Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/47f768-f7a0-4500-bca7-dd919589a27f/1/xT8nZx3wo_bE1pbVwdNnBB_NdQ4.roa
File: xT8nZx3wo_bE1pbVwdNnBB_NdQ4.roa (raw, json)
Hash identifier: 2URp2gpqJSM1xxL3nyubyoN9DeUToTSCaNruoNztuaU=
Subject key identifier: C5:3F:27:67:1D:F0:A3:F6:C4:D6:96:D5:C1:D3:67:04:1F:CD:75:0E
Certificate issuer: /CN=bf8c64350a0dfd68a043b221f1860b480ae352de
Certificate serial: 01856C411B383B74F12D9EE573B45D613149
Authority key identifier: BF:8C:64:35:0A:0D:FD:68:A0:43:B2:21:F1:86:0B:48:0A:E3:52:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4xkNQoN_WigQ7Ih8YYLSArjUt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/47f768-f7a0-4500-bca7-dd919589a27f/1/xT8nZx3wo_bE1pbVwdNnBB_NdQ4.roa
Signing time: Sun 01 Jan 2023 07:34:44 +0000
ROA not before: Sun 01 Jan 2023 07:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 212.23.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:1b:38:3b:74:f1:2d:9e:e5:73:b4:5d:61:31:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf8c64350a0dfd68a043b221f1860b480ae352de
Validity
Not Before: Jan 1 07:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c53f27671df0a3f6c4d696d5c1d367041fcd750e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:12:3f:41:62:a0:2f:e1:d3:9b:db:4c:f8:c5:
43:e8:c0:c6:63:a8:25:bf:9a:4d:d0:a6:1b:81:e0:
27:ca:8b:7e:d6:39:43:37:84:12:76:70:5c:d0:19:
cf:75:94:6e:2d:fb:82:97:14:7d:57:c4:cc:f3:c7:
f8:0f:94:68:eb:a8:0f:ca:67:d1:af:c5:9c:21:2f:
69:29:07:f8:5e:db:09:3a:8f:79:67:d2:be:5b:e6:
12:f6:4b:84:93:76:dc:7d:6c:55:a9:d7:02:2b:43:
0d:05:72:f3:ce:c8:64:f4:99:56:18:88:87:f9:18:
38:c7:df:bc:a2:f9:50:96:1a:c2:cb:64:e8:e9:7d:
dc:4e:fc:38:39:58:86:d4:4f:de:15:34:50:94:e1:
b1:c6:10:a0:f1:86:ab:5e:f5:06:d4:11:0f:dc:e5:
4f:f3:dd:d8:33:01:4c:47:4d:95:2e:ca:5a:04:ac:
4c:d1:ab:0b:e5:6d:14:53:a2:a1:e0:82:10:1e:7f:
64:bd:55:72:62:7f:89:68:de:85:0c:8c:3c:81:62:
37:dd:a9:40:7a:e7:3f:5d:b8:72:58:21:29:2f:31:
eb:0e:bc:95:a3:21:c6:74:1c:4e:f9:c1:08:85:72:
94:6f:c3:29:4f:18:dc:21:df:08:9a:cf:fd:af:e2:
0d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3F:27:67:1D:F0:A3:F6:C4:D6:96:D5:C1:D3:67:04:1F:CD:75:0E
X509v3 Authority Key Identifier:
keyid:BF:8C:64:35:0A:0D:FD:68:A0:43:B2:21:F1:86:0B:48:0A:E3:52:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4xkNQoN_WigQ7Ih8YYLSArjUt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/47f768-f7a0-4500-bca7-dd919589a27f/1/xT8nZx3wo_bE1pbVwdNnBB_NdQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/47f768-f7a0-4500-bca7-dd919589a27f/1/v4xkNQoN_WigQ7Ih8YYLSArjUt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.205.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a2:2c:9d:62:00:08:30:df:fe:67:4b:1c:ff:02:f8:5a:ca:
