Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/32R6bWlY_kT-IdzSOS6jUQoRg-4.roa
File: 32R6bWlY_kT-IdzSOS6jUQoRg-4.roa (raw, json)
Hash identifier: xWfBJ4oVxeGqTJ5vFTiwfbecb58t1uRd3p+DZin3epw=
Subject key identifier: DF:64:7A:6D:69:58:FE:44:FE:21:DC:D2:39:2E:A3:51:0A:11:83:EE
Certificate issuer: /CN=8bdac18a7ad501ba7ea13567909f17e4f7327413
Certificate serial: 019422FC1C1551FD6AD0BB0FEF3336A89067
Authority key identifier: 8B:DA:C1:8A:7A:D5:01:BA:7E:A1:35:67:90:9F:17:E4:F7:32:74:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9rBinrVAbp-oTVnkJ8X5PcydBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/32R6bWlY_kT-IdzSOS6jUQoRg-4.roa
Signing time: Wed 01 Jan 2025 17:48:55 +0000
ROA not before: Wed 01 Jan 2025 17:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212123
IP address blocks: 212.94.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1c:15:51:fd:6a:d0:bb:0f:ef:33:36:a8:90:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdac18a7ad501ba7ea13567909f17e4f7327413
Validity
Not Before: Jan 1 17:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df647a6d6958fe44fe21dcd2392ea3510a1183ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fa:ee:42:48:64:71:8d:34:e1:29:92:2b:6e:
9b:cf:5d:c1:30:df:a7:d9:95:fb:f3:18:a3:35:15:
92:f3:b5:a2:54:69:ad:30:55:a2:18:b4:a5:89:18:
9f:50:72:51:a3:10:76:45:94:98:89:b8:88:d2:24:
22:e6:88:5b:08:e7:8d:61:89:f1:d2:77:a7:1b:51:
04:d8:75:bb:43:85:18:6d:70:c5:c2:45:a8:17:89:
c4:f2:99:50:b1:88:ca:c2:e9:83:39:2a:62:08:b0:
e1:f1:5e:20:aa:c2:c3:f0:bc:4b:26:70:22:dc:fe:
39:7a:01:47:d9:ca:ce:bc:ac:f8:f4:bc:a6:9e:2e:
81:6f:81:48:26:fe:0b:4f:70:4f:23:94:78:fc:15:
91:a8:e5:bd:cc:a1:3d:35:80:3e:0d:e5:5e:c2:99:
6c:35:74:3d:9e:52:21:85:1e:24:06:04:65:30:69:
ef:cb:9a:4a:15:1e:bf:14:34:94:1c:1b:d6:c1:b7:
73:ed:a3:8c:b8:9b:c8:6f:31:45:00:28:c1:17:00:
9e:70:c6:c7:2f:9a:b9:de:ff:92:0f:b7:e2:c8:92:
be:e2:26:da:5e:8b:7b:67:98:26:ef:39:be:17:33:
a8:29:99:0b:4d:92:09:37:45:60:ca:a5:25:c4:74:
45:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:64:7A:6D:69:58:FE:44:FE:21:DC:D2:39:2E:A3:51:0A:11:83:EE
X509v3 Authority Key Identifier:
keyid:8B:DA:C1:8A:7A:D5:01:BA:7E:A1:35:67:90:9F:17:E4:F7:32:74:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9rBinrVAbp-oTVnkJ8X5PcydBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/32R6bWlY_kT-IdzSOS6jUQoRg-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/i9rBinrVAbp-oTVnkJ8X5PcydBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.94.55.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:d0:13:f4:69:dd:9e:86:c8:b1:de:59:cb:bd:66:97:86:9f:
