Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/js9oNFtAP6uoXkguET2ifOtGxFk.roa
File: js9oNFtAP6uoXkguET2ifOtGxFk.roa (raw, json)
Hash identifier: xlI8bBSGf/iOY2KLlBGfTCvLGclFsfTElrxGe6FfxvM=
Subject key identifier: 8E:CF:68:34:5B:40:3F:AB:A8:5E:48:2E:11:3D:A2:7C:EB:46:C4:59
Certificate issuer: /CN=208de3ad18dd0ae14362d0e84dec043d379cc242
Certificate serial: 01942067DE88EAAEB35E892C956C0EB579EC
Authority key identifier: 20:8D:E3:AD:18:DD:0A:E1:43:62:D0:E8:4D:EC:04:3D:37:9C:C2:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/II3jrRjdCuFDYtDoTewEPTecwkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/js9oNFtAP6uoXkguET2ifOtGxFk.roa
Signing time: Wed 01 Jan 2025 05:47:45 +0000
ROA not before: Wed 01 Jan 2025 05:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12729
IP address blocks: 212.127.96.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:de:88:ea:ae:b3:5e:89:2c:95:6c:0e:b5:79:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=208de3ad18dd0ae14362d0e84dec043d379cc242
Validity
Not Before: Jan 1 05:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ecf68345b403faba85e482e113da27ceb46c459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:ae:8e:48:18:ef:60:e0:58:4a:d9:7e:81:
88:a0:81:3c:0d:e3:1b:53:7b:0f:99:32:5b:29:54:
b6:a4:5f:1a:72:7d:92:02:01:91:fb:15:25:3d:76:
0d:03:4d:56:f7:dc:06:55:97:ac:74:f4:2f:10:3b:
e2:ae:bd:fa:43:1f:39:d6:94:e0:49:ce:38:7d:2e:
14:1b:b1:0a:2d:1e:da:58:76:c8:3c:1f:57:18:7b:
61:76:c0:d0:fc:33:b6:90:f4:6f:f6:ce:ab:88:1e:
d6:7b:b5:86:72:51:a2:9e:b8:dd:f4:0f:bf:6f:0d:
30:e6:87:e1:b9:41:73:35:46:67:d6:15:b6:0a:11:
74:ec:ee:ae:35:b7:c6:56:d3:f0:89:b6:8c:de:d1:
e8:80:4d:47:0b:d6:5c:3d:26:33:a3:de:fc:55:6f:
12:e2:e5:41:24:80:87:74:48:c6:c9:a7:b6:1a:24:
a7:41:70:69:f2:55:14:b6:1e:fa:ab:b9:3c:c9:4f:
d3:0a:d0:e2:a4:86:1d:b0:61:04:40:34:f7:d6:12:
45:ad:fb:e9:99:b4:ed:3f:27:da:90:06:b4:d0:d0:
5f:ae:28:e0:82:ae:e5:05:d4:15:30:3b:e4:80:55:
f8:1a:e2:31:d9:f8:2e:6e:53:2c:d2:41:97:93:0d:
4f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CF:68:34:5B:40:3F:AB:A8:5E:48:2E:11:3D:A2:7C:EB:46:C4:59
X509v3 Authority Key Identifier:
keyid:20:8D:E3:AD:18:DD:0A:E1:43:62:D0:E8:4D:EC:04:3D:37:9C:C2:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/II3jrRjdCuFDYtDoTewEPTecwkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/js9oNFtAP6uoXkguET2ifOtGxFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/II3jrRjdCuFDYtDoTewEPTecwkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.127.96.0/19
