Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/mWQQr9Df8Gxi-vy8YAXzFkBEGAc.roa
File: mWQQr9Df8Gxi-vy8YAXzFkBEGAc.roa (raw, json)
Hash identifier: z+245YsTzlJ8Yat/3J5h5H154DAsYclcNAuZzX8bEFc=
Subject key identifier: 99:64:10:AF:D0:DF:F0:6C:62:FA:FC:BC:60:05:F3:16:40:44:18:07
Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial: 01942747857212EC2665818872F4DE6F0429
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/mWQQr9Df8Gxi-vy8YAXzFkBEGAc.roa
Signing time: Thu 02 Jan 2025 13:49:46 +0000
ROA not before: Thu 02 Jan 2025 13:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 212.124.68.0/22 maxlen: 24
212.124.72.0/22 maxlen: 24
212.124.76.0/22 maxlen: 24
212.124.86.0/24 maxlen: 24
212.124.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:85:72:12:ec:26:65:81:88:72:f4:de:6f:04:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Validity
Not Before: Jan 2 13:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=996410afd0dff06c62fafcbc6005f31640441807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:94:50:12:d4:aa:fa:30:8d:eb:2a:b2:67:a3:
dd:0d:87:63:80:0c:6f:1d:63:7d:28:c9:f1:cf:d4:
cb:4d:33:20:90:11:33:df:53:7e:66:ed:aa:93:78:
6a:a6:32:43:a1:ed:6e:b1:b7:a1:1e:23:1b:44:0b:
49:0f:bc:6e:8a:76:ab:71:93:50:b0:68:1d:18:19:
e8:ad:8e:d0:5c:67:18:3a:47:1b:d8:13:6a:21:cb:
3e:86:9c:47:16:36:03:08:b3:41:2d:6d:6a:67:ac:
8d:f7:6f:f8:9d:7c:9a:c4:68:b1:45:b6:f1:3e:ec:
23:28:f7:36:88:b2:89:dd:fb:dc:70:9c:19:0e:08:
78:90:b7:38:74:2e:e9:cf:72:f1:bb:aa:6c:70:e3:
ab:71:c7:fd:1d:97:8c:32:c9:e9:3f:d8:8d:47:c5:
b9:3f:1c:dd:39:76:47:37:13:96:1c:21:c3:07:b0:
f2:cc:8d:52:1c:f2:88:ad:9d:40:78:cd:17:5e:dc:
4c:f6:72:9d:34:54:56:95:f8:3a:49:0b:cc:ad:d4:
bb:36:93:95:8e:69:dc:83:83:ce:b1:5b:bd:94:22:
ca:a3:5c:1b:cc:a3:0c:f1:cd:9d:86:32:db:ad:8c:
e6:2e:00:25:ef:b6:fb:61:6c:a6:36:39:33:c9:b6:
97:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:64:10:AF:D0:DF:F0:6C:62:FA:FC:BC:60:05:F3:16:40:44:18:07
X509v3 Authority Key Identifier:
keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/mWQQr9Df8Gxi-vy8YAXzFkBEGAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.124.68.0-212.124.79.255
212.124.86.0/24
212.124.92.0/24
Signature Algorithm: sha256WithRSAEncryption
28:77:cc:27:a2:ce:3d:c5:85:5c:3c:4d:a5:14:28:89:34:59:
71:d8:12:b5:56:94:5c:ac:02:97:ee:13:28:aa:5e:86:71:2d:
f2:33:69:1d:59:e4:5b:4d:12:25:83:0c:fb:49:6f:54:e9:4d:
75:e3:46:2d:df:c3:df:48:d7:de:55:f1:5a:3f:6b:c3:6d:8a:
41:a2:06:36:35:80:10:de:11:aa:2a:8d:4c:e8:4d:47:4f:82:
36:98:e5:fe:53:78:77:c1:85:29:a5:4c:a9:47:27:09:5d:24:
31:ba:f4:09:f1:31:0a:47:18:7c:aa:ba:b8:4d:64:af:06:a4:
f2:34:60:d0:3d:93:47:3d:14:75:f7:30:d3:d5:69:14:93:a1:
64:fb:dc:0b:57:98:10:13:1f:05:d3:16:5f:37:7e:40:bd:f0:
8f:8a:8f:e4:b5:bf:57:5d:b5:e6:38:12:b6:97:8f:2d:70:c2:
39:3d:62:60:39:6c:84:bb:c2:af:32:66:84:fb:16:27:b5:9d:
57:54:b5:0b:2b:59:00:23:8d:cc:27:ec:32:8f:ef:be:4b:c0:
91:6f:42:78:92:f8:cc:fb:4d:ee:ca:f1:fd:b8:4a:51:54:71:
5d:76:f3:5a:3a:75:aa:b9:f6:88:f9:45:22:38:17:d6:cc:af:
eb:21:f3:41
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnR4VyEuwmZYGIcvTebwQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjUwMTAyMTM0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTY0MTBhZmQwZGZmMDZjNjJmYWZjYmM2MDA1ZjMxNjQwNDQxODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZRQEtSq+jCN6yqyZ6PdDYdjgAxv
HWN9KMnxz9TLTTMgkBEz31N+Zu2qk3hqpjJDoe1usbehHiMbRAtJD7xuinarcZNQ
sGgdGBnorY7QXGcYOkcb2BNqIcs+hpxHFjYDCLNBLW1qZ6yN92/4nXyaxGixRbbx
PuwjKPc2iLKJ3fvccJwZDgh4kLc4dC7pz3Lxu6pscOOrccf9HZeMMsnpP9iNR8W5
PxzdOXZHNxOWHCHDB7DyzI1SHPKIrZ1AeM0XXtxM9nKdNFRWlfg6SQvMrdS7NpOV
jmncg4POsVu9lCLKo1wbzKMM8c2dhjLbrYzmLgAl77b7YWymNjkzybaXWQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJlkEK/Q3/BsYvr8vGAF8xZARBgHMB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvbVdRUXI5RGY4R3hpLXZ5OFlBWHpGa0JFR0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBALUfEQD
BATUfEADBADUfFYDBADUfFwwDQYJKoZIhvcNAQELBQADggEBACh3zCeizj3FhVw8
TaUUKIk0WXHYErVWlFysApfuEyiqXoZxLfIzaR1Z5FtNEiWDDPtJb1TpTXXjRi3f
w99I195V8Vo/a8NtikGiBjY1gBDeEaoqjUzoTUdPgjaY5f5TeHfBhSmlTKlHJwld
JDG69AnxMQpHGHyqurhNZK8GpPI0YNA9k0c9FHX3MNPVaRSToWT73AtXmBATHwXT
Fl83fkC98I+Kj+S1v1ddteY4EraXjy1wwjk9YmA5bIS7wq8yZoT7Fie1nVdUtQsr
WQAjjcwn7DKP775LwJFvQniS+Mz7Te7K8f24SlFUcV1281o6daq59oj5RSI4F9bM
r+sh80E=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:05:11 2025 by rpki-client