Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/hlyS7iRkxJAwV1SvUmxsWYWmhB0.roa
File: hlyS7iRkxJAwV1SvUmxsWYWmhB0.roa (raw, json)
Hash identifier: 6U0oIoCbLP4//zghETbUkKwUdWcHoHjWEsm9OdXqJKM=
Subject key identifier: 86:5C:92:EE:24:64:C4:90:30:57:54:AF:52:6C:6C:59:85:A6:84:1D
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067CB2566B24057131382C324A5C5A7
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/hlyS7iRkxJAwV1SvUmxsWYWmhB0.roa
Signing time: Wed 01 Jan 2025 05:47:40 +0000
ROA not before: Wed 01 Jan 2025 05:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47538
IP address blocks: 212.243.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:cb:25:66:b2:40:57:13:13:82:c3:24:a5:c5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=865c92ee2464c490305754af526c6c5985a6841d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c1:e0:55:80:84:30:89:e4:32:9c:9c:d4:da:
ac:a6:93:9c:38:a3:6f:df:02:45:a3:73:c5:e8:12:
54:4d:df:87:2c:5e:af:fc:71:3d:b7:5e:33:f4:7d:
36:2e:2a:17:92:a3:e7:1b:5d:a3:42:79:67:90:31:
20:e4:b2:d7:7b:b0:e6:23:f0:12:df:67:56:20:07:
5f:4b:a9:b3:08:c2:cf:d3:74:f6:11:a6:86:38:1e:
c1:11:61:0a:49:00:0a:25:99:f0:5c:db:23:f4:1a:
22:ba:07:1c:d3:02:76:fe:06:c1:c1:87:37:3b:9b:
b6:5a:bb:5a:19:35:b7:bb:11:1f:f9:ba:1a:07:a5:
b0:64:9c:af:dd:a1:55:db:cc:55:3c:52:fb:db:87:
5e:a7:c0:25:ed:9a:0e:1a:9f:51:d0:5a:21:12:de:
fc:30:66:ba:1b:11:b0:59:4b:48:32:6f:45:0a:73:
a3:db:f2:72:70:11:7c:53:9b:cf:cd:e1:d8:46:01:
55:ac:47:c2:56:ef:15:69:3e:7d:85:e6:34:dc:4b:
32:f9:60:82:f6:e0:d4:88:d9:89:c3:09:23:05:de:
c0:a0:8e:1f:3b:e5:b9:be:5c:2c:03:96:65:73:5c:
5f:06:ea:96:0a:67:bd:30:f3:01:08:d9:72:5d:da:
e7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5C:92:EE:24:64:C4:90:30:57:54:AF:52:6C:6C:59:85:A6:84:1D
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/hlyS7iRkxJAwV1SvUmxsWYWmhB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.243.121.0/24
Signature Algorithm: sha256WithRSAEncryption
47:44:f2:e1:38:0b:41:22:ae:4d:59:48:5f:be:b2:e6:10:2c:
95:c4:2c:38:c1:6a:11:d4:c7:3b:41:d2:68:84:82:30:a0:84:
95:0d:7f:d2:43:c9:41:04:8e:ad:67:ee:10:c7:1f:58:d0:d1:
e4:2d:b9:90:67:e4:e1:22:61:04:3d:0e:8f:23:9d:17:b0:70:
c6:31:06:80:3c:83:c5:d4:a9:d6:eb:ec:7c:7e:49:a0:a2:23:
d5:b3:ed:1b:c1:36:ee:40:8c:c1:8a:19:28:72:93:c0:c7:a6:
97:54:4a:01:3d:6a:d0:b3:64:0d:40:f4:eb:d1:01:d9:94:d4:
e3:72:54:02:b6:09:03:0c:60:54:62:b7:4e:03:62:30:df:c4:
82:8d:63:6a:2c:69:b6:c6:6b:fb:ad:7c:83:58:b1:57:5e:44:
ee:b1:89:25:11:46:28:49:67:f1:44:c9:b2:f1:42:3d:98:7c:
83:32:f2:88:7f:2a:d0:9c:33:4a:26:c9:18:0b:08:4a:8e:e7:
3c:15:5a:7b:7b:55:3a:42:1e:15:b6:3e:e7:a5:70:91:27:08:
f7:a0:c0:5a:44:05:47:a3:fd:c4:79:56:b4:32:c3:cd:cd:3d:
d8:bc:eb:60:4e:44:ea:30:45:27:12:6e:b7:19:ab:7c:79:29:
a4:a6:dd:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ8slZrJAVxMTgsMkpcWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjVjOTJlZTI0NjRjNDkwMzA1NzU0YWY1MjZjNmM1OTg1YTY4NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MHgVYCEMInkMpyc1NqsppOcOKNv
3wJFo3PF6BJUTd+HLF6v/HE9t14z9H02LioXkqPnG12jQnlnkDEg5LLXe7DmI/AS
32dWIAdfS6mzCMLP03T2EaaGOB7BEWEKSQAKJZnwXNsj9Boiugcc0wJ2/gbBwYc3
O5u2WrtaGTW3uxEf+boaB6WwZJyv3aFV28xVPFL724dep8Al7ZoOGp9R0FohEt78
MGa6GxGwWUtIMm9FCnOj2/JycBF8U5vPzeHYRgFVrEfCVu8VaT59heY03Esy+WCC
9uDUiNmJwwkjBd7AoI4fO+W5vlwsA5Zlc1xfBuqWCme9MPMBCNlyXdrnRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZcku4kZMSQMFdUr1JsbFmFpoQdMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvaGx5UzdpUmt4SkF3VjFTdlVteHNXWVdtaEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1PN5MA0G
CSqGSIb3DQEBCwUAA4IBAQBHRPLhOAtBIq5NWUhfvrLmECyVxCw4wWoR1Mc7QdJo
hIIwoISVDX/SQ8lBBI6tZ+4Qxx9Y0NHkLbmQZ+ThImEEPQ6PI50XsHDGMQaAPIPF
1KnW6+x8fkmgoiPVs+0bwTbuQIzBihkocpPAx6aXVEoBPWrQs2QNQPTr0QHZlNTj
clQCtgkDDGBUYrdOA2Iw38SCjWNqLGm2xmv7rXyDWLFXXkTusYklEUYoSWfxRMmy
8UI9mHyDMvKIfyrQnDNKJskYCwhKjuc8FVp7e1U6Qh4Vtj7npXCRJwj3oMBaRAVH
o/3EeVa0MsPNzT3YvOtgTkTqMEUnEm63Gat8eSmkpt3W
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:07 2025 by rpki-client