Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/912a5a-2b92-48ac-ac48-338f155d158a/1/i3hHwjTxF0kW7iKCmIX5i_ejqgg.roa
File: i3hHwjTxF0kW7iKCmIX5i_ejqgg.roa (raw, json)
Hash identifier: WBoYGKjbRO5qDqeRjYWI4asQVrXdNDoV/iwfbWc3JAs=
Subject key identifier: 8B:78:47:C2:34:F1:17:49:16:EE:22:82:98:85:F9:8B:F7:A3:AA:08
Certificate issuer: /CN=7b8049757feeabebca077d66d511e6073a178603
Certificate serial: 018571F0D9FE3D46C3FEB8B50E23696E7EA1
Authority key identifier: 7B:80:49:75:7F:EE:AB:EB:CA:07:7D:66:D5:11:E6:07:3A:17:86:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4BJdX_uq-vKB31m1RHmBzoXhgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/912a5a-2b92-48ac-ac48-338f155d158a/1/i3hHwjTxF0kW7iKCmIX5i_ejqgg.roa
Signing time: Mon 02 Jan 2023 10:04:47 +0000
ROA not before: Mon 02 Jan 2023 10:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62375
IP address blocks: 212.18.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:d9:fe:3d:46:c3:fe:b8:b5:0e:23:69:6e:7e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b8049757feeabebca077d66d511e6073a178603
Validity
Not Before: Jan 2 10:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b7847c234f1174916ee22829885f98bf7a3aa08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9f:cd:02:d7:2a:71:74:8b:1c:22:7a:01:fd:
2a:e3:34:b0:c9:16:c4:59:26:c0:83:13:61:27:d2:
66:44:e5:fc:60:f0:b1:ec:e1:d3:1b:66:5b:fe:c2:
49:80:f3:95:56:b0:e2:f0:1a:e5:15:d5:a9:a6:7d:
32:b3:cd:de:88:a2:a2:7b:b2:a0:b8:0f:3d:6d:e6:
71:ae:c6:e6:af:66:78:4c:1a:13:36:be:24:9c:b9:
c7:8f:9e:7e:bd:a8:6a:b6:e3:52:64:9e:ea:66:03:
aa:03:b3:81:82:7b:a4:e4:ba:02:36:74:24:a7:a7:
15:4f:83:84:64:97:47:d5:34:87:cc:ff:17:55:5b:
00:ed:ab:4e:ca:8f:1b:12:1c:d0:f5:4b:e2:4a:85:
41:6a:8d:f8:78:2b:f8:59:f2:7a:f0:e6:60:8e:24:
a3:07:d5:ca:e2:5d:22:2a:3f:a9:71:7f:d4:92:7e:
80:5c:3b:4e:77:14:39:2e:78:74:c9:13:f9:e1:0d:
3f:c6:2a:5b:38:2a:59:83:18:00:7e:96:e5:71:4b:
e7:6f:62:f3:72:b1:a2:40:13:be:81:31:f6:61:9b:
24:40:5a:4d:b8:e1:4f:e7:02:1b:5e:e4:e7:d9:11:
0c:a0:b2:77:ae:50:b4:86:d8:c4:d9:fe:c1:1e:a3:
cb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:78:47:C2:34:F1:17:49:16:EE:22:82:98:85:F9:8B:F7:A3:AA:08
X509v3 Authority Key Identifier:
keyid:7B:80:49:75:7F:EE:AB:EB:CA:07:7D:66:D5:11:E6:07:3A:17:86:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4BJdX_uq-vKB31m1RHmBzoXhgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/912a5a-2b92-48ac-ac48-338f155d158a/1/i3hHwjTxF0kW7iKCmIX5i_ejqgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/912a5a-2b92-48ac-ac48-338f155d158a/1/e4BJdX_uq-vKB31m1RHmBzoXhgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.108.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:9c:40:ca:ad:fc:c4:7f:0b:86:0b:42:84:a3:e2:a6:8a:56:
