Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/0c880d-b4d3-449c-8ec8-4b7025948de0/1/bgMhmko76PaZ4bAqiZ05MbKtCdI.roa
File: bgMhmko76PaZ4bAqiZ05MbKtCdI.roa (raw, json)
Hash identifier: xTnGUxwFliOL2s2O+OEXxtZQLGCuOqH7ldXN8jdODkc=
Subject key identifier: 6E:03:21:9A:4A:3B:E8:F6:99:E1:B0:2A:89:9D:39:31:B2:AD:09:D2
Certificate issuer: /CN=aa3a91c36754d7865db93986322f251d141abbee
Certificate serial: 01853A6D8A9F9B404E0598D54506ED62485C
Authority key identifier: AA:3A:91:C3:67:54:D7:86:5D:B9:39:86:32:2F:25:1D:14:1A:BB:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjqRw2dU14ZduTmGMi8lHRQau-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/0c880d-b4d3-449c-8ec8-4b7025948de0/1/bgMhmko76PaZ4bAqiZ05MbKtCdI.roa
Signing time: Thu 22 Dec 2022 15:22:15 +0000
ROA not before: Thu 22 Dec 2022 15:22:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20693
IP address blocks: 212.111.96.0/20 maxlen: 20
212.111.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:6d:8a:9f:9b:40:4e:05:98:d5:45:06:ed:62:48:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa3a91c36754d7865db93986322f251d141abbee
Validity
Not Before: Dec 22 15:22:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e03219a4a3be8f699e1b02a899d3931b2ad09d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:dc:7c:4b:18:86:32:6f:43:d1:ca:9a:74:aa:
c2:1a:46:ab:9f:8c:04:ef:cb:dd:94:23:dd:37:e2:
ab:53:42:ac:23:b0:6c:80:32:14:22:88:4b:04:24:
1e:7b:3e:16:b7:26:ae:95:9a:a8:f0:12:38:5c:95:
b0:b3:df:bc:af:b5:9b:70:91:f8:a9:1f:86:cd:44:
aa:92:2a:3a:24:05:7d:70:22:14:9c:d7:14:01:ef:
9e:28:5c:22:32:c7:3a:1a:46:f8:e5:29:16:6e:35:
94:83:79:d5:35:f6:89:6e:ca:e6:d5:d0:42:a5:39:
80:f7:12:8a:a0:64:77:91:b8:79:79:38:97:18:8a:
02:5b:12:10:44:cd:13:12:ab:b2:51:6e:28:7c:0f:
87:c9:e3:d4:8d:fe:1e:73:34:dd:52:43:c1:68:ca:
7f:69:4b:44:1e:02:de:a9:09:87:c2:45:86:5c:25:
b7:04:ae:c8:47:7f:a1:41:b5:a1:1c:f2:db:aa:5c:
1e:37:b2:e8:dd:ed:f2:81:50:ba:1a:3d:e0:ff:57:
67:87:16:c9:75:20:16:ad:67:09:15:91:81:c8:4f:
b3:df:3e:f6:8f:3d:ef:02:ea:f7:15:6e:1a:50:98:
19:61:cb:4e:e9:9d:af:e3:67:13:38:c2:da:ba:95:
00:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:03:21:9A:4A:3B:E8:F6:99:E1:B0:2A:89:9D:39:31:B2:AD:09:D2
X509v3 Authority Key Identifier:
keyid:AA:3A:91:C3:67:54:D7:86:5D:B9:39:86:32:2F:25:1D:14:1A:BB:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjqRw2dU14ZduTmGMi8lHRQau-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/0c880d-b4d3-449c-8ec8-4b7025948de0/1/bgMhmko76PaZ4bAqiZ05MbKtCdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/0c880d-b4d3-449c-8ec8-4b7025948de0/1/qjqRw2dU14ZduTmGMi8lHRQau-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.96.0/20
