Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/gSnm-EZjHeRyWC-N13sHKCtwXD0.roa
File: gSnm-EZjHeRyWC-N13sHKCtwXD0.roa (raw, json)
Hash identifier: XrWZ+sfl0uhI0A7flT+pooDC75mu7ML2+ANNnnH7UFo=
Subject key identifier: 81:29:E6:F8:46:63:1D:E4:72:58:2F:8D:D7:7B:07:28:2B:70:5C:3D
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 018CC2DAECF1E4B7B61E808533BA5BA10D7E
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/gSnm-EZjHeRyWC-N13sHKCtwXD0.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51424
IP address blocks: 212.4.132.0/24 maxlen: 24
212.96.184.0/24 maxlen: 24
213.211.36.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ec:f1:e4:b7:b6:1e:80:85:33:ba:5b:a1:0d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8129e6f846631de472582f8dd77b07282b705c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0c:cf:00:6a:f1:eb:a2:9d:ca:d4:e3:0d:8b:
04:c6:59:e2:6d:3a:bb:f0:cd:a7:2f:7c:51:79:ff:
02:8a:d7:de:bb:aa:25:a7:01:70:f8:dd:12:28:bf:
c2:a4:91:64:cb:1a:58:fa:0f:75:d9:60:5a:7f:f3:
eb:b8:bb:c6:37:e2:77:0a:08:4d:83:0f:3a:51:83:
67:6d:d6:b9:f1:bf:ce:20:a2:63:86:fc:d2:f2:14:
4f:83:c4:f3:bb:8f:bc:02:0b:cf:64:8f:4a:3e:82:
77:cd:67:9c:ab:60:7c:3e:d0:2f:a7:21:9b:4f:78:
7c:5e:e9:cb:3f:4d:15:f5:54:98:d0:20:35:70:e5:
e7:64:76:8e:22:09:fd:37:70:20:23:67:5d:45:71:
6a:66:92:80:c6:55:68:3e:8f:08:0e:47:3d:db:20:
a8:d5:2c:4d:40:10:7f:1f:db:8e:51:61:13:92:be:
ee:8e:5e:16:95:53:8f:d7:e5:92:19:f3:11:b8:85:
9a:25:e6:bd:47:48:83:b4:33:97:1d:c5:7c:fc:46:
ca:b4:59:71:2f:ad:59:56:44:23:e1:e4:b1:25:58:
cc:84:89:0f:66:5a:aa:2b:6d:bb:b5:95:c0:94:d0:
21:4d:27:58:6c:ce:34:dd:fb:3b:b7:c8:4b:0f:f2:
f4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:29:E6:F8:46:63:1D:E4:72:58:2F:8D:D7:7B:07:28:2B:70:5C:3D
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/gSnm-EZjHeRyWC-N13sHKCtwXD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.4.132.0/24
212.96.184.0/24
213.211.36.0/24
Signature Algorithm: sha256WithRSAEncryption
53:ad:46:9c:15:c2:f0:ee:18:df:2c:aa:68:fa:66:ff:86:48:
63:80:4f:40:81:20:e3:1b:0c:8e:af:52:b9:0b:1c:4c:db:22:
f0:4b:e2:06:d4:22:8f:3c:d2:68:b4:f6:d7:04:e5:6d:5c:45:
3d:69:73:37:b8:19:10:ae:61:14:bd:6b:90:af:9e:0a:4a:82:
0a:cc:04:53:61:8c:3d:4d:ec:4a:0d:61:cf:e2:f8:f5:8b:54:
a2:04:86:9a:0b:b2:b4:6f:66:b0:b7:f2:14:33:34:46:97:dc:
dd:2c:e7:06:e8:b1:7f:91:b3:f7:80:c2:8c:a6:0c:6c:50:e8:
ee:10:a1:aa:60:5f:49:ad:91:cf:75:26:18:fa:f7:c5:45:0b:
51:17:79:45:5d:58:05:99:27:11:b6:86:d9:bb:05:03:a2:70:
6d:e0:f1:76:bf:7d:40:8d:8b:ca:32:98:c7:79:ed:a3:64:ed:
5a:e9:20:84:e3:99:c2:75:96:ae:eb:f2:79:a9:d1:31:fa:e1:
46:74:67:14:7b:51:a5:cd:d1:c3:9a:5b:0c:13:da:95:bc:30:
91:4f:5d:29:19:25:e9:80:eb:3f:1f:e9:31:5d:db:5e:52:5b:
f6:93:cb:51:84:28:e7:46:84:36:2d:9e:58:bd:90:19:5e:c1:
5a:c2:7f:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2uzx5Le2HoCFM7pboQ1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTI5ZTZmODQ2NjMxZGU0NzI1ODJmOGRkNzdiMDcyODJiNzA1YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwzPAGrx66KdytTjDYsExlnibTq7
8M2nL3xRef8Citfeu6olpwFw+N0SKL/CpJFkyxpY+g912WBaf/PruLvGN+J3CghN
gw86UYNnbda58b/OIKJjhvzS8hRPg8Tzu4+8AgvPZI9KPoJ3zWecq2B8PtAvpyGb
T3h8XunLP00V9VSY0CA1cOXnZHaOIgn9N3AgI2ddRXFqZpKAxlVoPo8IDkc92yCo
1SxNQBB/H9uOUWETkr7ujl4WlVOP1+WSGfMRuIWaJea9R0iDtDOXHcV8/EbKtFlx
L61ZVkQj4eSxJVjMhIkPZlqqK227tZXAlNAhTSdYbM403fs7t8hLD/L0SwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIEp5vhGYx3kclgvjdd7BygrcFw9MB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvZ1NubS1FWmpIZVJ5V0MtTjEzc0hLQ3R3WEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1ASEAwQA
1GC4AwQA1dMkMA0GCSqGSIb3DQEBCwUAA4IBAQBTrUacFcLw7hjfLKpo+mb/hkhj
gE9AgSDjGwyOr1K5CxxM2yLwS+IG1CKPPNJotPbXBOVtXEU9aXM3uBkQrmEUvWuQ
r54KSoIKzARTYYw9TexKDWHP4vj1i1SiBIaaC7K0b2awt/IUMzRGl9zdLOcG6LF/
kbP3gMKMpgxsUOjuEKGqYF9JrZHPdSYY+vfFRQtRF3lFXVgFmScRtobZuwUDonBt
4PF2v31AjYvKMpjHee2jZO1a6SCE45nCdZau6/J5qdEx+uFGdGcUe1GlzdHDmlsM
E9qVvDCRT10pGSXpgOs/H+kxXdteUlv2k8tRhCjnRoQ2LZ5YvZAZXsFawn82
-----END CERTIFICATE-----
Generated at Thu Jun 20 19:38:34 2024 by rpki-client on console-ams.rpki-client.org