Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/ghkyMceGTC0aDeh2483JlRpc198.roa
File: ghkyMceGTC0aDeh2483JlRpc198.roa (raw, json)
Hash identifier: /azI/VSgkQv8tJj3oh+rCqAE4rfNy2WfQYeXzWgH+YQ=
Subject key identifier: 82:19:32:31:C7:86:4C:2D:1A:0D:E8:76:E3:CD:C9:95:1A:5C:D7:DF
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 018CC2DB253169D2D827B6B7D516617C73BD
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/ghkyMceGTC0aDeh2483JlRpc198.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202667
IP address blocks: 212.87.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:25:31:69:d2:d8:27:b6:b7:d5:16:61:7c:73:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82193231c7864c2d1a0de876e3cdc9951a5cd7df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:bc:f2:30:52:dd:35:40:d7:30:5a:9c:c0:49:
f0:f9:48:02:61:3e:cb:08:89:01:0d:e3:5a:0e:52:
a4:f0:15:da:db:3a:23:5c:c4:03:e2:cf:af:3e:2d:
4e:d4:92:60:c1:9e:8f:1b:29:15:d7:44:e6:f5:bb:
94:30:9e:5e:44:fc:d9:55:a7:80:41:ff:a7:9f:87:
aa:45:65:42:c2:2b:9c:f5:e4:c4:4b:01:a3:f1:56:
ac:78:78:7e:77:5e:79:89:3e:36:62:e6:98:bd:81:
9d:49:0e:d5:51:44:08:62:c2:9a:d6:82:5b:8f:7f:
44:53:d6:cb:4e:59:fe:89:08:bf:ff:84:ee:49:e5:
9d:ef:83:2e:74:00:15:86:4b:15:59:30:16:66:10:
4b:fe:2e:ce:fd:e3:73:94:2e:ab:5a:35:c0:22:cd:
ef:c0:9b:d7:8e:02:15:cf:20:be:f0:9d:19:29:fb:
2c:a0:f0:0f:42:ad:9e:7c:8a:bf:ef:e1:66:07:d2:
54:e8:81:8d:9e:94:25:be:c3:ac:4e:b4:5f:e8:1e:
8e:60:bc:c8:0c:70:57:a2:c6:3f:51:d6:11:46:b1:
a2:45:3f:9a:d8:e8:b4:7a:6c:b0:dc:ed:3e:ea:f6:
35:bc:a9:2d:b5:4e:aa:71:56:4b:a8:55:6d:da:fc:
60:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:19:32:31:C7:86:4C:2D:1A:0D:E8:76:E3:CD:C9:95:1A:5C:D7:DF
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/ghkyMceGTC0aDeh2483JlRpc198.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.252.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:32:d5:08:5c:8f:e9:86:0e:a9:02:15:75:d8:3f:2f:4b:0e:
95:a4:0e:d4:8c:ca:9b:ea:99:7e:ff:65:45:23:a7:dd:f6:4b:
72:85:d3:6f:4a:c6:fb:a9:ec:b4:d5:74:84:60:e1:5e:d9:d3:
cd:cb:62:51:13:4f:cd:6c:dc:6b:76:7e:11:83:4c:68:02:1d:
94:08:ab:fe:44:d7:e0:1b:05:0f:d4:be:f1:1c:55:5d:01:49:
45:a7:6d:1e:ce:00:91:bc:0e:3b:52:b5:76:1d:49:41:1f:16:
49:32:23:4e:65:e5:2d:cf:95:74:0b:ae:85:e8:97:65:5b:44:
72:9f:f2:b6:0e:a7:b3:93:3e:cb:77:b5:e0:1e:4e:af:86:27:
5a:d1:78:99:0d:a0:77:95:72:28:40:33:4b:54:95:e3:77:50:
8c:50:40:fa:81:67:b7:23:ae:56:8e:9a:67:fb:f8:ed:bf:a9:
52:d6:d8:d4:56:39:77:bf:d7:f1:75:b9:65:8f:13:fd:35:6c:
1a:87:13:aa:43:06:b7:67:76:68:29:fb:47:22:e9:bc:cf:06:
44:d0:3e:52:f2:b5:a7:8b:9f:56:85:6c:32:cd:09:cf:1f:6d:
23:ce:34:bf:dd:55:4c:99:12:d3:52:80:10:37:58:de:58:bf:
00:95:e5:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2yUxadLYJ7a31RZhfHO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmFhOTYxYjQ3N2Q1NDIzZDg1YjdkNDNmM2VmYTI2MzI2
ZDcwOTAwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE5MzIzMWM3ODY0YzJkMWEwZGU4NzZlM2NkYzk5NTFhNWNkN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rzyMFLdNUDXMFqcwEnw+UgCYT7L
CIkBDeNaDlKk8BXa2zojXMQD4s+vPi1O1JJgwZ6PGykV10Tm9buUMJ5eRPzZVaeA
Qf+nn4eqRWVCwiuc9eTESwGj8VaseHh+d155iT42YuaYvYGdSQ7VUUQIYsKa1oJb
j39EU9bLTln+iQi//4TuSeWd74MudAAVhksVWTAWZhBL/i7O/eNzlC6rWjXAIs3v
wJvXjgIVzyC+8J0ZKfssoPAPQq2efIq/7+FmB9JU6IGNnpQlvsOsTrRf6B6OYLzI
DHBXosY/UdYRRrGiRT+a2Oi0emyw3O0+6vY1vKkttU6qcVZLqFVt2vxgZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIZMjHHhkwtGg3oduPNyZUaXNffMB8GA1UdIwQY
MBaAFLAqqWG0d9VCPYW31D8++iYybXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEt
MDc4N2E1MDNjYTY5LzEvZ2hreU1jZUdUQzBhRGVoMjQ4M0psUnBjMTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEtMDc4N2E1MDNjYTY5
LzEvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Ff8MA0G
CSqGSIb3DQEBCwUAA4IBAQCqMtUIXI/phg6pAhV12D8vSw6VpA7UjMqb6pl+/2VF
I6fd9ktyhdNvSsb7qey01XSEYOFe2dPNy2JRE0/NbNxrdn4Rg0xoAh2UCKv+RNfg
GwUP1L7xHFVdAUlFp20ezgCRvA47UrV2HUlBHxZJMiNOZeUtz5V0C66F6JdlW0Ry
n/K2Dqezkz7Ld7XgHk6vhida0XiZDaB3lXIoQDNLVJXjd1CMUED6gWe3I65Wjppn
+/jtv6lS1tjUVjl3v9fxdblljxP9NWwahxOqQwa3Z3ZoKftHIum8zwZE0D5S8rWn
i59WhWwyzQnPH20jzjS/3VVMmRLTUoAQN1jeWL8AleVH
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:05 2025 by rpki-client