Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/2nB34LVBbtl74aGRyrgO8R7Ndlc.roa
File: 2nB34LVBbtl74aGRyrgO8R7Ndlc.roa (raw, json)
Hash identifier: vcU/vsmwMZU339dKKRVuUgWsl3f587fyzQ0cKDXFwYs=
Subject key identifier: DA:70:77:E0:B5:41:6E:D9:7B:E1:A1:91:CA:B8:0E:F1:1E:CD:76:57
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 0194228D77E237FFC45D98A25EA19D515370
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/2nB34LVBbtl74aGRyrgO8R7Ndlc.roa
Signing time: Wed 01 Jan 2025 15:48:04 +0000
ROA not before: Wed 01 Jan 2025 15:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43844
IP address blocks: 212.25.130.0/23 maxlen: 24
212.25.144.0/21 maxlen: 21
212.25.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:77:e2:37:ff:c4:5d:98:a2:5e:a1:9d:51:53:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jan 1 15:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da7077e0b5416ed97be1a191cab80ef11ecd7657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9c:c2:82:44:d5:99:93:a6:fb:ad:79:7a:99:
4d:61:76:48:10:74:ab:17:a9:57:25:16:a3:a0:6a:
ef:be:26:4a:80:9f:64:56:77:82:4a:c0:98:5d:73:
97:75:8b:fd:86:a7:72:56:58:1d:fa:96:5e:30:2b:
50:3e:5b:81:82:b4:49:16:6f:94:12:47:e0:af:4d:
54:d3:f6:68:75:58:18:51:3c:cd:8b:52:af:b9:f2:
ac:29:2b:5a:84:f0:c0:c7:12:53:0a:3d:27:f2:a6:
f0:47:bb:18:56:db:7e:30:50:5b:71:5a:78:5b:2d:
ae:8e:25:2b:7a:bf:56:f6:7f:a2:7e:6d:51:14:46:
66:b1:35:f8:4b:44:ac:19:2c:7a:c7:c9:40:f0:c2:
44:91:e4:69:ff:80:bc:c6:0d:90:7d:83:f6:1d:ab:
7d:ad:0c:b0:93:c7:52:b1:8c:3e:61:57:8e:cc:36:
fd:3b:fe:5a:4a:ea:71:60:3d:b9:c6:0a:ea:57:1f:
e5:f4:23:a1:23:f5:99:c2:82:67:cc:97:ec:85:5d:
89:97:59:83:4c:e5:c0:a3:81:7b:e8:fa:e0:a1:2d:
5c:68:5d:18:1b:6d:c4:49:eb:00:e1:67:f7:8c:20:
95:99:03:ed:25:a1:02:22:13:a5:2e:2e:5e:97:b2:
48:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:70:77:E0:B5:41:6E:D9:7B:E1:A1:91:CA:B8:0E:F1:1E:CD:76:57
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/2nB34LVBbtl74aGRyrgO8R7Ndlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.25.130.0/23
212.25.144.0-212.25.155.255
Signature Algorithm: sha256WithRSAEncryption
bc:4c:04:35:d2:25:3a:e2:ba:9b:6b:7e:af:12:ca:69:29:a3:
ad:2b:94:6c:df:08:4c:a1:54:44:3e:7f:59:8e:5f:61:0b:24:
e0:f0:28:10:e4:9b:b3:73:c6:9a:e4:dc:98:ee:eb:f6:0a:fb:
18:3e:2e:d7:14:94:d5:ad:5d:14:b9:89:7c:f9:c2:e7:f4:55:
1d:8d:59:03:73:47:79:c3:43:ad:77:b3:52:83:c0:19:1d:e5:
c0:42:cf:9c:cd:97:4f:ef:ac:3f:25:3d:6b:73:9d:ee:6b:81:
f5:bf:7f:98:05:75:90:a8:b2:c1:70:00:4b:55:fa:1e:cb:d4:
92:75:8d:05:65:12:59:b0:98:0d:32:40:05:97:5f:dc:16:73:
bb:a2:c3:ba:0e:19:e2:ab:45:be:a4:3e:df:e5:36:28:5f:04:
5a:65:1f:fb:91:dd:b2:e9:72:09:a8:48:7a:0f:43:8d:db:e3:
f5:33:fb:d4:58:d3:56:8a:34:27:ad:89:f0:38:b2:fe:43:05:
43:77:c6:db:78:67:f3:3a:93:8d:28:88:f1:d4:e1:85:60:2b:
86:4c:32:bb:20:c4:3c:5f:4f:02:37:65:9d:01:ce:4c:41:24:
f3:7a:78:93:6d:fc:af:51:cc:70:e2:3b:2d:04:de:a2:23:44:
5a:2a:9e:44
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQijXfiN//EXZiiXqGdUVNwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDFmMjNjZTgyMWMyNjRkNjc3Mjc1MzZlYzE4MzUzNzU5
NGM1ZjIwHhcNMjUwMTAxMTU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTcwNzdlMGI1NDE2ZWQ5N2JlMWExOTFjYWI4MGVmMTFlY2Q3NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJzCgkTVmZOm+615eplNYXZIEHSr
F6lXJRajoGrvviZKgJ9kVneCSsCYXXOXdYv9hqdyVlgd+pZeMCtQPluBgrRJFm+U
Ekfgr01U0/ZodVgYUTzNi1KvufKsKStahPDAxxJTCj0n8qbwR7sYVtt+MFBbcVp4
Wy2ujiUrer9W9n+ifm1RFEZmsTX4S0SsGSx6x8lA8MJEkeRp/4C8xg2QfYP2Hat9
rQywk8dSsYw+YVeOzDb9O/5aSupxYD25xgrqVx/l9COhI/WZwoJnzJfshV2Jl1mD
TOXAo4F76PrgoS1caF0YG23ESesA4Wf3jCCVmQPtJaECIhOlLi5el7JI0wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNpwd+C1QW7Ze+Ghkcq4DvEezXZXMB8GA1UdIwQY
MBaAFOgB8jzoIcJk1ncnU27Bg1N1lMXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAt
NDY0ZWIxODNiNTY4LzEvMm5CMzRMVkJidGw3NGFHUnlyZ084UjdOZGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAtNDY0ZWIxODNiNTY4
LzEvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQB1BmCMAwD
BATUGZADBALUGZgwDQYJKoZIhvcNAQELBQADggEBALxMBDXSJTriuptrfq8Symkp
o60rlGzfCEyhVEQ+f1mOX2ELJODwKBDkm7Nzxprk3Jju6/YK+xg+LtcUlNWtXRS5
iXz5wuf0VR2NWQNzR3nDQ613s1KDwBkd5cBCz5zNl0/vrD8lPWtzne5rgfW/f5gF
dZCossFwAEtV+h7L1JJ1jQVlElmwmA0yQAWXX9wWc7uiw7oOGeKrRb6kPt/lNihf
BFplH/uR3bLpcgmoSHoPQ43b4/Uz+9RY01aKNCetifA4sv5DBUN3xtt4Z/M6k40o
iPHU4YVgK4ZMMrsgxDxfTwI3ZZ0BzkxBJPN6eJNt/K9RzHDiOy0E3qIjRFoqnkQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:26:55 2025 by rpki-client