Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/0NtgYlJJvTfGGSg9uWuXHVUtbKQ.roa
File: 0NtgYlJJvTfGGSg9uWuXHVUtbKQ.roa (raw, json)
Hash identifier: VtmDCIwcBUvL2x6RB7kiXFf/1srq/NDHnxfxMMTUCk8=
Subject key identifier: D0:DB:60:62:52:49:BD:37:C6:19:28:3D:B9:6B:97:1D:55:2D:6C:A4
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0194258F8D5AFBA454F7B526F538CF8F60DF
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/0NtgYlJJvTfGGSg9uWuXHVUtbKQ.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398465
IP address blocks: 212.111.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8d:5a:fb:a4:54:f7:b5:26:f5:38:cf:8f:60:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0db60625249bd37c619283db96b971d552d6ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4b:8a:c8:75:35:54:20:ed:33:77:ba:30:c5:
12:46:dc:0c:28:80:ce:18:29:af:88:4a:ca:9d:80:
ff:c5:6f:0c:b9:ec:51:cf:94:52:45:35:60:8e:a5:
e3:91:ef:99:1b:a3:b2:8d:48:7b:f7:38:e6:f6:4d:
d5:3b:41:1b:61:4c:05:2a:9c:05:45:6c:e9:ca:7c:
04:94:09:75:de:aa:c8:6b:0e:b1:19:dd:dd:9b:e3:
c4:50:50:83:b8:1c:20:43:17:5c:a0:6e:64:55:58:
f4:78:f4:8c:c4:bd:aa:0b:25:9e:e9:23:e5:6a:5f:
d3:bc:62:e9:c0:4f:52:14:33:73:c1:ee:76:7d:fa:
38:86:7e:dd:e6:ba:ee:1c:a8:59:71:b6:a5:9e:c5:
3b:22:34:2f:01:27:de:7b:44:23:be:76:af:dd:24:
91:86:d4:b9:60:42:b5:12:93:96:c9:da:9e:1b:25:
f7:08:13:fc:2c:b9:51:7c:85:0f:46:90:fc:73:72:
72:6f:d6:53:ad:84:22:05:85:d7:e0:f6:8a:1a:1d:
8e:e9:49:d1:a7:7c:58:e9:54:be:a1:5b:9e:e2:93:
4c:62:05:6a:dd:63:34:c8:85:22:c1:87:f9:82:c3:
4c:58:0d:7d:cb:0a:3d:e7:4a:f2:1b:ba:19:e2:7b:
30:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:DB:60:62:52:49:BD:37:C6:19:28:3D:B9:6B:97:1D:55:2D:6C:A4
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/0NtgYlJJvTfGGSg9uWuXHVUtbKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
09:86:57:21:08:89:d5:ac:e3:2a:d3:7f:24:7c:5f:13:64:ae:
fd:61:99:1f:b4:2a:56:5d:88:56:56:7a:0f:5e:f5:34:d5:60:
4a:33:66:b1:75:29:72:2c:ed:d1:b8:56:a3:93:eb:25:86:47:
26:54:36:de:9b:16:11:0c:03:81:4f:12:a7:4b:2b:05:3d:33:
50:2f:09:e0:cf:50:86:d0:df:05:4c:ab:25:ea:b9:96:f1:04:
b0:d3:69:e2:8c:61:67:9b:5e:c5:84:be:8b:9b:72:9d:98:27:
91:63:75:31:59:df:d4:bc:54:08:e2:4c:7d:6b:bb:00:77:d3:
70:f5:51:83:e0:41:1b:2e:22:a7:32:47:ac:d3:85:86:b5:15:
66:14:cc:73:d7:52:7d:4e:a5:71:d1:32:39:37:b8:63:bb:30:
40:4d:93:ff:35:92:34:81:02:28:e7:56:aa:b3:49:ef:2b:6e:
c0:eb:54:7c:6f:a6:bd:2a:48:84:73:32:3a:5b:4e:ac:e5:19:
20:25:49:5c:b3:17:30:bc:48:c0:d2:52:52:e4:45:5e:04:a7:
70:9e:94:a9:77:e4:fc:a5:a0:27:e1:b8:5e:27:5f:f6:72:89:
ef:82:8e:d1:66:7b:2c:93:85:b8:f9:72:82:a1:1a:7e:0d:a6:
06:43:84:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj41a+6RU97Um9TjPj2DfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGRiNjA2MjUyNDliZDM3YzYxOTI4M2RiOTZiOTcxZDU1MmQ2Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskuKyHU1VCDtM3e6MMUSRtwMKIDO
GCmviErKnYD/xW8MuexRz5RSRTVgjqXjke+ZG6OyjUh79zjm9k3VO0EbYUwFKpwF
RWzpynwElAl13qrIaw6xGd3dm+PEUFCDuBwgQxdcoG5kVVj0ePSMxL2qCyWe6SPl
al/TvGLpwE9SFDNzwe52ffo4hn7d5rruHKhZcbalnsU7IjQvASfee0Qjvnav3SSR
htS5YEK1EpOWydqeGyX3CBP8LLlRfIUPRpD8c3Jyb9ZTrYQiBYXX4PaKGh2O6UnR
p3xY6VS+oVue4pNMYgVq3WM0yIUiwYf5gsNMWA19ywo950ryG7oZ4nswVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDbYGJSSb03xhkoPblrlx1VLWykMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvME50Z1lsSkp2VGZHR1NnOXVXdVhIVlV0YktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1G/cMA0G
CSqGSIb3DQEBCwUAA4IBAQAJhlchCInVrOMq038kfF8TZK79YZkftCpWXYhWVnoP
XvU01WBKM2axdSlyLO3RuFajk+slhkcmVDbemxYRDAOBTxKnSysFPTNQLwngz1CG
0N8FTKsl6rmW8QSw02nijGFnm17FhL6Lm3KdmCeRY3UxWd/UvFQI4kx9a7sAd9Nw
9VGD4EEbLiKnMkes04WGtRVmFMxz11J9TqVx0TI5N7hjuzBATZP/NZI0gQIo51aq
s0nvK27A61R8b6a9KkiEczI6W06s5RkgJUlcsxcwvEjA0lJS5EVeBKdwnpSpd+T8
paAn4bheJ1/2convgo7RZnssk4W4+XKCoRp+DaYGQ4QF
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:07 2025 by rpki-client