Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RhYgbIyUkYbUVcVZ54GFY7-eiYc.roa
File: RhYgbIyUkYbUVcVZ54GFY7-eiYc.roa (raw, json)
Hash identifier: GcdcoeyS9B7Genx2pLcYdYvuXZG7x2MYDwfGjI+LCdE=
Subject key identifier: 46:16:20:6C:8C:94:91:86:D4:55:C5:59:E7:81:85:63:BF:9E:89:87
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824F3F36C925A8AD27D84ACE4FD7277
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RhYgbIyUkYbUVcVZ54GFY7-eiYc.roa
Signing time: Thu 02 Jan 2025 17:51:37 +0000
ROA not before: Thu 02 Jan 2025 17:51:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55154
IP address blocks: 212.193.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:f3:f3:6c:92:5a:8a:d2:7d:84:ac:e4:fd:72:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4616206c8c949186d455c559e7818563bf9e8987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8b:c7:a0:00:96:22:c0:19:3b:96:17:f4:36:
a1:af:fc:2c:f7:b7:04:91:1d:92:7f:ee:18:41:59:
b9:0e:29:c9:24:42:79:ed:08:49:c1:8d:4a:aa:25:
d6:77:4b:44:ab:ab:b6:23:d9:5f:df:8a:04:9e:d2:
7e:03:e1:d8:c3:84:ad:93:73:6c:5d:90:5e:63:d0:
4b:a9:e6:23:b5:9a:50:af:28:f9:71:1d:43:af:1f:
da:50:85:4f:00:f0:b5:1b:70:46:39:88:8b:92:00:
52:54:89:d6:94:5f:42:78:0e:71:74:bb:e2:eb:8c:
af:79:ae:20:be:71:a0:1f:5c:7c:61:4b:a3:88:a1:
78:25:20:13:93:e6:18:1a:e8:b1:e2:69:2f:5c:f6:
06:5f:0e:cc:e3:d6:0a:28:65:c0:bb:4f:fb:e9:49:
2e:85:ad:f0:a0:4b:48:fd:16:ca:81:d8:9e:91:3f:
55:79:2f:69:4c:b3:80:a2:ef:51:91:05:65:48:f7:
bf:ef:0a:21:a7:2d:d8:ff:2d:63:ca:eb:f2:e8:c2:
14:7b:ad:c4:d1:0d:4e:1a:35:d7:28:5d:17:15:9f:
5d:7d:84:ff:e3:89:2e:60:90:6c:4b:6f:a6:a0:ee:
40:22:ad:87:1b:94:aa:a3:ec:d9:dd:63:97:11:3e:
ea:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:16:20:6C:8C:94:91:86:D4:55:C5:59:E7:81:85:63:BF:9E:89:87
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RhYgbIyUkYbUVcVZ54GFY7-eiYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c8:57:b0:29:c2:cd:e8:5e:4b:f3:6a:c8:ee:ed:3a:1e:ba:
fd:32:ac:f6:be:6e:a1:e4:cd:cb:d3:96:8b:7c:f5:63:9a:21:
19:6a:79:b9:7a:67:c0:80:00:e1:08:66:f6:81:97:09:8f:b1:
c0:fd:55:b6:94:2f:ed:a9:20:b8:09:c3:41:37:0a:68:97:22:
27:5a:9f:ba:71:d0:d6:e1:bf:cb:bc:86:62:bf:99:d7:c9:69:
5b:43:2e:9b:ad:ed:91:b8:6e:7c:87:d6:40:6d:bf:45:5b:8a:
6c:09:e3:06:ae:5d:5c:5d:45:df:e0:7b:93:f8:a0:8c:36:69:
aa:f3:81:56:4a:0a:c6:02:ba:3a:98:93:e4:be:08:79:9f:11:
fb:13:77:98:b9:eb:09:12:ab:7f:cd:51:e0:d3:1a:bd:48:c7:
89:2c:c9:15:e9:54:1f:85:dc:ea:5f:13:a1:33:f8:60:38:7b:
86:7d:7a:e9:28:09:05:4d:d0:39:73:b7:42:ff:45:e3:b2:20:
a0:20:cc:e7:ac:09:82:a0:d8:7b:ba:f9:c2:0c:1f:7d:ad:51:
78:f0:c0:c7:c7:d7:d9:41:d2:e2:ef:92:90:e2:92:69:78:f9:
fe:bb:1c:b5:14:8f:98:58:31:1e:e6:92:15:de:c7:57:f4:62:
cb:fa:82:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJPPzbJJaitJ9hKzk/XJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjE2MjA2YzhjOTQ5MTg2ZDQ1NWM1NTllNzgxODU2M2JmOWU4OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ovHoACWIsAZO5YX9Dahr/ws97cE
kR2Sf+4YQVm5DinJJEJ57QhJwY1KqiXWd0tEq6u2I9lf34oEntJ+A+HYw4Stk3Ns
XZBeY9BLqeYjtZpQryj5cR1Drx/aUIVPAPC1G3BGOYiLkgBSVInWlF9CeA5xdLvi
64yvea4gvnGgH1x8YUujiKF4JSATk+YYGuix4mkvXPYGXw7M49YKKGXAu0/76Uku
ha3woEtI/RbKgdiekT9VeS9pTLOAou9RkQVlSPe/7wohpy3Y/y1jyuvy6MIUe63E
0Q1OGjXXKF0XFZ9dfYT/44kuYJBsS2+moO5AIq2HG5Sqo+zZ3WOXET7q8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYWIGyMlJGG1FXFWeeBhWO/nomHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUmhZZ2JJeVVrWWJVVmNWWjU0R0ZZNy1laVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MEAMA0G
CSqGSIb3DQEBCwUAA4IBAQA0yFewKcLN6F5L82rI7u06Hrr9Mqz2vm6h5M3L05aL
fPVjmiEZanm5emfAgADhCGb2gZcJj7HA/VW2lC/tqSC4CcNBNwpolyInWp+6cdDW
4b/LvIZiv5nXyWlbQy6bre2RuG58h9ZAbb9FW4psCeMGrl1cXUXf4HuT+KCMNmmq
84FWSgrGAro6mJPkvgh5nxH7E3eYuesJEqt/zVHg0xq9SMeJLMkV6VQfhdzqXxOh
M/hgOHuGfXrpKAkFTdA5c7dC/0XjsiCgIMznrAmCoNh7uvnCDB99rVF48MDHx9fZ
QdLi75KQ4pJpePn+uxy1FI+YWDEe5pIV3sdX9GLL+oK8
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:09:56 2025 by rpki-client