0f:7b:da:11:54:a1:e4:f4:3a:f6:50:8f:ac:de:02:cd:ad:86:
2b:19:e5:fa:b8:8a:c7:a1:f9:83:eb:77:be:ca:dc:70:cc:74:
28:4d:fe:54:3c:21:92:37:02:9f:40:6a:84:f2:27:99:40:f3:
b5:f3:fc:e1:5c:ba:1b:59:f9:30:42:05:b3:8c:20:54:e4:d7:
d4:b9:e0:92:1c:71:8c:de:6a:8c:72:a8:29:41:1d:7e:c5:95:
80:49:8a:66:d4:5a:b3:c5:26:05:e2:15:9f:f6:49:2c:e5:b0:
bb:7b:34:7a:91:a3:af:00:25:ff:7c:df:42:58:3c:b7:12:fd:
75:9f:c4:2d:29:4b:82:20:c7:a0:86:f2:7c:7b:dd:fe:83:1f:
26:c0:83:a9:84:5e:91:d5:8a:0f:0e:29:47:e3:e4:06:0a:6e:
8c:f0:b3:e3:8f:25:f6:83:2a:fe:e7:31:d1:e0:2e:17:19:8a:
e0:f4:15:3c:f6:4c:a9:ee:b0:88:a3:88:f1:d2:a6:15:fc:f1:
a0:40:d0:c1:c5:ae:e5:f8:0f:45:f0:54:5e:c4:08:e8:5a:ca:
69:14:62:bc:41:dd:20:b3:0f:74:4a:4b:10:20:1f:3f:03:33:
9d:fb:46:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQRs4O3TxLZ7lc7RdYTFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmOGM2NDM1MGEwZGZkNjhhMDQzYjIyMWYxODYwYjQ4MGFl
MzUyZGUwHhcNMjMwMTAxMDczNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTNmMjc2NzFkZjBhM2Y2YzRkNjk2ZDVjMWQzNjcwNDFmY2Q3NTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshI/QWKgL+HTm9tM+MVD6MDGY6gl
v5pN0KYbgeAnyot+1jlDN4QSdnBc0BnPdZRuLfuClxR9V8TM88f4D5Ro66gPymfR
r8WcIS9pKQf4XtsJOo95Z9K+W+YS9kuEk3bcfWxVqdcCK0MNBXLzzshk9JlWGIiH
+Rg4x9+8ovlQlhrCy2To6X3cTvw4OViG1E/eFTRQlOGxxhCg8YarXvUG1BEP3OVP
893YMwFMR02VLspaBKxM0asL5W0UU6Kh4IIQHn9kvVVyYn+JaN6FDIw8gWI33alA
euc/XbhyWCEpLzHrDryVoyHGdBxO+cEIhXKUb8MpTxjcId8Ims/9r+INXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMU/J2cd8KP2xNaW1cHTZwQfzXUOMB8GA1UdIwQY
MBaAFL+MZDUKDf1ooEOyIfGGC0gK41LeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjR4a05Rb05fV2lnUTdJaDhZWUxTQXJqVXQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi80N2Y3NjgtZjdhMC00NTAwLWJjYTct
ZGQ5MTk1ODlhMjdmLzEveFQ4blp4M3dvX2JFMXBiVndkTm5CQl9OZFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi80N2Y3NjgtZjdhMC00NTAwLWJjYTctZGQ5MTk1ODlhMjdm
LzEvdjR4a05Rb05fV2lnUTdJaDhZWUxTQXJqVXQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfNMA0G
CSqGSIb3DQEBCwUAA4IBAQBBoiydYgAIMN/+Z0sc/wL4WsoPe9oRVKHk9Dr2UI+s
3gLNrYYrGeX6uIrHofmD63e+ytxwzHQoTf5UPCGSNwKfQGqE8ieZQPO18/zhXLob
WfkwQgWzjCBU5NfUueCSHHGM3mqMcqgpQR1+xZWASYpm1FqzxSYF4hWf9kks5bC7
ezR6kaOvACX/fN9CWDy3Ev11n8QtKUuCIMeghvJ8e93+gx8mwIOphF6R1YoPDilH
4+QGCm6M8LPjjyX2gyr+5zHR4C4XGYrg9BU89kyp7rCIo4jx0qYV/PGgQNDBxa7l
+A9F8FRexAjoWsppFGK8Qd0gsw90SksQIB8/AzOd+0YF
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:50:31 2025 by rpki-client