Signature Algorithm: sha256WithRSAEncryption
36:94:3c:86:cd:2c:ab:79:ac:18:df:c6:d3:dd:0f:21:6a:19:
d0:a6:6c:74:fd:82:fc:bf:d9:32:89:49:f4:d7:ac:52:ac:2a:
ea:8e:47:7d:8e:2d:d4:3d:df:93:a8:82:41:48:dc:ba:ff:85:
c2:eb:fc:96:60:6e:52:60:ac:4b:2d:9d:4c:a7:7b:65:f6:a5:
c8:8e:1f:c6:35:5d:73:93:48:93:46:dc:42:d6:f6:f5:31:b8:
8d:1a:cd:31:f3:c2:dc:ef:f8:4d:72:e4:db:ad:d8:64:2b:b8:
68:0c:e6:db:01:f6:4d:30:1f:06:a3:c8:e6:2b:23:6e:20:0a:
20:01:06:e9:8a:4f:e8:76:c3:21:b3:45:c5:54:e6:a6:ea:c2:
ea:8b:20:93:98:41:d6:e4:1d:1b:be:a5:a0:ef:f2:fb:2e:e0:
85:c5:c0:3b:1a:31:40:95:d2:e9:b8:df:42:7d:e7:7a:e9:18:
91:51:fc:79:8c:e0:21:31:8b:bd:0f:dc:ee:e6:1a:74:3b:9d:
b4:09:f9:3f:e2:07:8d:79:d9:6f:ed:6a:7f:71:6b:0b:d8:59:
de:3c:51:b5:e7:36:ea:9f:16:f7:f4:59:53:3e:0b:31:15:7e:
27:24:fa:41:6e:81:80:61:87:5a:69:ec:bb:ad:6d:3b:c9:da:
43:dd:16:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU6bYqfm0BOBZjVRQbtYkhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhM2E5MWMzNjc1NGQ3ODY1ZGI5Mzk4NjMyMmYyNTFkMTQx
YWJiZWUwHhcNMjIxMjIyMTUyMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTAzMjE5YTRhM2JlOGY2OTllMWIwMmE4OTlkMzkzMWIyYWQwOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19x8SxiGMm9D0cqadKrCGkarn4wE
78vdlCPdN+KrU0KsI7BsgDIUIohLBCQeez4WtyaulZqo8BI4XJWws9+8r7WbcJH4
qR+GzUSqkio6JAV9cCIUnNcUAe+eKFwiMsc6Gkb45SkWbjWUg3nVNfaJbsrm1dBC
pTmA9xKKoGR3kbh5eTiXGIoCWxIQRM0TEquyUW4ofA+HyePUjf4eczTdUkPBaMp/
aUtEHgLeqQmHwkWGXCW3BK7IR3+hQbWhHPLbqlweN7Lo3e3ygVC6Gj3g/1dnhxbJ
dSAWrWcJFZGByE+z3z72jz3vAur3FW4aUJgZYctO6Z2v42cTOMLaupUAFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4DIZpKO+j2meGwKomdOTGyrQnSMB8GA1UdIwQY
MBaAFKo6kcNnVNeGXbk5hjIvJR0UGrvuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpxUncyZFUxNFpkdVRtR01pOGxIUlFhdS00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8wYzg4MGQtYjRkMy00NDljLThlYzgt
NGI3MDI1OTQ4ZGUwLzEvYmdNaG1rbzc2UGFaNGJBcWlaMDVNYkt0Q2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8wYzg4MGQtYjRkMy00NDljLThlYzgtNGI3MDI1OTQ4ZGUw
LzEvcWpxUncyZFUxNFpkdVRtR01pOGxIUlFhdS00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1G9gMA0G
CSqGSIb3DQEBCwUAA4IBAQA2lDyGzSyreawY38bT3Q8hahnQpmx0/YL8v9kyiUn0
16xSrCrqjkd9ji3UPd+TqIJBSNy6/4XC6/yWYG5SYKxLLZ1Mp3tl9qXIjh/GNV1z
k0iTRtxC1vb1MbiNGs0x88Lc7/hNcuTbrdhkK7hoDObbAfZNMB8Go8jmKyNuIAog
AQbpik/odsMhs0XFVOam6sLqiyCTmEHW5B0bvqWg7/L7LuCFxcA7GjFAldLpuN9C
fed66RiRUfx5jOAhMYu9D9zu5hp0O520Cfk/4geNedlv7Wp/cWsL2FnePFG15zbq
nxb39FlTPgsxFX4nJPpBboGAYYdaaey7rW07ydpD3RZh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:45 2025 by rpki-client