Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e9b56e-3b5b-43b1-8bb5-bab48dab4cd6/1/SbkVZx35DZkFyVg9B2PgqJ5H5dY.roa
File: SbkVZx35DZkFyVg9B2PgqJ5H5dY.roa (raw, json)
Hash identifier: hRekjjnAg6h7a7cb6mrdtQIFkMy6cN1akvAzAJVtwDE=
Subject key identifier: 49:B9:15:67:1D:F9:0D:99:05:C9:58:3D:07:63:E0:A8:9E:47:E5:D6
Certificate issuer: /CN=ec9c685cf6671cc656f92e764557a38378f2827c
Certificate serial: 0194236A43B352BEBCC6D80C954E480A3AE1
Authority key identifier: EC:9C:68:5C:F6:67:1C:C6:56:F9:2E:76:45:57:A3:83:78:F2:82:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JxoXPZnHMZW-S52RVejg3jygnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e9b56e-3b5b-43b1-8bb5-bab48dab4cd6/1/SbkVZx35DZkFyVg9B2PgqJ5H5dY.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30823
IP address blocks: 212.114.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:43:b3:52:be:bc:c6:d8:0c:95:4e:48:0a:3a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9c685cf6671cc656f92e764557a38378f2827c
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49b915671df90d9905c9583d0763e0a89e47e5d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d1:27:cd:84:c3:5d:84:ef:eb:e3:c3:12:c2:
37:23:07:ac:c3:5a:c8:62:87:b0:77:6c:36:98:ff:
70:fb:8f:49:ba:93:4d:f4:ac:19:d2:10:ff:4a:7f:
23:5d:78:63:e3:f3:93:b7:d8:c2:25:19:f5:ce:58:
a5:2e:a3:0f:39:61:a3:6a:76:8f:00:75:49:8b:ef:
8f:9c:3b:d8:fb:a1:1c:33:68:33:13:61:00:62:28:
37:0a:c4:05:22:8a:bc:52:cf:7f:c7:a7:02:93:08:
87:dd:aa:b7:06:a8:d0:ba:68:33:03:b1:3f:a0:bc:
b5:4c:d0:31:4f:2d:1e:e2:a6:fb:c9:d1:2a:8a:6e:
64:70:68:17:fc:23:e8:d7:36:e5:e9:e2:66:cd:b2:
7a:0c:70:3b:7a:53:f3:8b:0d:d4:fd:ca:23:6c:5c:
f3:a8:3e:c7:09:b1:66:1d:e7:ab:43:cd:e8:57:35:
41:80:d3:45:61:24:88:28:71:4a:72:3a:6e:e6:71:
46:83:bf:2c:2c:1f:53:4b:3a:0d:5b:02:4b:19:32:
d8:5c:f2:25:cb:ca:60:3c:5b:c4:5f:36:65:c6:5b:
c2:06:17:f0:0a:8b:ec:72:62:6b:c1:1d:37:47:d2:
c8:f4:6f:98:64:93:c6:ad:07:d9:6e:81:d2:c6:17:
50:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B9:15:67:1D:F9:0D:99:05:C9:58:3D:07:63:E0:A8:9E:47:E5:D6
X509v3 Authority Key Identifier:
keyid:EC:9C:68:5C:F6:67:1C:C6:56:F9:2E:76:45:57:A3:83:78:F2:82:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JxoXPZnHMZW-S52RVejg3jygnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e9b56e-3b5b-43b1-8bb5-bab48dab4cd6/1/SbkVZx35DZkFyVg9B2PgqJ5H5dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e9b56e-3b5b-43b1-8bb5-bab48dab4cd6/1/7JxoXPZnHMZW-S52RVejg3jygnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.114.52.0/24
