Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/EhrQ7Q-cs8bAsDZSt1dgVzq1kAA.roa
File: EhrQ7Q-cs8bAsDZSt1dgVzq1kAA.roa (raw, json)
Hash identifier: JZjBGGI2249Bt7B2p+XChueH8pai+dBPXAWzTk+NTDI=
Subject key identifier: 12:1A:D0:ED:0F:9C:B3:C6:C0:B0:36:52:B7:57:60:57:3A:B5:90:00
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0194D7E43D000FABAE7748C962A21C70FF7F
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/EhrQ7Q-cs8bAsDZSt1dgVzq1kAA.roa
Signing time: Wed 05 Feb 2025 20:54:06 +0000
ROA not before: Wed 05 Feb 2025 20:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15731
IP address blocks: 212.116.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:e4:3d:00:0f:ab:ae:77:48:c9:62:a2:1c:70:ff:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Feb 5 20:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=121ad0ed0f9cb3c6c0b03652b75760573ab59000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a9:bb:bb:cf:e2:45:4b:74:0a:b4:7f:9b:25:
72:28:18:72:e5:1a:40:c2:0f:ac:3a:dc:ad:77:da:
d5:56:11:cc:56:be:b7:df:0a:4e:ae:a0:fa:cc:1b:
71:f2:f5:4b:6f:70:38:4c:71:36:3b:4b:65:2b:4e:
89:df:a5:d8:78:6a:c3:a0:90:ed:24:4f:b6:62:41:
a6:cf:39:f4:a4:8e:99:75:d2:a3:02:02:53:fa:ef:
23:c7:ae:36:a8:75:42:82:d5:97:14:a8:ca:0a:f5:
00:21:db:9a:e4:14:9f:51:55:5b:80:1a:8e:47:b8:
51:62:0f:ee:19:0b:53:9c:0f:cc:3b:88:95:61:3a:
05:0a:e7:61:e1:ab:cd:c0:db:9a:33:b0:08:9c:d2:
54:88:c8:16:fb:c6:d3:69:4e:1a:89:2e:19:d8:39:
e2:48:3b:e3:6e:ac:74:a8:73:f8:fc:5b:6d:fa:05:
c6:5b:84:2b:02:fa:a6:40:a6:fb:73:c2:eb:aa:73:
7d:ff:7e:08:b8:12:d8:f5:75:c2:58:55:63:79:7d:
c5:f1:72:8a:fd:c7:c5:70:52:54:01:01:de:df:96:
a9:52:52:c1:9e:63:75:3e:b8:3e:8a:2d:ab:56:d4:
a1:7b:03:47:bc:92:ee:03:7e:75:98:85:00:14:0e:
ee:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:1A:D0:ED:0F:9C:B3:C6:C0:B0:36:52:B7:57:60:57:3A:B5:90:00
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/EhrQ7Q-cs8bAsDZSt1dgVzq1kAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.236.0/24
Signature Algorithm: sha256WithRSAEncryption
90:28:9e:4e:c3:68:e8:9c:48:52:69:be:7c:57:c2:36:ac:51:
0c:99:ab:a7:b3:e3:66:1e:37:db:6e:8c:df:5b:3b:69:ad:03:
96:1c:38:17:f7:91:38:dc:5f:7c:fc:e8:ed:7b:50:23:0e:92:
31:60:5c:9b:87:06:aa:2f:bc:64:4f:fb:a3:cd:bd:be:8d:07:
a4:60:8f:1d:16:4a:1b:1c:a8:ce:34:98:46:ce:a3:6f:cc:95:
f0:85:fa:4b:e3:89:33:5d:18:e2:b5:33:79:7b:e2:cd:c2:a1:
f2:59:72:c2:15:83:eb:26:fa:27:2e:3d:22:df:cc:88:00:c8:
cd:68:07:93:7d:2d:14:c2:72:1d:6c:88:d7:fd:a5:64:6d:f7:
14:d3:67:f7:55:31:8f:c3:44:e3:f3:bf:73:fd:bf:6d:d2:11:
fe:11:e5:7a:3b:15:65:83:88:72:84:06:1a:ae:4d:9b:cb:59:
eb:36:90:c2:82:d8:51:c6:c4:93:2b:74:b8:67:6e:c3:14:01:
96:c3:d1:61:e1:15:c0:50:47:53:3c:21:53:39:cc:f7:06:01:
68:eb:e6:b5:21:a3:39:36:34:39:a8:e2:57:1b:38:69:95:f4:
4e:35:11:df:a2:fc:ca:a6:b6:51:36:bf:3e:b8:6e:80:49:9d:
43:95:68:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTX5D0AD6uud0jJYqIccP9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwMjA1MjA1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjFhZDBlZDBmOWNiM2M2YzBiMDM2NTJiNzU3NjA1NzNhYjU5MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6m7u8/iRUt0CrR/myVyKBhy5RpA
wg+sOtytd9rVVhHMVr633wpOrqD6zBtx8vVLb3A4THE2O0tlK06J36XYeGrDoJDt
JE+2YkGmzzn0pI6ZddKjAgJT+u8jx642qHVCgtWXFKjKCvUAIdua5BSfUVVbgBqO
R7hRYg/uGQtTnA/MO4iVYToFCudh4avNwNuaM7AInNJUiMgW+8bTaU4aiS4Z2Dni
SDvjbqx0qHP4/Ftt+gXGW4QrAvqmQKb7c8LrqnN9/34IuBLY9XXCWFVjeX3F8XKK
/cfFcFJUAQHe35apUlLBnmN1Prg+ii2rVtShewNHvJLuA351mIUAFA7upQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBIa0O0PnLPGwLA2UrdXYFc6tZAAMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvRWhyUTdRLWNzOGJBc0RaU3QxZGdWenExa0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1HTsMA0G
CSqGSIb3DQEBCwUAA4IBAQCQKJ5Ow2jonEhSab58V8I2rFEMmauns+NmHjfbbozf
WztprQOWHDgX95E43F98/Ojte1AjDpIxYFybhwaqL7xkT/ujzb2+jQekYI8dFkob
HKjONJhGzqNvzJXwhfpL44kzXRjitTN5e+LNwqHyWXLCFYPrJvonLj0i38yIAMjN
aAeTfS0UwnIdbIjX/aVkbfcU02f3VTGPw0Tj879z/b9t0hH+EeV6OxVlg4hyhAYa
rk2by1nrNpDCgthRxsSTK3S4Z27DFAGWw9Fh4RXAUEdTPCFTOcz3BgFo6+a1IaM5
NjQ5qOJXGzhplfRONRHfovzKprZRNr8+uG6ASZ1DlWjg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:37 2025 by rpki-client