Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/653e8b-1f78-4c37-b254-73676526053b/1/cOkjoAoWTIDQaL0ywuAoAieDRzY.roa
File: cOkjoAoWTIDQaL0ywuAoAieDRzY.roa (raw, json)
Hash identifier: wF8+X1a0pjO8jPPafe7NoquJ9x3yfPoaflig4cJYXDI=
Subject key identifier: 70:E9:23:A0:0A:16:4C:80:D0:68:BD:32:C2:E0:28:02:27:83:47:36
Certificate issuer: /CN=af3b13fc9a60400172561b0a520df16cb251cf95
Certificate serial: 01857169C7D35A18DEF26C15A9492D40878C
Authority key identifier: AF:3B:13:FC:9A:60:40:01:72:56:1B:0A:52:0D:F1:6C:B2:51:CF:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzsT_JpgQAFyVhsKUg3xbLJRz5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/653e8b-1f78-4c37-b254-73676526053b/1/cOkjoAoWTIDQaL0ywuAoAieDRzY.roa
Signing time: Mon 02 Jan 2023 07:37:15 +0000
ROA not before: Mon 02 Jan 2023 07:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60631
IP address blocks: 212.23.201.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:c7:d3:5a:18:de:f2:6c:15:a9:49:2d:40:87:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3b13fc9a60400172561b0a520df16cb251cf95
Validity
Not Before: Jan 2 07:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70e923a00a164c80d068bd32c2e0280227834736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:92:89:bb:c0:53:b0:db:1b:ed:e8:46:08:35:
9e:cc:7a:a2:49:a2:f4:d7:a7:be:d3:0a:fe:b2:48:
3e:93:90:d9:15:b2:2f:a7:36:73:3d:88:8c:74:70:
fd:6d:44:5e:d4:75:c4:86:56:7a:2c:c3:31:62:0c:
c7:dd:77:ee:86:c0:9e:5c:31:31:09:09:b0:9f:58:
39:9b:15:b6:14:3a:bf:8a:5c:ad:a7:da:43:ca:67:
20:5a:aa:38:ca:2a:90:56:c2:4a:0d:ef:07:ab:f1:
d8:a5:f1:36:4b:91:bc:23:df:6e:c6:6f:90:80:2c:
ad:67:43:2f:99:bf:80:44:56:9a:52:57:f0:61:15:
63:0d:66:1a:c9:53:d8:a8:8b:f2:43:4a:c4:c7:99:
7b:51:05:0a:9f:d6:32:c6:3e:6f:da:21:a5:e4:05:
96:12:91:dc:77:cb:3e:f8:b2:82:2f:a4:5f:bc:e8:
73:9a:14:05:a0:4a:96:68:8e:01:22:65:63:44:9a:
1e:a7:6e:41:a7:68:45:4a:f5:43:40:a3:3f:df:8e:
66:f4:c0:e6:70:74:ba:8b:68:9e:3b:f9:dc:8b:eb:
30:71:ee:dd:19:e8:30:ff:04:8b:ed:1d:dc:e0:71:
2b:6f:be:42:01:9e:2b:c8:7b:50:1e:a7:78:28:8b:
c6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E9:23:A0:0A:16:4C:80:D0:68:BD:32:C2:E0:28:02:27:83:47:36
X509v3 Authority Key Identifier:
keyid:AF:3B:13:FC:9A:60:40:01:72:56:1B:0A:52:0D:F1:6C:B2:51:CF:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzsT_JpgQAFyVhsKUg3xbLJRz5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/653e8b-1f78-4c37-b254-73676526053b/1/cOkjoAoWTIDQaL0ywuAoAieDRzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/653e8b-1f78-4c37-b254-73676526053b/1/rzsT_JpgQAFyVhsKUg3xbLJRz5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.201.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:4b:58:ba:90:e0:7d:d0:d8:1d:91:50:39:1c:29:19:e9:dc:
