Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/f598b8-3a2f-4155-95fd-5f8167024968/1/C34tazcwNVlNSOFrV60y2M-X8qQ.roa
File: C34tazcwNVlNSOFrV60y2M-X8qQ.roa (raw, json)
Hash identifier: b9R8fiAJDWhh3NSy/h3YHxxWL9I8BBsmTu4q52FZ+Mo=
Subject key identifier: 0B:7E:2D:6B:37:30:35:59:4D:48:E1:6B:57:AD:32:D8:CF:97:F2:A4
Certificate issuer: /CN=0e2d1edc0cc697742cf47364bb1d11b8ff808eae
Certificate serial: 019421B2195478CB39B368E86F6EBBCBA5DE
Authority key identifier: 0E:2D:1E:DC:0C:C6:97:74:2C:F4:73:64:BB:1D:11:B8:FF:80:8E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Di0e3AzGl3Qs9HNkux0RuP-Ajq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/f598b8-3a2f-4155-95fd-5f8167024968/1/C34tazcwNVlNSOFrV60y2M-X8qQ.roa
Signing time: Wed 01 Jan 2025 11:48:27 +0000
ROA not before: Wed 01 Jan 2025 11:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215510
IP address blocks: 185.238.139.0/24 maxlen: 24
2a13:100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:19:54:78:cb:39:b3:68:e8:6f:6e:bb:cb:a5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e2d1edc0cc697742cf47364bb1d11b8ff808eae
Validity
Not Before: Jan 1 11:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b7e2d6b373035594d48e16b57ad32d8cf97f2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:25:c4:a4:56:7b:1c:28:a2:d7:e0:8f:2d:91:
32:e1:3e:dd:b1:b8:6c:de:f1:98:f0:48:44:92:a2:
f0:49:e0:40:2f:c0:72:94:7a:94:7c:34:06:a0:21:
f2:7e:5a:61:b8:f9:7a:2c:7e:fb:81:06:79:8b:38:
b0:2a:8e:f8:7e:e3:9a:13:d2:dc:6b:10:6c:ea:f3:
20:f5:cb:c3:b3:f3:7a:37:bb:60:79:b1:ac:27:6a:
28:c2:7c:65:44:26:42:b6:63:17:db:47:0b:57:04:
23:77:e4:e7:24:ff:92:84:23:f2:24:3f:11:67:1f:
70:13:27:19:a4:56:99:63:19:17:02:6d:12:a8:03:
23:30:6c:1b:c5:bd:a3:ad:ee:c0:8c:5c:7d:12:5c:
38:98:e1:ab:30:08:87:9b:db:4e:7b:78:2e:02:d2:
7b:14:71:94:e9:37:29:e1:28:e9:ea:3e:2a:a3:e8:
b2:6c:a3:b6:35:49:e1:51:8b:1b:2e:0f:1e:a2:47:
4b:fb:f0:df:52:6f:66:f3:8a:65:44:ff:80:65:ee:
27:51:6d:07:bc:5b:ab:ea:f3:49:8d:46:c8:04:dc:
00:0e:c3:ae:d8:50:2a:0e:dc:ef:27:01:1f:ef:10:
d7:f6:df:6b:08:fd:fd:b0:6f:f9:19:aa:ca:8d:94:
f6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7E:2D:6B:37:30:35:59:4D:48:E1:6B:57:AD:32:D8:CF:97:F2:A4
X509v3 Authority Key Identifier:
keyid:0E:2D:1E:DC:0C:C6:97:74:2C:F4:73:64:BB:1D:11:B8:FF:80:8E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Di0e3AzGl3Qs9HNkux0RuP-Ajq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/f598b8-3a2f-4155-95fd-5f8167024968/1/C34tazcwNVlNSOFrV60y2M-X8qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/f598b8-3a2f-4155-95fd-5f8167024968/1/Di0e3AzGl3Qs9HNkux0RuP-Ajq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.139.0/24
