Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/xpBtw8xNwQpBRT8ur2iAvN2a-zU.roa
File: xpBtw8xNwQpBRT8ur2iAvN2a-zU.roa (raw, json)
Hash identifier: 9EOMXCiP71GUhwUoav13zuQOWQdLg+I/B4p7vGgCnlw=
Subject key identifier: C6:90:6D:C3:CC:4D:C1:0A:41:45:3F:2E:AF:68:80:BC:DD:9A:FB:35
Certificate issuer: /CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Certificate serial: 019424B3DB0E460B87E32E2CD05B68BB378D
Authority key identifier: 15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/xpBtw8xNwQpBRT8ur2iAvN2a-zU.roa
Signing time: Thu 02 Jan 2025 01:49:14 +0000
ROA not before: Thu 02 Jan 2025 01:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201058
IP address blocks: 82.213.70.0/23 maxlen: 23
82.213.70.0/24 maxlen: 24
82.213.71.0/24 maxlen: 24
82.213.80.0/22 maxlen: 22
82.213.80.0/24 maxlen: 24
82.213.81.0/24 maxlen: 24
82.213.82.0/24 maxlen: 24
82.213.83.0/24 maxlen: 24
82.213.96.0/22 maxlen: 22
82.213.96.0/24 maxlen: 24
82.213.97.0/24 maxlen: 24
82.213.98.0/24 maxlen: 24
82.213.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:db:0e:46:0b:87:e3:2e:2c:d0:5b:68:bb:37:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Validity
Not Before: Jan 2 01:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6906dc3cc4dc10a41453f2eaf6880bcdd9afb35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:55:3d:0a:7b:91:23:7d:e3:a1:47:fd:e7:
33:30:e1:fb:d8:27:7b:83:d5:bf:f5:62:cd:9b:93:
3d:ba:f9:3a:95:08:4c:2f:30:e4:b8:1c:f8:e3:29:
e9:a8:04:a1:01:b8:2f:db:b5:fd:e1:a5:9a:92:62:
9e:76:ee:5c:3f:5a:8b:6c:e0:d8:9e:cc:0b:fd:6e:
71:7f:05:50:2c:a8:cf:08:80:17:a8:c6:4c:f8:44:
fe:3f:d1:24:96:f3:08:71:72:be:05:8e:50:e0:4c:
05:ed:99:d7:d5:f8:31:82:46:f3:ab:ab:8f:70:e5:
c9:93:39:27:9f:a3:af:b4:56:64:f5:08:bd:a2:e7:
81:fd:52:99:da:92:7e:df:09:89:78:78:66:28:0e:
24:a2:0a:13:54:e4:78:d5:ef:dd:69:5f:66:5f:e0:
a1:00:d1:1a:7e:25:70:45:88:0f:66:f1:6c:6e:22:
ab:41:2d:7f:eb:07:ac:00:1a:45:9e:71:71:4c:a9:
36:34:16:54:e5:86:37:5f:42:e5:79:9a:e0:c5:53:
ed:78:b9:db:6c:72:d1:17:49:53:74:9a:75:f1:90:
49:e9:25:1c:ca:ed:a4:ee:b8:61:e2:94:2d:dd:a8:
f6:d8:ff:1a:41:05:d1:97:9a:77:27:f5:bc:7e:a8:
63:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:90:6D:C3:CC:4D:C1:0A:41:45:3F:2E:AF:68:80:BC:DD:9A:FB:35
X509v3 Authority Key Identifier:
keyid:15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/xpBtw8xNwQpBRT8ur2iAvN2a-zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.213.70.0/23
