8jPt/
+AwA2E6OEKhECas+wpFN+lyBnYo3YEd6ifXYPTAMmLqzLtSz7qz+2NPwgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAyl/bDxkJSOjGb7/suWBQJtHj5MB8GA1UdIwQY
MBaAFOoclR1huH2hlDl4TSNmeonLMpCkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmh5VkhXRzRmYUdVT1hoTkkyWjZpY3N5a0tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MTc3MTUtOTQ4NC00MGY5LTg5NmMt
NzI0YjFhMDIxMmQ0LzEvSURLWDlzUEdRbEk2TVp2di15NVlGQW0wZVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MTc3MTUtOTQ4NC00MGY5LTg5NmMtNzI0YjFhMDIxMmQ0
LzEvNmh5VkhXRzRmYUdVT1hoTkkyWjZpY3N5a0tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1eJUMA0G
CSqGSIb3DQEBCwUAA4IBAQABCCN5CLos0bCItOT6/9JIUVyMcGefS3eE1vr8WelO
Ufs4IMY3psVceF/33cXG72jRgcrXEWzUxX0z5qK1q7HoBKVlRHBPJuf3FEbOsxg2
9S7XtzhPPg8CLGJEpwNDqptKk2gC1NiRmaFl/9iLnqhiFRwXYJn+vBKR85JgVVKn
UQ9reLOxPm4Xhx3qtJpmyZyN7fq+kQ7p2Pv33geqV7YOPCceaIgwRhHaBjXRURZV
IPRqgQXnSrSelYwm9q4BPjRcdYIWcGUe1fnO3VMLFUHpzij4pGoQWvVstavQJbcx
fHP35p5rGve7k4ct8HFBKDboROICD1fgB2x4iV43Lo27
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:52:14 2025 by rpki-client