Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/yvd7ROcqjdqfwbqgapXEb-7VUqU.roa
File: yvd7ROcqjdqfwbqgapXEb-7VUqU.roa (raw, json)
Hash identifier: 4MkoXbQ5fkY09pnUUjvZyOYE4o39h9GdJHrXjCu9bik=
Subject key identifier: CA:F7:7B:44:E7:2A:8D:DA:9F:C1:BA:A0:6A:95:C4:6F:EE:D5:52:A5
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 019428233099C6B98450118C034F4D4BCA59
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/yvd7ROcqjdqfwbqgapXEb-7VUqU.roa
Signing time: Thu 02 Jan 2025 17:49:42 +0000
ROA not before: Thu 02 Jan 2025 17:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 212.113.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:30:99:c6:b9:84:50:11:8c:03:4f:4d:4b:ca:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jan 2 17:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=caf77b44e72a8dda9fc1baa06a95c46feed552a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:67:89:6a:2f:0e:85:ad:3c:7f:92:23:57:f1:
b4:db:70:6e:3e:f8:55:10:ea:95:7f:b0:c0:9c:d5:
ea:9a:3f:7c:61:ce:39:e7:d3:14:e5:0d:2b:af:5a:
8f:a1:88:40:7d:72:00:f1:8c:0c:37:46:d6:90:10:
2d:cc:46:1d:4b:5f:77:a1:49:0d:f1:15:f7:85:58:
c9:6c:f6:cc:c6:77:84:86:25:6c:d7:45:8c:ae:91:
6a:44:e7:58:c0:52:71:31:54:77:86:21:2f:3c:f2:
c1:c4:00:58:cc:4e:6b:61:73:bb:c1:17:eb:a7:43:
1b:c9:bf:9d:e3:31:5c:33:fa:78:c2:32:cb:96:d3:
fd:bb:bd:9b:8b:44:14:65:70:1a:1e:36:ff:16:7f:
4c:4a:eb:ce:63:03:6d:7b:0c:a1:60:d9:9e:31:d2:
ce:53:7e:48:5d:17:95:cb:a7:b0:ce:97:2b:92:37:
3b:25:46:84:36:c0:db:6b:70:06:a8:8e:46:c8:0a:
2a:e7:cd:9e:bc:b6:59:ef:f4:e7:9f:3a:ba:33:7a:
78:39:ab:8c:b2:f3:73:e8:c4:51:69:f4:4f:61:87:
a5:5f:a9:4b:72:02:ef:06:e5:49:9e:62:91:70:df:
48:e2:ce:31:08:15:fb:6a:5b:d8:bf:d1:40:3a:97:
48:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F7:7B:44:E7:2A:8D:DA:9F:C1:BA:A0:6A:95:C4:6F:EE:D5:52:A5
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/yvd7ROcqjdqfwbqgapXEb-7VUqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.100.0/22
Signature Algorithm: sha256WithRSAEncryption
06:b0:85:9d:4d:ed:a3:ba:d6:35:9e:02:71:3b:cd:ca:e1:4a:
4a:9d:6e:35:25:fd:5a:01:9e:eb:90:9a:37:69:13:4c:7d:37:
7a:01:98:2f:e1:f5:09:a8:b4:82:b6:2e:02:7b:58:2f:d1:c8:
8f:f9:40:7b:2b:bb:60:a7:a7:4d:7b:b8:f8:b3:76:80:f7:c0:
59:0b:c8:16:b5:ee:00:2e:f4:d7:45:3a:f5:0e:0b:dc:41:6c:
58:23:62:43:8c:08:de:75:ca:3b:cd:cc:54:a0:d9:67:b9:b5:
4b:b0:ac:94:4f:7a:ff:cf:5a:5f:3c:46:13:53:80:fd:38:da:
57:73:bb:0e:20:45:96:41:cb:1b:38:60:73:b6:ed:8e:2b:d8:
d9:c8:b9:55:ca:16:5e:e8:f5:33:0d:e5:a9:d3:41:d2:1d:03:
b7:81:b5:82:a7:b1:d6:4c:8e:4c:b2:af:7c:1b:67:00:9c:bd:
1b:16:36:7e:bd:cf:b4:e1:aa:9a:5a:c0:ce:72:1f:82:e7:cc:
50:5c:b5:bb:1e:da:9a:02:4d:24:a8:17:23:ba:9d:29:71:a3:
1b:ee:2c:f0:1f:0e:bd:26:31:ec:8c:7d:8c:30:9d:0f:89:08:
44:d4:8c:be:29:63:af:c3:13:0f:f0:da:f3:a6:93:02:f0:ae:
6c:1b:2c:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoIzCZxrmEUBGMA09NS8pZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjUwMTAyMTc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY3N2I0NGU3MmE4ZGRhOWZjMWJhYTA2YTk1YzQ2ZmVlZDU1MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmeJai8Oha08f5IjV/G023BuPvhV
EOqVf7DAnNXqmj98Yc4559MU5Q0rr1qPoYhAfXIA8YwMN0bWkBAtzEYdS193oUkN
8RX3hVjJbPbMxneEhiVs10WMrpFqROdYwFJxMVR3hiEvPPLBxABYzE5rYXO7wRfr
p0Mbyb+d4zFcM/p4wjLLltP9u72bi0QUZXAaHjb/Fn9MSuvOYwNtewyhYNmeMdLO
U35IXReVy6ewzpcrkjc7JUaENsDba3AGqI5GyAoq582evLZZ7/Tnnzq6M3p4OauM
svNz6MRRafRPYYelX6lLcgLvBuVJnmKRcN9I4s4xCBX7alvYv9FAOpdI+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMr3e0TnKo3an8G6oGqVxG/u1VKlMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEveXZkN1JPY3FqZHFmd2JxZ2FwWEViLTdWVXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1HFkMA0G
CSqGSIb3DQEBCwUAA4IBAQAGsIWdTe2jutY1ngJxO83K4UpKnW41Jf1aAZ7rkJo3
aRNMfTd6AZgv4fUJqLSCti4Ce1gv0ciP+UB7K7tgp6dNe7j4s3aA98BZC8gWte4A
LvTXRTr1DgvcQWxYI2JDjAjedco7zcxUoNlnubVLsKyUT3r/z1pfPEYTU4D9ONpX
c7sOIEWWQcsbOGBztu2OK9jZyLlVyhZe6PUzDeWp00HSHQO3gbWCp7HWTI5Msq98
G2cAnL0bFjZ+vc+04aqaWsDOch+C58xQXLW7HtqaAk0kqBcjup0pcaMb7izwHw69
JjHsjH2MMJ0PiQhE1Iy+KWOvwxMP8NrzppMC8K5sGyxP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:54 2025 by rpki-client