82.213.80.0/22
82.213.96.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:2f:1c:a7:51:f6:a4:3f:89:49:bb:9a:89:18:9d:7d:cf:29:
8f:31:21:3b:f7:24:84:7b:0b:95:86:77:4f:aa:2f:be:a7:62:
32:5f:98:0f:47:05:91:cd:49:08:6a:e8:d4:e7:8a:c1:88:b1:
d5:71:41:7a:73:15:2d:ad:93:dd:a8:17:75:8f:4d:26:1a:d5:
a1:a7:73:9a:0b:d3:a3:c1:d8:2b:51:48:c9:55:9f:03:2c:a1:
46:d3:83:b6:12:cd:48:8f:42:c1:89:01:3c:47:63:c1:ff:98:
39:5e:9d:8b:46:18:bf:a9:ec:46:23:6a:5e:79:dd:d0:5e:52:
ea:65:bb:9b:54:80:4d:79:aa:33:85:df:6f:25:ba:7b:d6:56:
ca:b4:25:2e:27:23:ff:87:60:40:cd:12:0f:c3:2c:a0:4f:04:
08:35:3a:c3:5a:3c:61:7a:3a:f1:97:1c:6a:29:fb:62:eb:a4:
f8:54:6b:76:79:4c:ff:f5:28:17:6b:6e:9b:66:48:3d:fe:a5:
cb:c0:cf:20:16:a9:70:ed:9b:47:58:05:b6:57:77:0a:00:78:
ef:3b:0a:80:f2:a0:fe:26:00:14:39:40:87:d0:16:be:6f:d6:
c8:4e:b3:23:3d:32:a0:e3:8f:17:fa:af:e5:da:15:86:af:7e:
26:cf:b2:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks9sORguH4y4s0FtouzeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDFjODQ1ZjEzZGQ0YWQ2ZTlkYWU0NzBkNWZmNjljNWNj
YTM3NzEwHhcNMjUwMTAyMDE0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjkwNmRjM2NjNGRjMTBhNDE0NTNmMmVhZjY4ODBiY2RkOWFmYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26dVPQp7kSN946FH/eczMOH72Cd7
g9W/9WLNm5M9uvk6lQhMLzDkuBz44ynpqAShAbgv27X94aWakmKedu5cP1qLbODY
nswL/W5xfwVQLKjPCIAXqMZM+ET+P9EklvMIcXK+BY5Q4EwF7ZnX1fgxgkbzq6uP
cOXJkzknn6OvtFZk9Qi9oueB/VKZ2pJ+3wmJeHhmKA4kogoTVOR41e/daV9mX+Ch
ANEafiVwRYgPZvFsbiKrQS1/6wesABpFnnFxTKk2NBZU5YY3X0LleZrgxVPteLnb
bHLRF0lTdJp18ZBJ6SUcyu2k7rhh4pQt3aj22P8aQQXRl5p3J/W8fqhj7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMaQbcPMTcEKQUU/Lq9ogLzdmvs1MB8GA1UdIwQY
MBaAFBUByEXxPdStbp2uRw1f9pxcyjdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEt
ZWQ3OTE1NDM2YjI3LzEveHBCdHc4eE53UXBCUlQ4dXIyaUF2TjJhLXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEtZWQ3OTE1NDM2YjI3
LzEvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUtVGAwQC
UtVQAwQCUtVgMA0GCSqGSIb3DQEBCwUAA4IBAQC9LxynUfakP4lJu5qJGJ19zymP
MSE79ySEewuVhndPqi++p2IyX5gPRwWRzUkIaujU54rBiLHVcUF6cxUtrZPdqBd1
j00mGtWhp3OaC9OjwdgrUUjJVZ8DLKFG04O2Es1Ij0LBiQE8R2PB/5g5Xp2LRhi/
qexGI2peed3QXlLqZbubVIBNeaozhd9vJbp71lbKtCUuJyP/h2BAzRIPwyygTwQI
NTrDWjxhejrxlxxqKfti66T4VGt2eUz/9SgXa26bZkg9/qXLwM8gFqlw7ZtHWAW2
V3cKAHjvOwqA8qD+JgAUOUCH0Ba+b9bITrMjPTKg448X+q/l2hWGr34mz7KT
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:17:44 2025 by rpki-client