Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/724c97-f149-446f-bbf1-2544683aa125/1/DxUn4bmVojvn8sm2tByEo7v-9lY.roa
File: DxUn4bmVojvn8sm2tByEo7v-9lY.roa (raw, json)
Hash identifier: LqNhwNLFgBfOiDjw34sJzCVs1lSfUwZfgMTqZtNLRrQ=
Subject key identifier: 0F:15:27:E1:B9:95:A2:3B:E7:F2:C9:B6:B4:1C:84:A3:BB:FE:F6:56
Certificate issuer: /CN=6c3250a5c1bdab74b1bd23c01c54a8d70b6def20
Certificate serial: 0195A90D82B78D864272E13C1165CFF443AD
Authority key identifier: 6C:32:50:A5:C1:BD:AB:74:B1:BD:23:C0:1C:54:A8:D7:0B:6D:EF:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bDJQpcG9q3SxvSPAHFSo1wtt7yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/724c97-f149-446f-bbf1-2544683aa125/1/DxUn4bmVojvn8sm2tByEo7v-9lY.roa
Signing time: Tue 18 Mar 2025 11:39:49 +0000
ROA not before: Tue 18 Mar 2025 11:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 212.102.227.0/24 maxlen: 24
212.102.228.0/24 maxlen: 24
212.102.252.0/24 maxlen: 24
212.102.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:0d:82:b7:8d:86:42:72:e1:3c:11:65:cf:f4:43:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c3250a5c1bdab74b1bd23c01c54a8d70b6def20
Validity
Not Before: Mar 18 11:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f1527e1b995a23be7f2c9b6b41c84a3bbfef656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:03:41:2f:b5:49:2b:35:38:fd:8e:94:75:74:
2a:ae:13:a8:67:26:0c:09:2d:cb:f4:c1:a9:7b:1a:
2c:03:7d:5a:78:53:f7:4b:45:76:f3:4d:24:41:39:
52:d7:bd:23:d5:f6:0f:3f:ce:fd:30:f9:47:ca:14:
98:e6:b3:d4:f9:4f:da:d8:b6:f9:82:a5:7e:85:58:
c5:93:fc:f8:8b:fd:fe:35:46:56:49:52:1c:b5:19:
0b:a1:67:0e:3b:0f:1e:04:75:e8:19:dd:e4:9a:8e:
73:86:12:d4:8b:13:62:ba:9c:f7:ef:9f:55:35:7a:
7e:0c:25:7e:79:db:4b:02:11:31:e8:ba:bc:e6:25:
75:19:b0:33:b2:6b:a8:53:f5:9a:86:fc:c0:e2:0a:
92:e7:bf:c2:64:57:7c:4c:29:0a:ba:ed:79:5c:6e:
39:35:f0:6d:2a:dc:d0:35:e6:b4:fd:67:2c:ea:39:
8a:d7:e2:cc:53:2e:ea:d7:de:0d:e5:ac:8d:2c:4a:
92:9f:5e:d2:a8:4e:bd:df:be:b0:99:b3:e9:22:6a:
bf:31:2a:c9:07:ce:5b:30:19:b7:60:ff:23:dd:72:
02:d8:85:13:5b:eb:47:3e:bf:de:e9:68:ab:92:08:
05:91:7f:d9:25:da:74:c0:c7:ea:08:5f:61:72:96:
64:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:15:27:E1:B9:95:A2:3B:E7:F2:C9:B6:B4:1C:84:A3:BB:FE:F6:56
X509v3 Authority Key Identifier:
keyid:6C:32:50:A5:C1:BD:AB:74:B1:BD:23:C0:1C:54:A8:D7:0B:6D:EF:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bDJQpcG9q3SxvSPAHFSo1wtt7yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/724c97-f149-446f-bbf1-2544683aa125/1/DxUn4bmVojvn8sm2tByEo7v-9lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/724c97-f149-446f-bbf1-2544683aa125/1/bDJQpcG9q3SxvSPAHFSo1wtt7yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.227.0-212.102.228.255
