Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/845783-5c0f-49dd-aebb-5f900a64cc96/1/bI_UPN2fGpmRbIQmxdjvG6D6qyc.roa
File: bI_UPN2fGpmRbIQmxdjvG6D6qyc.roa (raw, json)
Hash identifier: 8Hw/ELELxlNCCL+zWeaZ9rKRqMsYbzB+gHlmoy8aIzM=
Subject key identifier: 6C:8F:D4:3C:DD:9F:1A:99:91:6C:84:26:C5:D8:EF:1B:A0:FA:AB:27
Certificate issuer: /CN=88a30514cb09ff93a0310d7a4e7b26c6246b20a1
Certificate serial: 018DA832B0134F22A25D3E977F6E573C4785
Authority key identifier: 88:A3:05:14:CB:09:FF:93:A0:31:0D:7A:4E:7B:26:C6:24:6B:20:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKMFFMsJ_5OgMQ16TnsmxiRrIKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/845783-5c0f-49dd-aebb-5f900a64cc96/1/bI_UPN2fGpmRbIQmxdjvG6D6qyc.roa
Signing time: Wed 14 Feb 2024 15:18:30 +0000
ROA not before: Wed 14 Feb 2024 15:18:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211500
IP address blocks: 212.23.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:32:b0:13:4f:22:a2:5d:3e:97:7f:6e:57:3c:47:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a30514cb09ff93a0310d7a4e7b26c6246b20a1
Validity
Not Before: Feb 14 15:18:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c8fd43cdd9f1a99916c8426c5d8ef1ba0faab27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:01:d7:09:90:50:bf:65:5e:54:ce:1c:e2:62:
14:10:77:32:c7:39:09:9f:81:90:f1:ab:94:ba:32:
f4:ff:b5:45:5f:a9:04:7c:48:de:fd:09:2b:7c:7d:
19:0e:ee:5d:1e:66:be:1a:1b:2e:18:89:23:14:ee:
a6:cf:fd:62:c7:0a:cb:b4:c5:9d:23:d2:b9:40:c2:
52:9d:a6:97:d3:97:64:d2:b6:61:91:5e:75:2c:0e:
8b:99:c9:ad:93:a3:3e:92:ab:76:51:78:46:bb:d0:
de:2a:49:f6:23:d6:e9:ab:e6:59:e8:6c:54:ea:74:
c8:cc:41:8c:98:7f:3c:0f:f9:b0:29:a6:1c:9e:3b:
49:66:ed:5d:10:53:da:63:4d:c9:b3:74:fe:05:e7:
78:8a:16:db:7e:20:a5:7b:53:a0:64:c5:f2:a2:44:
6e:63:61:92:ba:ec:19:e7:85:cf:6e:80:9f:66:10:
c5:c7:43:79:01:0c:01:ac:98:bb:8b:b3:e9:a7:f1:
7b:ff:bf:c4:cc:39:95:3c:c3:89:20:af:86:ea:ae:
a4:ac:5f:83:16:d3:63:1b:84:84:03:95:ee:ac:5c:
77:3f:f1:7a:a0:5e:dd:7a:3c:cc:87:ed:59:38:fa:
b2:cb:a5:26:bf:46:10:f2:43:3c:fe:c6:6f:d3:b0:
4e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8F:D4:3C:DD:9F:1A:99:91:6C:84:26:C5:D8:EF:1B:A0:FA:AB:27
X509v3 Authority Key Identifier:
keyid:88:A3:05:14:CB:09:FF:93:A0:31:0D:7A:4E:7B:26:C6:24:6B:20:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKMFFMsJ_5OgMQ16TnsmxiRrIKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/845783-5c0f-49dd-aebb-5f900a64cc96/1/bI_UPN2fGpmRbIQmxdjvG6D6qyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/845783-5c0f-49dd-aebb-5f900a64cc96/1/iKMFFMsJ_5OgMQ16TnsmxiRrIKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.204.0/24