IPv6:
2a13:100::/29
Signature Algorithm: sha256WithRSAEncryption
20:32:a2:16:69:75:aa:0b:c9:83:53:d9:4e:c4:7d:d0:19:99:
03:42:ef:7a:42:61:b1:99:10:52:c5:70:b3:63:0d:8b:3b:75:
4e:90:ae:42:63:da:45:69:d5:9e:44:65:fe:1c:83:8e:f6:e2:
dc:96:d9:84:5b:10:47:d2:14:25:42:29:14:bd:85:23:89:92:
b1:44:1c:8a:8a:1f:8c:67:c0:0d:31:9d:2b:ab:67:11:92:fd:
b7:fd:86:18:ee:7d:c4:b0:8d:cf:61:64:3d:37:9c:fa:cf:7f:
68:42:68:a7:31:25:3e:4b:c3:5f:f1:14:c5:e0:5c:97:32:94:
6a:3e:53:ce:07:de:6d:61:ac:2b:22:d5:34:e1:6b:d1:c3:f3:
cd:f2:b1:b7:1d:1b:57:73:02:1c:a7:e0:1b:6f:f2:b0:da:9d:
69:5b:39:69:b6:4b:2f:f5:86:38:cb:c2:42:45:ce:b9:c1:7f:
a6:71:56:74:d3:e0:7f:ac:9c:82:68:47:d1:22:e2:e5:9d:40:
93:97:43:70:9e:25:f6:0d:cf:df:60:e0:59:f5:9f:ab:69:be:
69:df:af:2f:3e:ee:4c:60:8a:02:05:ec:4b:4c:02:71:2e:78:
ae:44:19:50:41:6f:a1:0e:47:8d:3b:53:ee:07:ed:80:c3:0c:
0d:e7:74:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhshlUeMs5s2job267y6XeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMmQxZWRjMGNjNjk3NzQyY2Y0NzM2NGJiMWQxMWI4ZmY4
MDhlYWUwHhcNMjUwMTAxMTE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjdlMmQ2YjM3MzAzNTU5NGQ0OGUxNmI1N2FkMzJkOGNmOTdmMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCXEpFZ7HCii1+CPLZEy4T7dsbhs
3vGY8EhEkqLwSeBAL8BylHqUfDQGoCHyflphuPl6LH77gQZ5iziwKo74fuOaE9Lc
axBs6vMg9cvDs/N6N7tgebGsJ2oownxlRCZCtmMX20cLVwQjd+TnJP+ShCPyJD8R
Zx9wEycZpFaZYxkXAm0SqAMjMGwbxb2jre7AjFx9Elw4mOGrMAiHm9tOe3guAtJ7
FHGU6Tcp4Sjp6j4qo+iybKO2NUnhUYsbLg8eokdL+/DfUm9m84plRP+AZe4nUW0H
vFur6vNJjUbIBNwADsOu2FAqDtzvJwEf7xDX9t9rCP39sG/5GarKjZT2HwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAt+LWs3MDVZTUjha1etMtjPl/KkMB8GA1UdIwQY
MBaAFA4tHtwMxpd0LPRzZLsdEbj/gI6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGkwZTNBekdsM1FzOUhOa3V4MFJ1UC1BanE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9mNTk4YjgtM2EyZi00MTU1LTk1ZmQt
NWY4MTY3MDI0OTY4LzEvQzM0dGF6Y3dOVmxOU09GclY2MHkyTS1YOHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9mNTk4YjgtM2EyZi00MTU1LTk1ZmQtNWY4MTY3MDI0OTY4
LzEvRGkwZTNBekdsM1FzOUhOa3V4MFJ1UC1BanE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAue6LMA0E
AgACMAcDBQMqEwEAMA0GCSqGSIb3DQEBCwUAA4IBAQAgMqIWaXWqC8mDU9lOxH3Q
GZkDQu96QmGxmRBSxXCzYw2LO3VOkK5CY9pFadWeRGX+HIOO9uLcltmEWxBH0hQl
QikUvYUjiZKxRByKih+MZ8ANMZ0rq2cRkv23/YYY7n3EsI3PYWQ9N5z6z39oQmin
MSU+S8Nf8RTF4FyXMpRqPlPOB95tYawrItU04WvRw/PN8rG3HRtXcwIcp+Abb/Kw
2p1pWzlptksv9YY4y8JCRc65wX+mcVZ00+B/rJyCaEfRIuLlnUCTl0NwniX2Dc/f
YOBZ9Z+rab5p368vPu5MYIoCBexLTAJxLniuRBlQQW+hDkeNO1PuB+2AwwwN53TV
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:53:32 2025 by rpki-client