212.102.252.0/23
Signature Algorithm: sha256WithRSAEncryption
94:ca:7c:33:a5:94:b2:1a:88:9f:5a:7e:93:5c:bb:dc:02:5c:
de:07:7c:02:df:16:6b:44:3f:9a:0c:6a:73:d7:6d:c3:80:0d:
b1:f2:6c:fa:03:a2:af:93:d3:97:be:a2:12:18:14:d3:76:e8:
9e:95:31:35:3e:64:96:78:4a:3d:91:4b:45:1e:0b:38:ed:cd:
73:14:09:a1:69:64:6d:cb:ba:60:3f:b7:4c:d3:b4:af:9b:1e:
44:64:f0:d7:39:ad:13:ff:ab:f0:49:ec:78:19:8d:e8:ba:39:
2a:1a:f8:51:7c:64:f0:93:e6:71:59:48:d5:f9:cb:41:34:e9:
f6:35:dd:78:6b:4a:fd:0d:99:32:ec:7e:a8:f1:e4:f9:da:5e:
88:f0:22:94:ef:07:6d:3a:7e:ae:8f:55:3b:27:24:1b:f0:f6:
f7:8e:06:8c:0e:a4:92:b2:23:33:38:4f:3b:08:dd:10:cf:56:
23:4d:62:10:da:8c:ea:1a:32:0d:5b:a8:d6:f2:64:cc:6b:48:
e7:d8:bc:b8:7d:f0:af:25:90:26:5e:bf:c1:c0:96:57:8a:3c:
5a:a6:69:79:6d:2c:fe:d3:1f:ff:d0:4f:0c:57:b3:4e:3f:01:
4d:1e:74:4f:3e:ee:36:cd:fc:8c:f0:0c:0c:6f:79:f8:7f:5a:
59:b2:0a:4e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZWpDYK3jYZCcuE8EWXP9EOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMzI1MGE1YzFiZGFiNzRiMWJkMjNjMDFjNTRhOGQ3MGI2
ZGVmMjAwHhcNMjUwMzE4MTEzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjE1MjdlMWI5OTVhMjNiZTdmMmM5YjZiNDFjODRhM2JiZmVmNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQNBL7VJKzU4/Y6UdXQqrhOoZyYM
CS3L9MGpexosA31aeFP3S0V2800kQTlS170j1fYPP879MPlHyhSY5rPU+U/a2Lb5
gqV+hVjFk/z4i/3+NUZWSVIctRkLoWcOOw8eBHXoGd3kmo5zhhLUixNiupz3759V
NXp+DCV+edtLAhEx6Lq85iV1GbAzsmuoU/WahvzA4gqS57/CZFd8TCkKuu15XG45
NfBtKtzQNea0/Wcs6jmK1+LMUy7q194N5ayNLEqSn17SqE69376wmbPpImq/MSrJ
B85bMBm3YP8j3XIC2IUTW+tHPr/e6WirkggFkX/ZJdp0wMfqCF9hcpZkAwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA8VJ+G5laI75/LJtrQchKO7/vZWMB8GA1UdIwQY
MBaAFGwyUKXBvat0sb0jwBxUqNcLbe8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkRKUXBjRzlxM1N4dlNQQUhGU28xd3R0N3lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MjRjOTctZjE0OS00NDZmLWJiZjEt
MjU0NDY4M2FhMTI1LzEvRHhVbjRibVZvanZuOHNtMnRCeUVvN3YtOWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MjRjOTctZjE0OS00NDZmLWJiZjEtMjU0NDY4M2FhMTI1
LzEvYkRKUXBjRzlxM1N4dlNQQUhGU28xd3R0N3lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADUZuMD
BADUZuQDBAHUZvwwDQYJKoZIhvcNAQELBQADggEBAJTKfDOllLIaiJ9afpNcu9wC
XN4HfALfFmtEP5oManPXbcOADbHybPoDoq+T05e+ohIYFNN26J6VMTU+ZJZ4Sj2R
S0UeCzjtzXMUCaFpZG3LumA/t0zTtK+bHkRk8Nc5rRP/q/BJ7HgZjei6OSoa+FF8
ZPCT5nFZSNX5y0E06fY13XhrSv0NmTLsfqjx5PnaXojwIpTvB206fq6PVTsnJBvw
9veOBowOpJKyIzM4TzsI3RDPViNNYhDajOoaMg1bqNbyZMxrSOfYvLh98K8lkCZe
v8HAlleKPFqmaXltLP7TH//QTwxXs04/AU0edE8+7jbN/IzwDAxvefh/WlmyCk4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:07:31 2025 by rpki-client