Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/q2sdLUq8oTKjFXabTIHjNujteO4.roa
File: q2sdLUq8oTKjFXabTIHjNujteO4.roa (raw, json)
Hash identifier: DmdPmf4rfc5GBaM+wuurYH2BFaBH9ELo6PMdUoe2Fiw=
Subject key identifier: AB:6B:1D:2D:4A:BC:A1:32:A3:15:76:9B:4C:81:E3:36:E8:ED:78:EE
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019421B1FD9DFCC59B1CCAABEB5241E4EA94
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/q2sdLUq8oTKjFXabTIHjNujteO4.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 212.116.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fd:9d:fc:c5:9b:1c:ca:ab:eb:52:41:e4:ea:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab6b1d2d4abca132a315769b4c81e336e8ed78ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6e:20:4b:fc:68:0c:5a:74:88:39:e3:8b:99:
fa:85:4b:47:94:1d:70:50:ec:84:f6:63:21:4e:84:
0f:c4:b3:f7:48:17:90:5f:b2:fb:5d:6b:96:0f:ca:
0d:58:cb:4a:5b:dd:5e:84:91:06:b3:9e:7b:97:a3:
98:e8:c1:67:df:aa:29:ab:19:73:e6:42:21:8e:83:
ac:e0:89:95:76:e1:f4:b7:78:42:48:53:4a:69:60:
e9:80:43:2f:56:59:37:94:6a:da:58:d5:c3:46:54:
8e:05:f0:03:d4:05:e0:bf:88:2e:56:c9:9e:32:a6:
9b:d7:b9:55:a9:77:f0:b4:9b:41:37:34:67:9c:84:
93:95:02:0a:07:bc:d2:16:e4:68:8b:59:21:47:69:
f0:da:3f:34:87:07:16:6d:4b:78:5c:e6:46:55:7e:
ec:b6:3d:72:7b:c5:8f:df:c7:8f:7e:84:81:c6:24:
70:a9:f3:ec:a2:41:2d:3a:03:41:a9:d4:c5:06:d4:
78:d3:97:1f:a5:ac:11:de:05:d4:b5:07:e4:33:3e:
44:02:7e:46:6c:68:8f:1b:d7:3e:65:72:e4:59:c6:
9b:c2:56:72:d1:4d:43:d7:9e:44:b3:4d:0a:94:1b:
72:ce:24:af:df:24:df:92:62:39:04:7c:af:b5:8e:
bf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6B:1D:2D:4A:BC:A1:32:A3:15:76:9B:4C:81:E3:36:E8:ED:78:EE
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/q2sdLUq8oTKjFXabTIHjNujteO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.248.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:e5:69:b8:83:3d:e1:6a:fa:8a:3d:74:1a:c2:45:4b:58:da:
03:be:40:04:01:28:6b:e0:b6:c4:eb:92:48:13:33:6d:51:40:
17:ad:7a:37:83:08:92:6b:d9:a0:5f:bb:99:13:16:a0:e1:50:
01:a7:20:77:77:79:0e:ec:15:e9:99:89:23:d1:22:5d:f0:e3:
d9:ec:df:cd:d6:0b:ae:e9:0d:53:98:40:22:b6:29:d9:e2:26:
07:be:1a:3e:d3:5a:7d:46:91:10:52:d5:96:fa:80:48:57:0a:
6b:64:75:25:ee:7d:09:b7:d4:12:4f:e2:b3:87:d5:a4:3a:64:
31:5f:65:0c:fb:ea:6d:63:66:88:40:ba:93:21:34:6d:b2:d1:
17:2a:27:03:b7:5a:a1:ef:96:cd:1f:f5:3d:3e:c3:8b:82:1e:
bc:20:ca:e9:e3:c9:4b:0d:d7:cb:a0:8c:45:32:3c:7c:85:a4:
4c:bf:b3:e3:1b:37:c5:a8:2b:ca:13:6b:5a:e0:05:21:45:51:
ba:e3:44:ca:be:91:e8:9a:60:f0:fc:11:ad:fb:e5:8f:d3:df:
74:4d:73:11:27:97:a6:47:b2:8e:c6:98:35:e6:7c:58:3a:bf:
d3:29:58:a4:57:1e:39:32:0d:96:bf:60:87:b8:71:6a:77:20:
1f:95:4d:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsf2d/MWbHMqr61JB5OqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZiMWQyZDRhYmNhMTMyYTMxNTc2OWI0YzgxZTMzNmU4ZWQ3OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW4gS/xoDFp0iDnji5n6hUtHlB1w
UOyE9mMhToQPxLP3SBeQX7L7XWuWD8oNWMtKW91ehJEGs557l6OY6MFn36opqxlz
5kIhjoOs4ImVduH0t3hCSFNKaWDpgEMvVlk3lGraWNXDRlSOBfAD1AXgv4guVsme
Mqab17lVqXfwtJtBNzRnnISTlQIKB7zSFuRoi1khR2nw2j80hwcWbUt4XOZGVX7s
tj1ye8WP38ePfoSBxiRwqfPsokEtOgNBqdTFBtR405cfpawR3gXUtQfkMz5EAn5G
bGiPG9c+ZXLkWcabwlZy0U1D155Es00KlBtyziSv3yTfkmI5BHyvtY6/SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtrHS1KvKEyoxV2m0yB4zbo7XjuMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvcTJzZExVcThvVEtqRlhhYlRJSGpOdWp0ZU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1HT4MA0G
CSqGSIb3DQEBCwUAA4IBAQB85Wm4gz3havqKPXQawkVLWNoDvkAEAShr4LbE65JI
EzNtUUAXrXo3gwiSa9mgX7uZExag4VABpyB3d3kO7BXpmYkj0SJd8OPZ7N/N1guu
6Q1TmEAitinZ4iYHvho+01p9RpEQUtWW+oBIVwprZHUl7n0Jt9QST+Kzh9WkOmQx
X2UM++ptY2aIQLqTITRtstEXKicDt1qh75bNH/U9PsOLgh68IMrp48lLDdfLoIxF
Mjx8haRMv7PjGzfFqCvKE2ta4AUhRVG640TKvpHommDw/BGt++WP0990TXMRJ5em
R7KOxpg15nxYOr/TKVikVx45Mg2Wv2CHuHFqdyAflU1y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:46 2025 by rpki-client