Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/ERKKjb9maK6l2D8S98DiUvq_sHY.roa
File: ERKKjb9maK6l2D8S98DiUvq_sHY.roa (raw, json)
Hash identifier: K5h5Qq2Di55EgzF5bOxkfD2fsAbyW8q02xX4iijsUmk=
Subject key identifier: 11:12:8A:8D:BF:66:68:AE:A5:D8:3F:12:F7:C0:E2:52:FA:BF:B0:76
Certificate issuer: /CN=440e88c3137f8a915f7da1b5c0341ca18c2c234c
Certificate serial: 0196220B5EE12B8D7A23CC0D53D96D604055
Authority key identifier: 44:0E:88:C3:13:7F:8A:91:5F:7D:A1:B5:C0:34:1C:A1:8C:2C:23:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RA6IwxN_ipFffaG1wDQcoYwsI0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/ERKKjb9maK6l2D8S98DiUvq_sHY.roa
Signing time: Thu 10 Apr 2025 23:31:32 +0000
ROA not before: Thu 10 Apr 2025 23:31:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 213.5.173.0/24 maxlen: 24
213.5.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:22:0b:5e:e1:2b:8d:7a:23:cc:0d:53:d9:6d:60:40:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=440e88c3137f8a915f7da1b5c0341ca18c2c234c
Validity
Not Before: Apr 10 23:31:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11128a8dbf6668aea5d83f12f7c0e252fabfb076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:92:72:5e:22:3b:27:e0:c9:61:81:07:e1:ef:
bd:2f:84:c1:a1:88:4d:99:5d:81:e9:e5:bb:19:bd:
f6:3b:7e:ec:2e:53:36:98:a1:f2:22:f3:aa:44:a3:
9e:f4:ac:f4:46:92:ba:e3:bb:80:b4:e7:59:e4:e3:
c3:57:68:ac:37:d1:10:d0:c3:f7:d2:f9:47:e1:cf:
61:9d:6b:8f:19:cc:7c:ee:0b:96:d7:93:2f:4b:0d:
4b:54:bc:c3:80:96:95:78:b5:d9:7d:d4:4c:e1:2f:
2c:c1:18:5c:5c:53:99:14:ca:b4:73:e2:60:e5:4e:
4f:b9:e9:d5:33:2c:24:ce:4a:d6:b4:dd:e9:27:8f:
56:1c:b6:25:9d:36:a1:9c:57:bf:ac:02:21:ea:91:
fa:a2:f7:fd:90:69:a1:b2:2d:91:7c:0b:8a:53:34:
8f:ab:1f:81:49:2d:31:f1:d1:4d:2c:e0:15:3b:ed:
85:b9:92:3e:d0:86:89:02:2a:c5:0d:72:18:d6:05:
2e:f9:69:2b:74:ca:c7:83:6d:82:0d:e2:ef:f6:17:
1f:a5:f9:0c:51:c5:8a:0c:7c:08:4e:fd:71:b5:dc:
d8:95:13:85:7f:71:c9:d5:78:b8:62:1b:6a:5b:77:
66:4f:e4:56:a3:1a:a0:ec:65:e1:7b:dc:af:ec:2f:
18:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:12:8A:8D:BF:66:68:AE:A5:D8:3F:12:F7:C0:E2:52:FA:BF:B0:76
X509v3 Authority Key Identifier:
keyid:44:0E:88:C3:13:7F:8A:91:5F:7D:A1:B5:C0:34:1C:A1:8C:2C:23:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RA6IwxN_ipFffaG1wDQcoYwsI0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/ERKKjb9maK6l2D8S98DiUvq_sHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0789aa-9e73-45ee-91b6-143ff60d9991/1/RA6IwxN_ipFffaG1wDQcoYwsI0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.173.0-213.5.174.255
