Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/0r5wCp1ESbbG73FLJ5dfWda35t4.roa
File: 0r5wCp1ESbbG73FLJ5dfWda35t4.roa (raw, json)
Hash identifier: SMJkMARHQE6XiZuLnzEMd+E1rHA7jLDAJFU1xlk8Q5g=
Subject key identifier: D2:BE:70:0A:9D:44:49:B6:C6:EF:71:4B:27:97:5F:59:D6:B7:E6:DE
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348D92AD5A2E9292832F556B3D287BF
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/0r5wCp1ESbbG73FLJ5dfWda35t4.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47538
IP address blocks: 212.243.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d9:2a:d5:a2:e9:29:28:32:f5:56:b3:d2:87:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2be700a9d4449b6c6ef714b27975f59d6b7e6de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0c:57:72:82:8d:68:a3:c7:32:e7:a8:5c:6a:
48:0c:23:dc:b4:d0:f0:af:7f:65:57:0c:c8:ca:35:
a4:06:2c:30:9d:aa:82:a7:be:f8:2c:0b:71:ed:b5:
35:5a:ba:f3:f8:e6:94:27:93:f3:ed:0a:c0:bc:41:
69:23:6f:41:d7:c9:c3:b0:f2:d6:86:b3:5b:59:43:
fa:16:10:d8:5c:37:45:f6:0e:46:52:ec:5a:ab:59:
30:2d:a7:c4:23:df:de:21:14:59:0d:07:e9:dd:0f:
62:ac:ea:e3:8a:30:5e:81:f5:3d:4d:70:e9:5a:e6:
7b:7e:71:24:90:d1:60:ca:b7:2c:63:b6:c6:26:eb:
d2:f9:b8:aa:4e:0e:24:0d:5c:28:16:f4:cf:ed:d5:
e1:94:1d:03:d4:01:6e:06:bc:fa:89:4a:61:a8:b8:
92:5e:48:23:32:da:aa:63:60:6d:60:f3:3e:37:b6:
46:d0:49:97:eb:2f:f1:45:00:9d:db:d4:df:ea:f0:
63:50:6b:a2:3f:f3:76:97:ef:d1:92:c1:21:c7:dc:
e0:3f:7a:59:56:24:ef:a4:29:8c:c6:5e:e5:08:04:
d9:c2:d0:3f:96:c5:27:53:b3:16:c5:84:6b:f5:de:
0d:07:f0:a4:50:5b:20:04:e3:f4:90:75:26:2a:77:
8b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BE:70:0A:9D:44:49:B6:C6:EF:71:4B:27:97:5F:59:D6:B7:E6:DE
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/0r5wCp1ESbbG73FLJ5dfWda35t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.243.121.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:70:53:b9:38:63:cb:e2:c4:40:64:13:91:11:14:f1:1d:60:
43:82:04:d5:7d:e3:90:2c:d8:e8:0b:14:53:a8:cf:67:0b:f2:
7f:00:e3:ef:be:42:91:56:e3:c3:a1:af:6e:8d:9f:cf:8c:e2:
ef:6d:3c:50:cc:3e:2c:c1:c8:8b:60:40:d0:cb:5f:36:1a:b2:
c9:48:27:15:df:03:03:7b:e2:44:d2:2b:32:e3:50:40:e0:d9:
46:5c:da:15:d6:9b:ae:a9:bb:fe:f2:83:38:d0:9e:8c:76:71:
77:20:aa:0c:e5:9b:c3:97:43:d1:61:b5:04:e1:be:00:20:f4:
16:ea:c6:72:50:38:54:7d:e8:31:e0:d8:4f:53:61:19:21:1b:
b3:87:c7:85:1d:b1:d1:fd:97:72:fc:ac:59:4d:7b:ec:b8:0f:
4e:92:f2:83:a8:f9:21:91:58:02:b2:1b:53:86:28:06:cb:1e:
a6:73:05:91:f8:0f:b7:5a:79:2e:27:ab:5e:21:36:dd:69:f5:
7d:1b:71:ae:8a:fe:b3:d2:f3:69:14:f5:37:22:08:e1:64:96:
ae:e5:0f:6f:58:ee:60:71:a3:70:c1:c1:ad:ef:49:9d:f8:8e:
42:3e:6a:c3:1c:5b:0b:e9:9f:15:ca:6f:65:af:7a:fc:f1:30:
02:e4:47:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSNkq1aLpKSgy9Vaz0oe/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmJlNzAwYTlkNDQ0OWI2YzZlZjcxNGIyNzk3NWY1OWQ2YjdlNmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgxXcoKNaKPHMueoXGpIDCPctNDw
r39lVwzIyjWkBiwwnaqCp774LAtx7bU1Wrrz+OaUJ5Pz7QrAvEFpI29B18nDsPLW
hrNbWUP6FhDYXDdF9g5GUuxaq1kwLafEI9/eIRRZDQfp3Q9irOrjijBegfU9TXDp
WuZ7fnEkkNFgyrcsY7bGJuvS+biqTg4kDVwoFvTP7dXhlB0D1AFuBrz6iUphqLiS
XkgjMtqqY2BtYPM+N7ZG0EmX6y/xRQCd29Tf6vBjUGuiP/N2l+/RksEhx9zgP3pZ
ViTvpCmMxl7lCATZwtA/lsUnU7MWxYRr9d4NB/CkUFsgBOP0kHUmKneLRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNK+cAqdREm2xu9xSyeXX1nWt+beMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvMHI1d0NwMUVTYmJHNzNGTEo1ZGZXZGEzNXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1PN5MA0G
CSqGSIb3DQEBCwUAA4IBAQC2cFO5OGPL4sRAZBORERTxHWBDggTVfeOQLNjoCxRT
qM9nC/J/AOPvvkKRVuPDoa9ujZ/PjOLvbTxQzD4swciLYEDQy182GrLJSCcV3wMD
e+JE0isy41BA4NlGXNoV1puuqbv+8oM40J6MdnF3IKoM5ZvDl0PRYbUE4b4AIPQW
6sZyUDhUfegx4NhPU2EZIRuzh8eFHbHR/Zdy/KxZTXvsuA9OkvKDqPkhkVgCshtT
higGyx6mcwWR+A+3WnkuJ6teITbdafV9G3Guiv6z0vNpFPU3IgjhZJau5Q9vWO5g
caNwwcGt70md+I5CPmrDHFsL6Z8Vym9lr3r88TAC5EfM
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:01 2025 by rpki-client