cd:24:c9:cf:da:93:e2:58:66:02:a4:01:11:dc:94:0b:b1:bb:
45:5a:8d:90:0d:0a:9b:78:6e:6d:7c:6a:d0:42:09:72:aa:1b:
19:5c:d3:d5:20:44:08:3d:ee:d5:b5:56:3d:95:29:5c:42:7a:
e5:09:bb:58:1c:c9:f7:a5:3e:0f:a4:96:c0:3c:ff:34:57:39:
bb:76:46:12:58:f9:0c:69:62:ee:bf:e6:05:75:bd:61:8a:06:
56:5b:c0:f2:9c:e0:f7:ea:b9:e6:50:51:74:c6:be:f3:c0:93:
0c:e0:61:1b:61:03:d3:9a:de:a6:89:93:63:97:6b:54:e0:df:
93:a6:24:40:e7:44:2a:7a:64:20:5c:3a:f4:06:08:59:7b:b2:
01:a3:a4:11:a5:5d:7e:03:1c:82:b1:6c:dc:65:e2:b0:97:e3:
3f:5f:ad:80:3c:28:2b:f7:5e:c6:9c:09:58:c1:9b:36:f1:9f:
0f:f7:75:c4:28:8e:a3:0c:93:69:b2:38:da:bd:93:b7:8d:4c:
cb:c4:91:6c:38:85:f9:84:55:9c:8b:ef:9d:f0:52:46:cc:a5:
30:f6:d2:c3:7d:e0:02:46:70:d2:36:1d:02:97:48:64:4b:61:
b3:33:6a:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8Nn+PUbD/ri1DiNpbn6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODA0OTc1N2ZlZWFiZWJjYTA3N2Q2NmQ1MTFlNjA3M2Ex
Nzg2MDMwHhcNMjMwMTAyMTAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc4NDdjMjM0ZjExNzQ5MTZlZTIyODI5ODg1Zjk4YmY3YTNhYTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ/NAtcqcXSLHCJ6Af0q4zSwyRbE
WSbAgxNhJ9JmROX8YPCx7OHTG2Zb/sJJgPOVVrDi8BrlFdWppn0ys83eiKKie7Kg
uA89beZxrsbmr2Z4TBoTNr4knLnHj55+vahqtuNSZJ7qZgOqA7OBgnuk5LoCNnQk
p6cVT4OEZJdH1TSHzP8XVVsA7atOyo8bEhzQ9UviSoVBao34eCv4WfJ68OZgjiSj
B9XK4l0iKj+pcX/Ukn6AXDtOdxQ5Lnh0yRP54Q0/xipbOCpZgxgAfpblcUvnb2Lz
crGiQBO+gTH2YZskQFpNuOFP5wIbXuTn2REMoLJ3rlC0htjE2f7BHqPLQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIt4R8I08RdJFu4igpiF+Yv3o6oIMB8GA1UdIwQY
MBaAFHuASXV/7qvrygd9ZtUR5gc6F4YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRCSmRYX3VxLXZLQjMxbTFSSG1Cem9YaGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS85MTJhNWEtMmI5Mi00OGFjLWFjNDgt
MzM4ZjE1NWQxNThhLzEvaTNoSHdqVHhGMGtXN2lLQ21JWDVpX2VqcWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS85MTJhNWEtMmI5Mi00OGFjLWFjNDgtMzM4ZjE1NWQxNThh
LzEvZTRCSmRYX3VxLXZLQjMxbTFSSG1Cem9YaGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BJsMA0G
CSqGSIb3DQEBCwUAA4IBAQA/nEDKrfzEfwuGC0KEo+KmilbNJMnP2pPiWGYCpAER
3JQLsbtFWo2QDQqbeG5tfGrQQglyqhsZXNPVIEQIPe7VtVY9lSlcQnrlCbtYHMn3
pT4PpJbAPP80Vzm7dkYSWPkMaWLuv+YFdb1higZWW8DynOD36rnmUFF0xr7zwJMM
4GEbYQPTmt6miZNjl2tU4N+TpiRA50QqemQgXDr0BghZe7IBo6QRpV1+AxyCsWzc
ZeKwl+M/X62APCgr917GnAlYwZs28Z8P93XEKI6jDJNpsjjavZO3jUzLxJFsOIX5
hFWci++d8FJGzKUw9tLDfeACRnDSNh0Cl0hkS2GzM2qW
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:16:13 2025 by rpki-client