Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/08gO2xhzYB9MrOPyUgzVPTFsEks.roa
File: 08gO2xhzYB9MrOPyUgzVPTFsEks.roa (raw, json)
Hash identifier: uuTu5Ilmhz+ZTWX0lT3lDAgUnguN/hhWVP6RiQFWbO0=
Subject key identifier: D3:C8:0E:DB:18:73:60:1F:4C:AC:E3:F2:52:0C:D5:3D:31:6C:12:4B
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 01942825D0B80977004E44E6BE3DC3AE4A01
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/08gO2xhzYB9MrOPyUgzVPTFsEks.roa
Signing time: Thu 02 Jan 2025 17:52:34 +0000
ROA not before: Thu 02 Jan 2025 17:52:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20559
IP address blocks: 213.249.72.0/24 maxlen: 24
2a01:448:72::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:d0:b8:09:77:00:4e:44:e6:be:3d:c3:ae:4a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 2 17:52:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3c80edb1873601f4cace3f2520cd53d316c124b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:53:26:d2:d6:57:af:f4:d7:65:bc:21:fd:b0:
d2:e6:00:ed:52:9c:27:41:f4:1e:6c:16:04:0e:11:
8c:45:e6:5d:48:ff:1d:2d:46:e2:76:c9:3d:2e:c2:
54:c7:4e:79:a0:f2:54:a9:af:0d:71:99:b0:14:4b:
b3:04:07:a7:8b:4b:cb:f4:27:e9:9a:0a:a6:0f:36:
ad:8b:d4:55:c9:1a:44:c7:39:f1:c0:b2:2f:b5:11:
0b:03:80:40:8e:3e:3e:25:af:a7:0c:41:27:e6:be:
7d:cf:e9:9d:6b:8b:fb:bb:75:92:3e:3e:24:21:1c:
ed:f4:a3:11:61:d4:e3:5c:5a:0b:56:bb:cb:07:2c:
63:82:e9:e5:1b:90:e3:5a:b5:9c:69:de:af:6c:ad:
29:02:8f:79:2a:db:c9:85:c0:ec:69:82:b0:e1:2b:
13:43:71:ce:51:3c:70:01:7b:35:67:19:4e:0b:1b:
a0:cc:34:b8:67:62:07:07:75:96:a4:db:5e:bb:38:
76:23:bc:44:5a:3c:6e:99:9c:13:cb:ca:4b:c8:e5:
cd:31:87:57:ee:ce:16:37:9c:41:dd:47:ec:27:f4:
1e:a9:4c:84:6d:6b:61:5f:2c:50:b1:73:3c:cf:75:
5e:af:ed:0c:26:91:f3:68:73:97:64:5e:1d:b5:5e:
e2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C8:0E:DB:18:73:60:1F:4C:AC:E3:F2:52:0C:D5:3D:31:6C:12:4B
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/08gO2xhzYB9MrOPyUgzVPTFsEks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.249.72.0/24
IPv6:
2a01:448:72::/48
Signature Algorithm: sha256WithRSAEncryption
57:2b:6f:5d:9a:e1:7a:c0:95:f1:a2:b6:5a:dd:49:0e:75:72:
87:be:5a:30:f6:56:6e:a1:54:a1:ae:df:30:17:9b:04:f7:51:
b0:a0:a0:3c:b5:eb:f5:6a:25:f5:ca:6f:f6:47:4f:ea:db:7e:
a7:5b:4c:ff:bb:f0:97:53:22:ce:6e:0c:eb:bc:97:b2:5c:71:
d1:73:6f:f7:49:53:81:9d:64:74:95:35:0f:fd:84:c0:28:bd:
1f:27:4d:dd:e1:c5:09:e7:8a:30:35:95:1e:21:79:d0:96:d7:
bb:7c:a0:d8:98:80:c2:c0:48:63:41:1e:af:c6:b4:9a:60:7a:
40:3a:e7:bc:62:51:7a:73:87:f6:16:cf:a8:1d:14:eb:42:ab:
18:b9:e6:1e:47:bf:c4:82:ee:5d:f7:c1:3a:ed:82:e3:ac:8b:
6f:3c:5f:4e:e9:53:5e:a6:97:55:52:7d:c2:a9:0a:b1:b3:e0:
c1:40:96:5f:29:57:28:35:0d:c0:d4:fe:e7:5f:bf:ca:6f:78:
f8:f3:ea:d5:bf:16:3a:26:7a:47:df:24:a8:93:67:53:58:00:
1a:92:08:ec:f7:d2:4e:3a:0a:28:f9:d7:34:c1:4d:19:1f:66:
0a:3d:b6:8c:22:ab:6a:5f:d3:92:d5:31:0c:5c:2d:d3:80:d8:
96:b0:48:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQoJdC4CXcATkTmvj3DrkoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjUwMTAyMTc1MjM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2M4MGVkYjE4NzM2MDFmNGNhY2UzZjI1MjBjZDUzZDMxNmMxMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FMm0tZXr/TXZbwh/bDS5gDtUpwn
QfQebBYEDhGMReZdSP8dLUbidsk9LsJUx055oPJUqa8NcZmwFEuzBAeni0vL9Cfp
mgqmDzati9RVyRpExznxwLIvtRELA4BAjj4+Ja+nDEEn5r59z+mda4v7u3WSPj4k
IRzt9KMRYdTjXFoLVrvLByxjgunlG5DjWrWcad6vbK0pAo95KtvJhcDsaYKw4SsT
Q3HOUTxwAXs1ZxlOCxugzDS4Z2IHB3WWpNteuzh2I7xEWjxumZwTy8pLyOXNMYdX
7s4WN5xB3UfsJ/QeqUyEbWthXyxQsXM8z3Ver+0MJpHzaHOXZF4dtV7i3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNPIDtsYc2AfTKzj8lIM1T0xbBJLMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvMDhnTzJ4aHpZQjlNck9QeVVnelZQVEZzRWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1flIMA8E
AgACMAkDBwAqAQRIAHIwDQYJKoZIhvcNAQELBQADggEBAFcrb12a4XrAlfGitlrd
SQ51coe+WjD2Vm6hVKGu3zAXmwT3UbCgoDy16/VqJfXKb/ZHT+rbfqdbTP+78JdT
Is5uDOu8l7JccdFzb/dJU4GdZHSVNQ/9hMAovR8nTd3hxQnnijA1lR4hedCW17t8
oNiYgMLASGNBHq/GtJpgekA657xiUXpzh/YWz6gdFOtCqxi55h5Hv8SC7l33wTrt
guOsi288X07pU16ml1VSfcKpCrGz4MFAll8pVyg1DcDU/udfv8pvePjz6tW/Fjom
ekffJKiTZ1NYABqSCOz30k46Cij51zTBTRkfZgo9towiq2pf05LVMQxcLdOA2Jaw
SM0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:41 2025 by rpki-client on console.sobornost.net