Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/36c7b9-be29-46c7-834c-3d8f39022e44/1/nej2FKA10t3DZofuCv17K9oDxMw.roa
File: nej2FKA10t3DZofuCv17K9oDxMw.roa (raw, json)
Hash identifier: CPFfpcO/f5XH9dZGtsgU4+pE6jKUVaarWGOQiX+JSII=
Subject key identifier: 9D:E8:F6:14:A0:35:D2:DD:C3:66:87:EE:0A:FD:7B:2B:DA:03:C4:CC
Certificate issuer: /CN=6b4b5e69148a3310c34871324bc56fe84b891dff
Certificate serial: 01856CCAEF10C322C2112C461F422028728D
Authority key identifier: 6B:4B:5E:69:14:8A:33:10:C3:48:71:32:4B:C5:6F:E8:4B:89:1D:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0teaRSKMxDDSHEyS8Vv6EuJHf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/36c7b9-be29-46c7-834c-3d8f39022e44/1/nej2FKA10t3DZofuCv17K9oDxMw.roa
Signing time: Sun 01 Jan 2023 10:05:16 +0000
ROA not before: Sun 01 Jan 2023 10:05:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12697
IP address blocks: 212.23.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:ef:10:c3:22:c2:11:2c:46:1f:42:20:28:72:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b4b5e69148a3310c34871324bc56fe84b891dff
Validity
Not Before: Jan 1 10:05:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9de8f614a035d2ddc36687ee0afd7b2bda03c4cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:03:36:4e:d2:0a:fe:14:6d:2f:09:9b:eb:be:
fa:aa:8f:2a:a2:a0:c7:1f:03:c5:a6:c6:d2:d2:1a:
60:5f:8c:65:40:95:0e:10:1a:6b:d4:fa:aa:17:1a:
d2:15:ca:7e:a7:ca:a7:61:7a:33:a4:09:44:eb:33:
8e:96:2f:d0:64:dd:17:dc:f6:5c:fb:e8:b4:c5:38:
44:09:de:b7:fb:7f:ea:dd:18:01:5c:07:47:43:45:
97:68:8c:23:44:21:0f:bd:2f:b4:54:22:7f:0b:09:
ca:24:06:b1:fb:93:34:0d:d0:dd:c5:33:32:1b:49:
85:04:7d:ff:16:6d:8b:1b:b4:84:e8:10:66:82:69:
13:9f:38:0f:fd:5f:26:19:38:34:06:b5:16:24:13:
7d:6a:08:5b:5a:a0:e0:5f:39:bc:71:c8:e2:17:fd:
e9:16:27:7e:52:c2:55:dd:a7:d4:80:20:10:9d:28:
10:09:df:19:98:0b:3b:cf:0b:16:93:ca:6f:26:aa:
41:90:5b:23:79:00:51:19:3e:b1:aa:24:6d:25:77:
80:6e:f7:c8:cf:aa:5f:71:54:e3:af:cb:96:0a:0f:
bb:1e:52:83:f0:2d:d6:df:df:24:de:8a:e3:d9:75:
43:fd:ef:9c:6e:d7:46:5f:5e:bb:bf:eb:5c:13:bf:
22:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E8:F6:14:A0:35:D2:DD:C3:66:87:EE:0A:FD:7B:2B:DA:03:C4:CC
X509v3 Authority Key Identifier:
keyid:6B:4B:5E:69:14:8A:33:10:C3:48:71:32:4B:C5:6F:E8:4B:89:1D:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0teaRSKMxDDSHEyS8Vv6EuJHf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/36c7b9-be29-46c7-834c-3d8f39022e44/1/nej2FKA10t3DZofuCv17K9oDxMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/36c7b9-be29-46c7-834c-3d8f39022e44/1/a0teaRSKMxDDSHEyS8Vv6EuJHf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.214.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a2:74:5b:35:20:73:e3:aa:47:e7:e1:de:df:a8:6a:d1:f2:
