Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/Ho4pDAaaconFe5cZ7ygze1a44Xo.roa
File: Ho4pDAaaconFe5cZ7ygze1a44Xo.roa (raw, json)
Hash identifier: 1pC6hpICFpbgfqlZn7adq2AVfLKO5t0AC5KWofkjFSE=
Subject key identifier: 1E:8E:29:0C:06:9A:72:89:C5:7B:97:19:EF:28:33:7B:56:B8:E1:7A
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 01942220175B0C67866E63F3A71CCD8C3713
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/Ho4pDAaaconFe5cZ7ygze1a44Xo.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57900
IP address blocks: 212.24.246.0/24 maxlen: 24
212.24.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:17:5b:0c:67:86:6e:63:f3:a7:1c:cd:8c:37:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e8e290c069a7289c57b9719ef28337b56b8e17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b4:17:d2:a5:7b:bc:c2:b2:43:47:2c:e5:3c:
09:c0:a9:bf:2e:a3:75:6c:8d:bb:fe:3e:67:ab:19:
47:f8:4d:4a:20:de:90:79:77:f6:49:19:ba:aa:42:
4f:9d:4b:cb:cf:3c:83:20:96:f1:98:ba:19:65:35:
24:64:d5:9a:a7:ee:12:bf:01:7c:45:cb:99:af:ca:
ca:1d:48:99:85:af:16:26:b4:38:dd:dc:3f:8f:e8:
bc:67:f7:49:e7:e5:78:c0:69:dd:8c:c8:a5:2e:bd:
dc:db:29:de:ee:61:b2:19:b0:4d:67:2d:f2:d3:9b:
84:6c:76:a8:92:21:89:1a:e4:ca:e3:ba:07:f2:23:
dc:82:7f:38:b5:c3:a7:c2:85:dc:50:05:43:ae:91:
2f:fb:e5:56:a6:3c:e9:0f:af:14:f4:34:be:97:7c:
89:6f:1e:26:81:a7:7d:ad:bd:fd:d9:e1:92:1b:97:
eb:5d:e6:86:1b:74:b3:82:bd:ff:b9:ba:93:28:6a:
c1:ab:2f:28:98:ab:5a:04:b4:b1:d1:c4:05:88:04:
4d:e6:c8:da:3f:23:9b:84:9a:f8:1e:6e:00:4a:7e:
f0:30:58:13:aa:da:dd:67:33:9f:0b:6f:c6:d9:ac:
b5:29:2c:d6:59:c0:fe:52:68:cf:40:37:0e:29:c5:
97:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8E:29:0C:06:9A:72:89:C5:7B:97:19:EF:28:33:7B:56:B8:E1:7A
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/Ho4pDAaaconFe5cZ7ygze1a44Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.246.0/23
Signature Algorithm: sha256WithRSAEncryption
50:13:d8:bb:26:64:68:30:6b:db:93:89:d4:3a:de:e9:6b:8f:
62:f1:c6:c9:af:10:df:cc:68:d7:dc:4a:4d:0f:c9:27:d4:7e:
34:e0:c9:47:ef:fd:c5:81:dd:8d:24:6a:14:52:0c:22:fd:49:
f5:97:79:85:61:8e:ee:cc:36:af:a3:90:a3:a0:c6:99:63:ad:
a6:36:7e:8e:98:bb:4c:73:be:43:c9:a7:58:d4:d8:cf:38:27:
df:99:fd:d7:45:9c:59:c8:84:50:9d:e3:75:ac:24:80:ce:ee:
52:94:5a:f9:be:7f:18:07:b8:1a:ff:8a:ad:68:56:f0:73:d8:
90:7d:e3:8a:ed:b4:84:31:b8:83:1f:84:7b:62:e0:02:ca:55:
84:4a:01:1e:dd:75:29:a3:da:e3:52:26:73:8e:7a:c2:80:50:
fa:17:34:02:fa:28:b9:97:19:51:21:3c:3d:e5:8b:90:3b:6c:
ff:49:b6:dc:79:be:fd:ec:6c:47:ae:a3:84:ce:12:bb:df:66:
07:97:4f:e5:0d:bf:78:af:28:1a:c5:47:73:15:35:22:26:9f:
63:26:be:cd:a9:1e:52:04:0f:5a:51:45:a0:64:90:6a:f1:3b:
f4:b6:0d:53:35:a7:7a:88:60:66:de:ce:29:57:f0:a5:2e:25:
e3:40:e9:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBdbDGeGbmPzpxzNjDcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZThlMjkwYzA2OWE3Mjg5YzU3Yjk3MTllZjI4MzM3YjU2YjhlMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrQX0qV7vMKyQ0cs5TwJwKm/LqN1
bI27/j5nqxlH+E1KIN6QeXf2SRm6qkJPnUvLzzyDIJbxmLoZZTUkZNWap+4SvwF8
RcuZr8rKHUiZha8WJrQ43dw/j+i8Z/dJ5+V4wGndjMilLr3c2yne7mGyGbBNZy3y
05uEbHaokiGJGuTK47oH8iPcgn84tcOnwoXcUAVDrpEv++VWpjzpD68U9DS+l3yJ
bx4mgad9rb392eGSG5frXeaGG3Szgr3/ubqTKGrBqy8omKtaBLSx0cQFiARN5sja
PyObhJr4Hm4ASn7wMFgTqtrdZzOfC2/G2ay1KSzWWcD+UmjPQDcOKcWXKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6OKQwGmnKJxXuXGe8oM3tWuOF6MB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvSG80cERBYWFjb25GZTVjWjd5Z3plMWE0NFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1Bj2MA0G
CSqGSIb3DQEBCwUAA4IBAQBQE9i7JmRoMGvbk4nUOt7pa49i8cbJrxDfzGjX3EpN
D8kn1H404MlH7/3Fgd2NJGoUUgwi/Un1l3mFYY7uzDavo5CjoMaZY62mNn6OmLtM
c75DyadY1NjPOCffmf3XRZxZyIRQneN1rCSAzu5SlFr5vn8YB7ga/4qtaFbwc9iQ
feOK7bSEMbiDH4R7YuACylWESgEe3XUpo9rjUiZzjnrCgFD6FzQC+ii5lxlRITw9
5YuQO2z/Sbbceb797GxHrqOEzhK732YHl0/lDb94rygaxUdzFTUiJp9jJr7NqR5S
BA9aUUWgZJBq8Tv0tg1TNad6iGBm3s4pV/ClLiXjQOki
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:50:36 2025 by rpki-client