Signature Algorithm: sha256WithRSAEncryption
81:45:f7:37:57:34:7d:6b:2d:e3:0c:a7:3d:26:cd:ec:8b:24:
fc:e6:39:ec:20:06:25:cf:21:3c:89:b1:d8:24:93:08:0c:96:
30:4b:30:2f:47:a5:dd:f3:1e:16:a7:d9:96:b1:6f:0a:0d:5b:
74:cc:f7:07:ef:ed:90:02:7d:da:7c:b1:0a:d8:29:f6:2e:b4:
3e:10:6d:09:0b:c9:08:c1:c1:d4:d8:c5:b6:74:ce:18:f4:9c:
ac:71:01:8d:d6:fe:96:78:ee:3d:a6:67:4f:ab:60:09:64:24:
02:f5:f3:97:8b:10:79:64:03:71:11:da:99:58:b3:44:82:dc:
46:8d:89:f6:f6:47:d2:62:2f:00:de:eb:0c:3c:07:d0:23:f9:
94:59:23:94:85:63:dd:42:7c:c7:43:b8:4d:13:92:4a:ce:b2:
fb:24:97:a2:12:93:fb:aa:02:93:09:3a:ca:49:46:b8:3e:60:
58:a7:20:f5:21:45:27:df:60:02:a4:04:54:a6:5b:38:e5:b5:
ed:08:ad:b2:af:a4:8f:61:79:e4:83:48:e7:b6:a4:e7:26:07:
da:5d:e4:97:5b:6f:71:a8:62:11:8a:ec:fd:fa:d9:c0:7a:e2:
34:2d:bd:ad:6a:a8:f2:3e:e9:1d:c3:6a:14:b3:b8:4c:69:0e:
f7:36:ef:57
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYiC17hK416I8wNU9ltYEBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MGU4OGMzMTM3ZjhhOTE1ZjdkYTFiNWMwMzQxY2ExOGMy
YzIzNGMwHhcNMjUwNDEwMjMzMTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTEyOGE4ZGJmNjY2OGFlYTVkODNmMTJmN2MwZTI1MmZhYmZiMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJJyXiI7J+DJYYEH4e+9L4TBoYhN
mV2B6eW7Gb32O37sLlM2mKHyIvOqRKOe9Kz0RpK647uAtOdZ5OPDV2isN9EQ0MP3
0vlH4c9hnWuPGcx87guW15MvSw1LVLzDgJaVeLXZfdRM4S8swRhcXFOZFMq0c+Jg
5U5PuenVMywkzkrWtN3pJ49WHLYlnTahnFe/rAIh6pH6ovf9kGmhsi2RfAuKUzSP
qx+BSS0x8dFNLOAVO+2FuZI+0IaJAirFDXIY1gUu+WkrdMrHg22CDeLv9hcfpfkM
UcWKDHwITv1xtdzYlROFf3HJ1Xi4YhtqW3dmT+RWoxqg7GXhe9yv7C8YywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBESio2/Zmiupdg/EvfA4lL6v7B2MB8GA1UdIwQY
MBaAFEQOiMMTf4qRX32htcA0HKGMLCNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkE2SXd4Tl9pcEZmZmFHMXdEUWNvWXdzSTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wNzg5YWEtOWU3My00NWVlLTkxYjYt
MTQzZmY2MGQ5OTkxLzEvRVJLS2piOW1hSzZsMkQ4Uzk4RGlVdnFfc0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8wNzg5YWEtOWU3My00NWVlLTkxYjYtMTQzZmY2MGQ5OTkx
LzEvUkE2SXd4Tl9pcEZmZmFHMXdEUWNvWXdzSTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADVBa0D
BADVBa4wDQYJKoZIhvcNAQELBQADggEBAIFF9zdXNH1rLeMMpz0mzeyLJPzmOewg
BiXPITyJsdgkkwgMljBLMC9Hpd3zHhan2ZaxbwoNW3TM9wfv7ZACfdp8sQrYKfYu
tD4QbQkLyQjBwdTYxbZ0zhj0nKxxAY3W/pZ47j2mZ0+rYAlkJAL185eLEHlkA3ER
2plYs0SC3EaNifb2R9JiLwDe6ww8B9Aj+ZRZI5SFY91CfMdDuE0TkkrOsvskl6IS
k/uqApMJOspJRrg+YFinIPUhRSffYAKkBFSmWzjlte0IrbKvpI9heeSDSOe2pOcm
B9pd5Jdbb3GoYhGK7P362cB64jQtva1qqPI+6R3DahSzuExpDvc271c=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:05 2025 by rpki-client on console.sobornost.net