Signature Algorithm: sha256WithRSAEncryption
08:5c:d8:a9:e1:e2:d6:64:2e:56:6c:38:3b:e4:06:37:1e:4f:
6f:23:8c:57:65:f7:a1:c1:8e:bb:78:73:5f:67:0c:8b:fb:e0:
10:d1:ed:42:db:d2:e4:46:64:08:38:e1:8d:2b:90:49:3b:d9:
5d:dc:6d:06:f2:79:6e:d9:32:d6:ec:06:55:68:4f:a0:d3:9a:
a8:01:80:6c:99:9d:8c:c3:e8:61:be:96:f4:8b:ab:1b:d6:0f:
0c:cf:93:32:78:29:45:a2:15:c3:5d:65:8e:c1:f4:66:35:da:
65:90:46:e7:c0:9c:6f:93:70:fd:8d:f4:9b:3b:5f:e9:b6:dd:
4d:b6:5d:ff:0a:e5:ee:9f:ec:a1:55:da:be:6d:7d:4c:63:0b:
34:e7:1f:56:0b:72:ea:ab:b9:aa:0a:2c:f5:b0:2f:a3:03:f5:
0a:9f:52:a5:81:d4:7b:33:e5:f9:4c:b1:0d:8e:86:f6:f1:f2:
23:a2:5a:c9:92:ba:12:2a:6f:da:f2:f5:ae:ec:06:04:db:97:
8c:a1:90:11:39:9a:8c:f8:0a:53:21:32:56:48:5f:e0:ff:8e:
9a:b0:fb:1a:54:bd:88:b6:86:33:0e:1a:41:d7:56:8f:ae:52:
6d:3a:07:5c:84:a8:a8:98:2b:d3:86:27:a3:ce:9c:24:07:33:
50:6b:08:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ96I6q6zXokslWwOtXnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOGRlM2FkMThkZDBhZTE0MzYyZDBlODRkZWMwNDNkMzc5
Y2MyNDIwHhcNMjUwMTAxMDU0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNmNjgzNDViNDAzZmFiYTg1ZTQ4MmUxMTNkYTI3Y2ViNDZjNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneGujkgY72DgWErZfoGIoIE8DeMb
U3sPmTJbKVS2pF8acn2SAgGR+xUlPXYNA01W99wGVZesdPQvEDvirr36Qx851pTg
Sc44fS4UG7EKLR7aWHbIPB9XGHthdsDQ/DO2kPRv9s6riB7We7WGclGinrjd9A+/
bw0w5ofhuUFzNUZn1hW2ChF07O6uNbfGVtPwibaM3tHogE1HC9ZcPSYzo978VW8S
4uVBJICHdEjGyae2GiSnQXBp8lUUth76q7k8yU/TCtDipIYdsGEEQDT31hJFrfvp
mbTtPyfakAa00NBfrijggq7lBdQVMDvkgFX4GuIx2fgublMs0kGXkw1PdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7PaDRbQD+rqF5ILhE9onzrRsRZMB8GA1UdIwQY
MBaAFCCN460Y3QrhQ2LQ6E3sBD03nMJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUkzanJSamRDdUZEWXREb1Rld0VQVGVjd2tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MTA5NGEtOTQ2OS00Mjk5LTg5ZjIt
YmRmNmU0Mjk0YzJlLzEvanM5b05GdEFQNnVvWGtndUVUMmlmT3RHeEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MTA5NGEtOTQ2OS00Mjk5LTg5ZjItYmRmNmU0Mjk0YzJl
LzEvSUkzanJSamRDdUZEWXREb1Rld0VQVGVjd2tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1H9gMA0G
CSqGSIb3DQEBCwUAA4IBAQAIXNip4eLWZC5WbDg75AY3Hk9vI4xXZfehwY67eHNf
ZwyL++AQ0e1C29LkRmQIOOGNK5BJO9ld3G0G8nlu2TLW7AZVaE+g05qoAYBsmZ2M
w+hhvpb0i6sb1g8Mz5MyeClFohXDXWWOwfRmNdplkEbnwJxvk3D9jfSbO1/ptt1N
tl3/CuXun+yhVdq+bX1MYws05x9WC3Lqq7mqCiz1sC+jA/UKn1KlgdR7M+X5TLEN
job28fIjolrJkroSKm/a8vWu7AYE25eMoZAROZqM+ApTITJWSF/g/46asPsaVL2I
toYzDhpB11aPrlJtOgdchKiomCvThiejzpwkBzNQawgp
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:42:15 2025 by rpki-client