Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/084f71-927a-4fa8-bea5-cd87ee970e6f/1/xjdC4ob7aRS2Ev-O6nidCaBCpZg.roa
File: xjdC4ob7aRS2Ev-O6nidCaBCpZg.roa (raw, json)
Hash identifier: SBgN/gihku+/q5pAC+Vic8NfDHBeeV+OVc/nVKV8Vm4=
Subject key identifier: C6:37:42:E2:86:FB:69:14:B6:12:FF:8E:EA:78:9D:09:A0:42:A5:98
Certificate issuer: /CN=3214b48af46ffc6d56dd0bab3b3187de53e9eb23
Certificate serial: 0194228DB821E1DAC7F89975340B3DBEA751
Authority key identifier: 32:14:B4:8A:F4:6F:FC:6D:56:DD:0B:AB:3B:31:87:DE:53:E9:EB:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MhS0ivRv_G1W3QurOzGH3lPp6yM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/084f71-927a-4fa8-bea5-cd87ee970e6f/1/xjdC4ob7aRS2Ev-O6nidCaBCpZg.roa
Signing time: Wed 01 Jan 2025 15:48:20 +0000
ROA not before: Wed 01 Jan 2025 15:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205012
IP address blocks: 213.134.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b8:21:e1:da:c7:f8:99:75:34:0b:3d:be:a7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3214b48af46ffc6d56dd0bab3b3187de53e9eb23
Validity
Not Before: Jan 1 15:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c63742e286fb6914b612ff8eea789d09a042a598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:08:b2:bc:02:48:cb:30:65:1f:9f:88:fa:7c:
a7:cc:ec:0d:20:39:1f:b6:8f:1a:5f:50:df:33:54:
b9:1a:f4:7e:02:48:a1:c4:dc:69:73:ce:0e:9e:41:
81:e7:b8:ee:15:93:1b:09:ad:5d:a2:04:62:60:23:
6c:4f:d1:27:7b:99:f8:cb:e5:6f:8b:6a:76:8a:e6:
e4:0f:09:3b:2b:fd:b2:3f:2b:36:9e:a6:5f:0c:d8:
d9:46:34:9d:b8:e6:e3:9b:11:99:a1:59:64:12:09:
0f:ac:26:19:3f:01:d5:cc:64:75:5e:77:02:6b:ed:
89:80:8e:ec:95:ef:d8:4a:1d:50:46:b4:e8:90:3f:
d7:8e:69:cb:ec:8d:f8:82:49:53:95:26:58:69:0f:
36:34:ca:08:03:6e:69:ca:48:ed:9a:59:89:fb:be:
f9:1a:3b:f7:21:f8:1f:d2:8f:c2:42:55:d7:62:22:
09:d4:cf:9a:bd:24:3b:87:0e:e0:66:ad:a6:53:2e:
c8:e5:44:8b:e6:bc:4a:5c:4e:f9:4f:fa:0b:39:5d:
f8:ba:c0:6b:f3:1f:e8:cb:1f:23:de:61:4b:33:ee:
3a:20:72:bf:a0:ee:0b:bd:9d:a7:a3:67:32:f4:35:
64:36:c0:4c:82:43:2c:51:4a:e2:7a:99:82:03:ce:
e8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:37:42:E2:86:FB:69:14:B6:12:FF:8E:EA:78:9D:09:A0:42:A5:98
X509v3 Authority Key Identifier:
keyid:32:14:B4:8A:F4:6F:FC:6D:56:DD:0B:AB:3B:31:87:DE:53:E9:EB:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MhS0ivRv_G1W3QurOzGH3lPp6yM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/084f71-927a-4fa8-bea5-cd87ee970e6f/1/xjdC4ob7aRS2Ev-O6nidCaBCpZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/084f71-927a-4fa8-bea5-cd87ee970e6f/1/MhS0ivRv_G1W3QurOzGH3lPp6yM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.134.9.0/24