Signature Algorithm: sha256WithRSAEncryption
01:94:c8:05:f6:93:8a:23:ba:24:68:8c:07:bf:d6:51:5d:1a:
dc:b6:57:f5:38:43:cf:0c:e3:7a:58:7c:b0:62:61:fe:47:90:
23:94:87:5a:ad:03:75:13:e7:92:06:8d:b8:78:af:99:6e:34:
72:d4:c9:7f:28:d2:30:cc:e3:8a:44:b9:a4:5e:1a:4d:1f:10:
ee:5e:d6:70:2e:ac:da:19:04:cd:46:87:c3:ef:c1:39:d3:63:
5a:38:00:b9:69:0e:36:ef:43:83:f6:27:09:25:8d:4e:e1:71:
35:57:61:e6:b1:8a:c8:78:8e:0e:2f:82:37:5b:9b:88:13:f9:
7e:c3:6b:09:85:58:9a:72:5f:51:8a:03:5a:d3:ec:78:30:32:
a2:a7:7a:0a:42:0d:4c:0f:6f:3a:24:d0:7b:c1:80:65:2b:3d:
45:4b:d1:42:cf:81:03:ea:4f:b0:94:b8:0c:d1:d3:88:23:9d:
14:32:fb:c2:77:e3:f3:47:11:56:4b:fc:66:ef:86:61:c6:95:
74:bc:aa:c6:cf:c8:7c:78:c3:8a:37:d3:cd:c5:b8:d4:69:23:
bf:bd:31:18:b5:58:38:1f:c0:da:37:53:a4:31:1e:a4:e2:ea:
07:f3:42:e1:0c:6c:3c:cb:b4:a0:d9:84:ec:a3:99:4d:bb:ea:
62:37:5c:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjakOzUr68xtgMlU5ICjrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOWM2ODVjZjY2NzFjYzY1NmY5MmU3NjQ1NTdhMzgzNzhm
MjgyN2MwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWI5MTU2NzFkZjkwZDk5MDVjOTU4M2QwNzYzZTBhODllNDdlNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdEnzYTDXYTv6+PDEsI3Iwesw1rI
Yoewd2w2mP9w+49JupNN9KwZ0hD/Sn8jXXhj4/OTt9jCJRn1zlilLqMPOWGjanaP
AHVJi++PnDvY+6EcM2gzE2EAYig3CsQFIoq8Us9/x6cCkwiH3aq3BqjQumgzA7E/
oLy1TNAxTy0e4qb7ydEqim5kcGgX/CPo1zbl6eJmzbJ6DHA7elPziw3U/cojbFzz
qD7HCbFmHeerQ83oVzVBgNNFYSSIKHFKcjpu5nFGg78sLB9TSzoNWwJLGTLYXPIl
y8pgPFvEXzZlxlvCBhfwCovscmJrwR03R9LI9G+YZJPGrQfZboHSxhdQJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEm5FWcd+Q2ZBclYPQdj4KieR+XWMB8GA1UdIwQY
MBaAFOycaFz2ZxzGVvkudkVXo4N48oJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0p4b1hQWm5ITVpXLVM1MlJWZWpnM2p5Z253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lOWI1NmUtM2I1Yi00M2IxLThiYjUt
YmFiNDhkYWI0Y2Q2LzEvU2JrVlp4MzVEWmtGeVZnOUIyUGdxSjVINWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lOWI1NmUtM2I1Yi00M2IxLThiYjUtYmFiNDhkYWI0Y2Q2
LzEvN0p4b1hQWm5ITVpXLVM1MlJWZWpnM2p5Z253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1HI0MA0G
CSqGSIb3DQEBCwUAA4IBAQABlMgF9pOKI7okaIwHv9ZRXRrctlf1OEPPDON6WHyw
YmH+R5AjlIdarQN1E+eSBo24eK+ZbjRy1Ml/KNIwzOOKRLmkXhpNHxDuXtZwLqza
GQTNRofD78E502NaOAC5aQ4270OD9icJJY1O4XE1V2HmsYrIeI4OL4I3W5uIE/l+
w2sJhViacl9RigNa0+x4MDKip3oKQg1MD286JNB7wYBlKz1FS9FCz4ED6k+wlLgM
0dOII50UMvvCd+PzRxFWS/xm74ZhxpV0vKrGz8h8eMOKN9PNxbjUaSO/vTEYtVg4
H8DaN1OkMR6k4uoH80LhDGw8y7Sg2YTso5lNu+piN1wy
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:08 2025 by rpki-client