50:6c:6c:f4:7c:c3:54:ae:7b:e1:0f:99:1f:96:14:2a:ca:bc:
13:04:65:ef:04:55:fa:e2:83:31:47:40:72:b7:fd:01:1f:22:
ec:cc:5f:f6:56:0b:d9:1b:de:c3:73:17:08:51:18:9c:e5:c2:
e8:7b:c7:c6:62:be:37:5a:89:aa:33:5e:8f:19:83:a7:10:70:
8a:13:f0:61:72:95:dc:6b:c8:3d:27:82:de:d2:e6:c8:15:aa:
cf:3d:e2:12:7e:47:70:d4:2a:f9:0b:5b:49:a0:9b:03:02:da:
4b:6c:c2:b7:64:ef:3b:c6:b7:86:4c:df:c4:d9:b8:cb:ce:b8:
42:6b:df:84:37:49:4c:13:dc:48:42:1b:cc:6e:bc:c6:3c:5a:
f2:2b:75:0e:a3:1a:57:c1:5f:6e:dd:c1:0b:c1:a4:8d:4a:a2:
5f:de:f7:b2:73:6d:6d:54:00:0b:b7:cc:49:b9:24:4a:5b:b6:
9d:5d:16:30:be:09:4e:a6:c6:c0:aa:99:10:c9:f3:9a:b9:8d:
a4:fe:78:3e:23:d5:47:9c:05:b7:8c:c0:a4:a1:42:6f:fe:0e:
5c:00:61:64:4e:0b:fc:e5:84:66:7b:77:0e:cc:2e:04:9e:46:
54:f6:ed:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxacfTWhje8mwVqUktQIeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmM2IxM2ZjOWE2MDQwMDE3MjU2MWIwYTUyMGRmMTZjYjI1
MWNmOTUwHhcNMjMwMTAyMDczNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGU5MjNhMDBhMTY0YzgwZDA2OGJkMzJjMmUwMjgwMjI3ODM0NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZKJu8BTsNsb7ehGCDWezHqiSaL0
16e+0wr+skg+k5DZFbIvpzZzPYiMdHD9bURe1HXEhlZ6LMMxYgzH3XfuhsCeXDEx
CQmwn1g5mxW2FDq/ilytp9pDymcgWqo4yiqQVsJKDe8Hq/HYpfE2S5G8I99uxm+Q
gCytZ0Mvmb+ARFaaUlfwYRVjDWYayVPYqIvyQ0rEx5l7UQUKn9Yyxj5v2iGl5AWW
EpHcd8s++LKCL6RfvOhzmhQFoEqWaI4BImVjRJoep25Bp2hFSvVDQKM/345m9MDm
cHS6i2ieO/nci+swce7dGegw/wSL7R3c4HErb75CAZ4ryHtQHqd4KIvGzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDpI6AKFkyA0Gi9MsLgKAIng0c2MB8GA1UdIwQY
MBaAFK87E/yaYEABclYbClIN8WyyUc+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpzVF9KcGdRQUZ5VmhzS1VnM3hiTEpSejVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi82NTNlOGItMWY3OC00YzM3LWIyNTQt
NzM2NzY1MjYwNTNiLzEvY09ram9Bb1dUSURRYUwweXd1QW9BaWVEUnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi82NTNlOGItMWY3OC00YzM3LWIyNTQtNzM2NzY1MjYwNTNi
LzEvcnpzVF9KcGdRQUZ5VmhzS1VnM3hiTEpSejVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfJMA0G
CSqGSIb3DQEBCwUAA4IBAQDAS1i6kOB90NgdkVA5HCkZ6dxQbGz0fMNUrnvhD5kf
lhQqyrwTBGXvBFX64oMxR0Byt/0BHyLszF/2VgvZG97DcxcIURic5cLoe8fGYr43
WomqM16PGYOnEHCKE/BhcpXca8g9J4Le0ubIFarPPeISfkdw1Cr5C1tJoJsDAtpL
bMK3ZO87xreGTN/E2bjLzrhCa9+EN0lME9xIQhvMbrzGPFryK3UOoxpXwV9u3cEL
waSNSqJf3veyc21tVAALt8xJuSRKW7adXRYwvglOpsbAqpkQyfOauY2k/ng+I9VH
nAW3jMCkoUJv/g5cAGFkTgv85YRme3cOzC4EnkZU9u21
-----END CERTIFICATE-----
Generated at Thu Jun 12 10:41:52 2025 by rpki-client