8e:1a:f6:4e:4f:f1:ee:14:a7:5d:bf:c3:de:57:32:01:32:9c:
e8:06:20:d0:47:36:8b:16:c5:25:2a:98:13:ab:bb:6c:7a:99:
28:1f:6b:f3:63:9d:d4:8a:40:0d:9c:59:4b:c9:f2:6b:6d:7d:
21:6f:31:7f:5a:e3:48:d8:2e:7b:9d:f3:0d:d9:fb:67:39:f9:
e0:51:06:34:05:9a:ca:49:3a:81:0a:9b:2b:2c:33:41:29:2c:
a4:b2:72:5a:37:0f:5f:df:5f:18:53:e3:8f:a7:a2:47:fd:0a:
6e:d8:20:af:0a:b7:03:29:03:f5:9a:8f:1a:e5:b0:1e:00:58:
f3:41:62:63:72:ee:9b:a1:b4:4e:16:e2:4c:af:fd:1b:2f:56:
24:d5:ac:ed:8b:08:76:fd:93:6c:c9:e1:58:ba:f7:3d:0b:07:
e3:7a:5e:8c:b7:c1:98:be:c4:ea:f1:c3:eb:ec:69:03:8a:3a:
35:c0:d2:f2:50:96:45:9f:cb:98:26:fb:b4:7d:fd:4d:c7:e9:
7e:f3:35:57:d0:89:63:58:03:86:72:8d:a0:c6:3b:b4:84:3a:
f4:c4:3b:a5:ce:4e:7f:18:d2:f8:42:80:84:e8:8d:be:72:84:
a1:a8:df:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyu8QwyLCESxGH0IgKHKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNGI1ZTY5MTQ4YTMzMTBjMzQ4NzEzMjRiYzU2ZmU4NGI4
OTFkZmYwHhcNMjMwMTAxMTAwNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGU4ZjYxNGEwMzVkMmRkYzM2Njg3ZWUwYWZkN2IyYmRhMDNjNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wM2TtIK/hRtLwmb6776qo8qoqDH
HwPFpsbS0hpgX4xlQJUOEBpr1PqqFxrSFcp+p8qnYXozpAlE6zOOli/QZN0X3PZc
++i0xThECd63+3/q3RgBXAdHQ0WXaIwjRCEPvS+0VCJ/CwnKJAax+5M0DdDdxTMy
G0mFBH3/Fm2LG7SE6BBmgmkTnzgP/V8mGTg0BrUWJBN9aghbWqDgXzm8ccjiF/3p
Fid+UsJV3afUgCAQnSgQCd8ZmAs7zwsWk8pvJqpBkFsjeQBRGT6xqiRtJXeAbvfI
z6pfcVTjr8uWCg+7HlKD8C3W398k3orj2XVD/e+cbtdGX167v+tcE78iCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3o9hSgNdLdw2aH7gr9eyvaA8TMMB8GA1UdIwQY
MBaAFGtLXmkUijMQw0hxMkvFb+hLiR3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTB0ZWFSU0tNeEREU0hFeVM4VnY2RXVKSGY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zNmM3YjktYmUyOS00NmM3LTgzNGMt
M2Q4ZjM5MDIyZTQ0LzEvbmVqMkZLQTEwdDNEWm9mdUN2MTdLOW9EeE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zNmM3YjktYmUyOS00NmM3LTgzNGMtM2Q4ZjM5MDIyZTQ0
LzEvYTB0ZWFSU0tNeEREU0hFeVM4VnY2RXVKSGY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfWMA0G
CSqGSIb3DQEBCwUAA4IBAQBIonRbNSBz46pH5+He36hq0fKOGvZOT/HuFKddv8Pe
VzIBMpzoBiDQRzaLFsUlKpgTq7tsepkoH2vzY53UikANnFlLyfJrbX0hbzF/WuNI
2C57nfMN2ftnOfngUQY0BZrKSTqBCpsrLDNBKSyksnJaNw9f318YU+OPp6JH/Qpu
2CCvCrcDKQP1mo8a5bAeAFjzQWJjcu6bobROFuJMr/0bL1Yk1aztiwh2/ZNsyeFY
uvc9Cwfjel6Mt8GYvsTq8cPr7GkDijo1wNLyUJZFn8uYJvu0ff1Nx+l+8zVX0Ilj
WAOGco2gxju0hDr0xDulzk5/GNL4QoCE6I2+coShqN9e
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:45 2025 by rpki-client