Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/KJ8PG_FErwck4evdRiJflu9a6oY.roa
File: KJ8PG_FErwck4evdRiJflu9a6oY.roa (raw, json)
Hash identifier: 8vBAR5ZiT9Z9YjOnbsuw2Qxd6WrO4kBXZ6DGf92rReA=
Subject key identifier: 28:9F:0F:1B:F1:44:AF:07:24:E1:EB:DD:46:22:5F:96:EF:5A:EA:86
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 0185CDE6A72055E5348CA80EF02BB466A91E
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/KJ8PG_FErwck4evdRiJflu9a6oY.roa
Signing time: Fri 20 Jan 2023 06:38:43 +0000
ROA not before: Fri 20 Jan 2023 06:38:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 212.113.106.0/24 maxlen: 24
212.113.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cd:e6:a7:20:55:e5:34:8c:a8:0e:f0:2b:b4:66:a9:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jan 20 06:38:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=289f0f1bf144af0724e1ebdd46225f96ef5aea86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e2:22:e3:0f:29:18:2f:8b:fb:a4:b1:dd:78:
c2:45:bb:23:e0:16:77:dc:ca:1c:50:61:48:b8:03:
29:34:2d:d6:80:6a:16:b5:7a:61:44:26:14:e6:39:
16:c2:b9:f0:1b:2d:bc:5f:c1:b0:fd:41:a6:29:8b:
b1:3b:42:d6:2c:db:37:48:f2:a1:ea:14:ea:d3:cb:
f4:9d:4f:64:84:00:63:a0:11:6c:d3:6c:71:41:ee:
5e:ef:23:53:db:31:55:4c:b8:31:65:44:ef:66:60:
b1:ed:74:bb:9d:b8:e0:c4:15:a9:9f:76:80:47:40:
3b:78:49:5a:90:0c:24:fe:79:2c:08:45:b4:9a:88:
13:5e:db:5f:e9:20:00:37:11:99:3c:a7:82:86:08:
70:44:4b:42:74:05:7b:d5:e8:b3:5c:1a:b9:92:69:
fd:1e:04:85:a9:9e:f2:8f:46:34:c7:d2:81:e6:ab:
84:a4:e0:34:16:fa:84:a1:6c:6a:04:d6:de:64:78:
02:19:ba:4a:c9:9b:d7:2d:5e:2e:8f:91:04:fe:7a:
d6:17:6f:06:c6:97:68:6d:42:ff:4e:55:30:e4:8b:
34:8f:b5:f4:1c:5e:e5:57:d8:d4:b8:d8:28:62:55:
b6:58:bb:ee:23:36:7e:71:ee:76:36:13:32:15:ed:
06:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9F:0F:1B:F1:44:AF:07:24:E1:EB:DD:46:22:5F:96:EF:5A:EA:86
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/KJ8PG_FErwck4evdRiJflu9a6oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.106.0/24
212.113.116.0/24
Signature Algorithm: sha256WithRSAEncryption
31:0b:50:f9:34:7c:fb:2b:2e:ce:62:f0:1d:be:4f:14:79:c4:
44:5d:91:82:9d:64:94:ae:cf:18:86:03:0a:10:56:29:86:3b:
e7:58:fb:7c:d3:48:15:28:5f:79:f5:b3:df:85:26:6a:25:7c:
2e:e3:5d:50:c6:c2:a6:bc:44:1f:fa:70:f3:3f:bd:a8:81:c5:
44:63:44:1b:c5:de:0c:b6:a5:94:5b:11:54:77:4d:2b:ee:b2:
7f:0c:dc:8a:c8:08:22:a5:cb:27:f1:e7:e7:e5:e6:e0:fa:d3:
54:c9:80:98:55:03:d6:81:28:d7:22:0f:84:92:b4:ea:d2:45:
39:c1:6d:f8:c7:92:8f:53:01:e3:87:1e:98:7b:71:4f:d8:78:
e1:a4:95:8c:47:f2:fd:5d:98:e8:f2:ae:d8:46:41:87:5c:e8:
f0:65:00:92:3d:3f:73:e6:2f:e8:7e:d0:2e:31:24:25:57:78:
46:39:de:94:23:e5:66:a6:49:8d:9e:04:47:cc:e2:23:eb:b7:
18:4d:45:5f:7e:80:3a:2b:72:7a:c0:c2:3f:6a:0e:80:5b:f1:
9e:69:66:43:97:e9:b9:92:2e:72:37:0e:ca:25:e0:4d:0f:a9:
e6:d4:32:a8:fc:48:87:a5:c4:99:9f:34:9a:6e:f3:4c:a6:a0:
58:d4:a2:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXN5qcgVeU0jKgO8Cu0ZqkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjMwMTIwMDYzODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODlmMGYxYmYxNDRhZjA3MjRlMWViZGQ0NjIyNWY5NmVmNWFlYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeIi4w8pGC+L+6Sx3XjCRbsj4BZ3
3MocUGFIuAMpNC3WgGoWtXphRCYU5jkWwrnwGy28X8Gw/UGmKYuxO0LWLNs3SPKh
6hTq08v0nU9khABjoBFs02xxQe5e7yNT2zFVTLgxZUTvZmCx7XS7nbjgxBWpn3aA
R0A7eElakAwk/nksCEW0mogTXttf6SAANxGZPKeChghwREtCdAV71eizXBq5kmn9
HgSFqZ7yj0Y0x9KB5quEpOA0FvqEoWxqBNbeZHgCGbpKyZvXLV4uj5EE/nrWF28G
xpdobUL/TlUw5Is0j7X0HF7lV9jUuNgoYlW2WLvuIzZ+ce52NhMyFe0GywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCifDxvxRK8HJOHr3UYiX5bvWuqGMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvS0o4UEdfRkVyd2NrNGV2ZFJpSmZsdTlhNm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1HFqAwQA
1HF0MA0GCSqGSIb3DQEBCwUAA4IBAQAxC1D5NHz7Ky7OYvAdvk8UecREXZGCnWSU
rs8YhgMKEFYphjvnWPt800gVKF959bPfhSZqJXwu411QxsKmvEQf+nDzP72ogcVE
Y0Qbxd4MtqWUWxFUd00r7rJ/DNyKyAgipcsn8efn5ebg+tNUyYCYVQPWgSjXIg+E
krTq0kU5wW34x5KPUwHjhx6Ye3FP2HjhpJWMR/L9XZjo8q7YRkGHXOjwZQCSPT9z
5i/oftAuMSQlV3hGOd6UI+VmpkmNngRHzOIj67cYTUVffoA6K3J6wMI/ag6AW/Ge
aWZDl+m5ki5yNw7KJeBND6nm1DKo/EiHpcSZnzSabvNMpqBY1KLo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:23 2025 by rpki-client