Signature Algorithm: sha256WithRSAEncryption
92:d6:cc:83:8f:32:72:28:e1:56:d1:7e:6c:d8:f6:1e:d5:c1:
ac:59:13:28:81:0f:10:a3:af:47:3a:4f:db:d2:cf:94:5d:d9:
11:35:9f:f0:07:3e:f4:dc:74:ca:71:a1:87:6f:38:9a:7e:77:
eb:df:c8:e1:f1:a6:8e:c7:6c:f3:85:49:fe:d5:bf:78:64:01:
e1:4e:06:4f:59:6f:8e:21:b1:26:43:4c:39:47:f0:5e:c3:d7:
f8:25:20:b5:e1:3f:bf:b0:c9:38:a0:56:26:f3:86:c4:dc:00:
e4:f6:2a:3a:66:dd:e3:d8:36:32:5b:7f:70:bc:54:fd:48:e6:
7f:ce:6d:14:2a:80:1a:94:ae:01:08:05:b1:5e:38:73:c3:90:
9c:46:d8:4e:24:d1:08:c8:e8:01:f4:70:40:fb:59:5d:9f:10:
78:00:28:a7:bd:90:05:17:d0:dc:26:de:bb:4c:10:57:ea:16:
c1:8a:9c:a3:f8:86:e5:aa:6d:bf:cf:ea:ce:8a:68:74:9f:af:
c3:f7:d4:fa:ed:ec:0a:20:6a:27:ba:bc:f0:12:d1:94:a6:d2:
95:f5:f8:fe:b2:46:df:b2:26:9c:74:a4:ce:c9:e4:eb:c1:e9:
b3:a5:82:62:97:9d:07:aa:60:86:90:66:62:5b:76:6a:47:23:
16:60:7d:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijbgh4drH+Jl1NAs9vqdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMTRiNDhhZjQ2ZmZjNmQ1NmRkMGJhYjNiMzE4N2RlNTNl
OWViMjMwHhcNMjUwMTAxMTU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM3NDJlMjg2ZmI2OTE0YjYxMmZmOGVlYTc4OWQwOWEwNDJhNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswiyvAJIyzBlH5+I+nynzOwNIDkf
to8aX1DfM1S5GvR+AkihxNxpc84OnkGB57juFZMbCa1dogRiYCNsT9Ene5n4y+Vv
i2p2iubkDwk7K/2yPys2nqZfDNjZRjSduObjmxGZoVlkEgkPrCYZPwHVzGR1XncC
a+2JgI7sle/YSh1QRrTokD/XjmnL7I34gklTlSZYaQ82NMoIA25pykjtmlmJ+775
Gjv3Ifgf0o/CQlXXYiIJ1M+avSQ7hw7gZq2mUy7I5USL5rxKXE75T/oLOV34usBr
8x/oyx8j3mFLM+46IHK/oO4LvZ2no2cy9DVkNsBMgkMsUUriepmCA87odwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMY3QuKG+2kUthL/jup4nQmgQqWYMB8GA1UdIwQY
MBaAFDIUtIr0b/xtVt0Lqzsxh95T6esjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWhTMGl2UnZfRzFXM1F1ck96R0gzbFBwNnlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wODRmNzEtOTI3YS00ZmE4LWJlYTUt
Y2Q4N2VlOTcwZTZmLzEveGpkQzRvYjdhUlMyRXYtTzZuaWRDYUJDcFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wODRmNzEtOTI3YS00ZmE4LWJlYTUtY2Q4N2VlOTcwZTZm
LzEvTWhTMGl2UnZfRzFXM1F1ck96R0gzbFBwNnlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YYJMA0G
CSqGSIb3DQEBCwUAA4IBAQCS1syDjzJyKOFW0X5s2PYe1cGsWRMogQ8Qo69HOk/b
0s+UXdkRNZ/wBz703HTKcaGHbziafnfr38jh8aaOx2zzhUn+1b94ZAHhTgZPWW+O
IbEmQ0w5R/Bew9f4JSC14T+/sMk4oFYm84bE3ADk9io6Zt3j2DYyW39wvFT9SOZ/
zm0UKoAalK4BCAWxXjhzw5CcRthOJNEIyOgB9HBA+1ldnxB4ACinvZAFF9DcJt67
TBBX6hbBipyj+Iblqm2/z+rOimh0n6/D99T67ewKIGonurzwEtGUptKV9fj+skbf
siacdKTOyeTrwemzpYJil50HqmCGkGZiW3ZqRyMWYH2e
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:04:10 2025 by rpki-client