Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/sKgwH_qsKFIdVBNPCjMRALrjAbk.roa
File: sKgwH_qsKFIdVBNPCjMRALrjAbk.roa (raw, json)
Hash identifier: xO0rh0Oru5+rBF6C17fVLEf5JaTKe44jZwymROX07o8=
Subject key identifier: B0:A8:30:1F:FA:AC:28:52:1D:54:13:4F:0A:33:11:00:BA:E3:01:B9
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 019425223AE6B1375FD16A3C9D32D60DD64D
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/sKgwH_qsKFIdVBNPCjMRALrjAbk.roa
Signing time: Thu 02 Jan 2025 03:49:47 +0000
ROA not before: Thu 02 Jan 2025 03:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211970
IP address blocks: 212.126.113.0/24 maxlen: 24
2a04:2dc0:18::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:3a:e6:b1:37:5f:d1:6a:3c:9d:32:d6:0d:d6:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0a8301ffaac28521d54134f0a331100bae301b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5e:8c:31:bf:78:7f:07:94:5d:e8:8a:61:d5:
77:7d:bc:52:5e:65:49:f2:29:e1:e6:35:52:e6:66:
32:7a:a4:5f:ff:0a:ee:61:e1:a7:0b:c0:ab:1f:b5:
5b:a3:a1:e7:a4:4b:98:51:b2:39:fc:4e:90:ff:7c:
0a:7a:fb:d7:6c:a6:16:1d:bd:b3:d3:23:1e:18:ab:
ea:59:38:4f:c9:f0:4d:c0:ed:14:38:96:98:a2:15:
c3:ce:88:4d:57:ab:45:ad:68:90:a1:f3:12:55:96:
cc:ce:16:0f:58:e5:fa:61:36:6d:c1:89:82:26:6c:
d2:ec:2f:36:db:1a:db:cf:a8:79:34:d1:e0:83:84:
40:2a:30:a3:35:46:ec:9d:a6:f7:7a:66:44:bf:0e:
e5:29:f6:f9:c9:bc:91:7a:35:7a:a7:e7:95:ba:51:
21:1a:ae:36:fc:ca:af:52:9e:fe:40:fd:ec:a4:d5:
99:9f:b9:01:a3:e6:6a:1d:e4:45:5b:b9:7a:0c:2c:
3b:60:eb:26:b1:c6:45:84:ba:4e:ec:e6:85:f9:bb:
a5:01:b8:16:94:eb:e1:0e:d4:84:41:5d:95:cc:25:
b1:d6:e8:ab:29:35:a2:68:72:ff:a6:21:c2:6b:41:
9d:35:ae:1e:60:39:a9:af:9a:d8:33:0f:ec:10:a6:
86:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A8:30:1F:FA:AC:28:52:1D:54:13:4F:0A:33:11:00:BA:E3:01:B9
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/sKgwH_qsKFIdVBNPCjMRALrjAbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.113.0/24
IPv6:
2a04:2dc0:18::/48
Signature Algorithm: sha256WithRSAEncryption
ae:38:97:ad:c2:6d:21:b0:5b:eb:bc:3d:a8:f7:2f:f6:29:ec:
bb:11:b3:0c:55:7b:6c:a0:f0:07:7e:8f:c4:16:e5:fb:e0:7c:
85:36:cb:5f:31:79:2d:f3:1e:55:68:40:a3:bf:3e:c7:82:fa:
cd:e2:cb:95:41:70:e5:3b:08:06:a2:bc:6a:59:99:28:ce:5e:
3d:3d:46:a1:ce:c0:51:08:f8:73:6c:9e:9d:cb:ab:43:52:f1:
fa:24:46:ed:84:84:4b:5e:cd:47:94:69:c2:6a:27:a1:0d:b9:
19:a3:3f:51:03:7a:65:67:02:19:43:db:88:e0:76:27:08:ec:
c6:22:07:d1:05:75:69:17:7a:39:f5:62:be:24:ba:08:42:68:
71:ba:f5:1c:36:01:5d:79:c0:dc:5f:75:8a:49:1c:a7:b6:88:
70:c2:c3:d0:ea:3a:3a:39:05:c9:5c:5d:d5:46:fc:6d:3e:98:
be:85:13:57:17:f9:6b:7f:b8:49:bc:9d:f8:16:80:a5:e3:ca:
70:e7:a9:37:f2:b5:15:03:85:8c:97:f8:e2:22:cc:f9:2d:88:
8c:95:47:df:5e:36:d5:0c:dc:c2:1a:ef:d4:ff:41:54:22:43:
f7:3d:d7:4c:ad:38:ac:c9:0c:47:60:41:6e:6f:0d:fa:68:82:
6a:cb:ea:88
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQlIjrmsTdf0Wo8nTLWDdZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGE4MzAxZmZhYWMyODUyMWQ1NDEzNGYwYTMzMTEwMGJhZTMwMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF6MMb94fweUXeiKYdV3fbxSXmVJ
8inh5jVS5mYyeqRf/wruYeGnC8CrH7Vbo6HnpEuYUbI5/E6Q/3wKevvXbKYWHb2z
0yMeGKvqWThPyfBNwO0UOJaYohXDzohNV6tFrWiQofMSVZbMzhYPWOX6YTZtwYmC
JmzS7C822xrbz6h5NNHgg4RAKjCjNUbsnab3emZEvw7lKfb5ybyRejV6p+eVulEh
Gq42/MqvUp7+QP3spNWZn7kBo+ZqHeRFW7l6DCw7YOsmscZFhLpO7OaF+bulAbgW
lOvhDtSEQV2VzCWx1uirKTWiaHL/piHCa0GdNa4eYDmpr5rYMw/sEKaGNwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFLCoMB/6rChSHVQTTwozEQC64wG5MB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL3NLZ3dIX3FzS0ZJZFZCTlBDak1SQUxyakFiay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADUfnEw
DwQCAAIwCQMHACoELcAAGDANBgkqhkiG9w0BAQsFAAOCAQEArjiXrcJtIbBb67w9
qPcv9insuxGzDFV7bKDwB36PxBbl++B8hTbLXzF5LfMeVWhAo78+x4L6zeLLlUFw
5TsIBqK8almZKM5ePT1Goc7AUQj4c2yencurQ1Lx+iRG7YSES17NR5RpwmonoQ25
GaM/UQN6ZWcCGUPbiOB2JwjsxiIH0QV1aRd6OfViviS6CEJocbr1HDYBXXnA3F91
ikkcp7aIcMLD0Oo6OjkFyVxd1Ub8bT6YvoUTVxf5a3+4Sbyd+BaApePKcOepN/K1
FQOFjJf44iLM+S2IjJVH31421Qzcwhrv1P9BVCJD9z3XTK04rMkMR2BBbm8N+miC
asvqiA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:05:02 2025 by rpki-client