Signature Algorithm: sha256WithRSAEncryption
31:0f:cf:3c:1f:11:71:9f:94:0e:5d:fc:dc:6c:95:d2:95:62:
1a:f3:ea:d8:0e:8c:8b:bb:c7:09:fc:0c:e6:f1:df:dc:5c:8c:
ed:93:11:ba:8e:da:6c:61:7f:9e:f7:5f:bd:1c:04:c8:27:90:
18:bd:fd:d8:33:0e:50:84:38:f1:58:ff:8b:20:0f:0a:d8:44:
b8:53:b2:9a:80:71:3b:4f:97:2e:30:1e:61:c5:b7:74:a4:08:
c4:3a:b8:d6:e5:31:0e:cd:be:e6:62:a6:3b:95:27:3b:76:e0:
c8:83:9a:eb:d3:e8:c6:10:d4:8a:cb:3b:86:ad:3f:b6:68:8e:
89:4a:56:41:e5:ce:f1:db:66:c3:e6:5d:03:d7:db:6b:03:36:
5e:9b:97:f0:95:7d:30:25:e6:da:3f:31:8e:d0:13:05:f8:75:
2f:55:b9:ca:24:0c:4c:0c:0d:d6:ad:61:d2:a2:a0:22:3e:89:
41:67:7d:7e:c0:89:4f:b7:c3:ca:fc:1e:50:be:72:5d:e5:fe:
4b:ac:e7:2d:01:2d:a9:58:4a:49:68:f8:91:2b:be:ea:79:30:
6f:a2:e8:a3:29:44:59:90:9d:91:32:7b:f9:4a:d1:38:37:e3:
d7:4f:69:f4:a0:98:a0:3b:f6:f6:35:a8:ef:09:7b:87:14:0e:
41:2f:b6:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2oMrATTyKiXT6Xf25XPEeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTMwNTE0Y2IwOWZmOTNhMDMxMGQ3YTRlN2IyNmM2MjQ2
YjIwYTEwHhcNMjQwMjE0MTUxODMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhmZDQzY2RkOWYxYTk5OTE2Yzg0MjZjNWQ4ZWYxYmEwZmFhYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowHXCZBQv2VeVM4c4mIUEHcyxzkJ
n4GQ8auUujL0/7VFX6kEfEje/QkrfH0ZDu5dHma+GhsuGIkjFO6mz/1ixwrLtMWd
I9K5QMJSnaaX05dk0rZhkV51LA6Lmcmtk6M+kqt2UXhGu9DeKkn2I9bpq+ZZ6GxU
6nTIzEGMmH88D/mwKaYcnjtJZu1dEFPaY03Js3T+Bed4ihbbfiCle1OgZMXyokRu
Y2GSuuwZ54XPboCfZhDFx0N5AQwBrJi7i7Ppp/F7/7/EzDmVPMOJIK+G6q6krF+D
FtNjG4SEA5XurFx3P/F6oF7dejzMh+1ZOPqyy6Umv0YQ8kM8/sZv07BOKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyP1DzdnxqZkWyEJsXY7xug+qsnMB8GA1UdIwQY
MBaAFIijBRTLCf+ToDENek57JsYkayChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtNRkZNc0pfNU9nTVExNlRuc214aVJySUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS84NDU3ODMtNWMwZi00OWRkLWFlYmIt
NWY5MDBhNjRjYzk2LzEvYklfVVBOMmZHcG1SYklRbXhkanZHNkQ2cXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS84NDU3ODMtNWMwZi00OWRkLWFlYmItNWY5MDBhNjRjYzk2
LzEvaUtNRkZNc0pfNU9nTVExNlRuc214aVJySUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfMMA0G
CSqGSIb3DQEBCwUAA4IBAQAxD888HxFxn5QOXfzcbJXSlWIa8+rYDoyLu8cJ/Azm
8d/cXIztkxG6jtpsYX+e91+9HATIJ5AYvf3YMw5QhDjxWP+LIA8K2ES4U7KagHE7
T5cuMB5hxbd0pAjEOrjW5TEOzb7mYqY7lSc7duDIg5rr0+jGENSKyzuGrT+2aI6J
SlZB5c7x22bD5l0D19trAzZem5fwlX0wJebaPzGO0BMF+HUvVbnKJAxMDA3WrWHS
oqAiPolBZ31+wIlPt8PK/B5QvnJd5f5LrOctAS2pWEpJaPiRK77qeTBvouijKURZ
kJ2RMnv5StE4N+PXT2n0oJigO/b2NajvCXuHFA5BL7b8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:37 2024 by rpki-client on console-ams.rpki-client.org