65:86:51:a7:2f:41:14:5b:9d:4f:ad:b4:16:c4:49:1f:22:59:
2a:fd:d8:0a:46:96:e7:18:90:b7:c5:45:85:52:6a:d0:62:e4:
5b:29:fe:ed:bf:cc:ab:58:e9:71:57:02:12:c1:86:0f:93:45:
dd:fb:b5:1b:a7:d8:bf:02:aa:d4:cd:f8:a2:2d:75:c6:bd:37:
a2:a0:dd:fd:2c:38:2e:96:fa:2d:22:18:3c:b7:fe:4b:8f:b0:
ea:f0:3e:14:93:ca:46:df:af:d6:a4:87:aa:45:15:cb:40:4b:
fc:82:12:e9:f8:d9:ee:18:5a:07:b3:db:b0:12:4b:e3:09:bd:
54:ca:8b:7c:24:03:1c:ad:4a:7d:b5:36:11:55:b3:e6:c3:46:
b2:76:d8:a3:50:7d:15:1c:0f:f1:24:b8:aa:df:6a:5c:d7:2e:
33:31:1e:10:df:d0:69:91:50:1c:69:f5:29:0c:1f:05:e7:a0:
f1:7e:91:08:f7:0f:b5:f0:b4:67:a5:1e:38:95:c5:50:2b:bf:
88:9d:db:77:96:ce:86:91:55:f7:df:61:0e:cd:30:69:a8:86:
31:17:aa:5c:b1:31:19:5c:8a:bc:5e:ff:0e:e7:92:e8:63:f7:
76:3f:8d:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/BwVUf1q0LsP7zM2qJBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGFjMThhN2FkNTAxYmE3ZWExMzU2NzkwOWYxN2U0Zjcz
Mjc0MTMwHhcNMjUwMTAxMTc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjY0N2E2ZDY5NThmZTQ0ZmUyMWRjZDIzOTJlYTM1MTBhMTE4M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/ruQkhkcY004SmSK26bz13BMN+n
2ZX78xijNRWS87WiVGmtMFWiGLSliRifUHJRoxB2RZSYibiI0iQi5ohbCOeNYYnx
0nenG1EE2HW7Q4UYbXDFwkWoF4nE8plQsYjKwumDOSpiCLDh8V4gqsLD8LxLJnAi
3P45egFH2crOvKz49Lymni6Bb4FIJv4LT3BPI5R4/BWRqOW9zKE9NYA+DeVewpls
NXQ9nlIhhR4kBgRlMGnvy5pKFR6/FDSUHBvWwbdz7aOMuJvIbzFFACjBFwCecMbH
L5q53v+SD7fiyJK+4ibaXot7Z5gm7zm+FzOoKZkLTZIJN0VgyqUlxHRFiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9kem1pWP5E/iHc0jkuo1EKEYPuMB8GA1UdIwQY
MBaAFIvawYp61QG6fqE1Z5CfF+T3MnQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlyQmluclZBYnAtb1RWbmtKOFg1UGN5ZEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zNzRmZDEtMDJjMi00NjcxLWJkYzkt
YzNjYzVkZTFlY2U5LzEvMzJSNmJXbFlfa1QtSWR6U09TNmpVUW9SZy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zNzRmZDEtMDJjMi00NjcxLWJkYzktYzNjYzVkZTFlY2U5
LzEvaTlyQmluclZBYnAtb1RWbmtKOFg1UGN5ZEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1F43MA0G
CSqGSIb3DQEBCwUAA4IBAQAq0BP0ad2ehsix3lnLvWaXhp9lhlGnL0EUW51PrbQW
xEkfIlkq/dgKRpbnGJC3xUWFUmrQYuRbKf7tv8yrWOlxVwISwYYPk0Xd+7Ubp9i/
AqrUzfiiLXXGvTeioN39LDgulvotIhg8t/5Lj7Dq8D4Uk8pG36/WpIeqRRXLQEv8
ghLp+NnuGFoHs9uwEkvjCb1Uyot8JAMcrUp9tTYRVbPmw0aydtijUH0VHA/xJLiq
32pc1y4zMR4Q39BpkVAcafUpDB8F56DxfpEI9w+18LRnpR44lcVQK7+Indt3ls6G
kVX332EOzTBpqIYxF6pcsTEZXIq8Xv8O55LoY/d2P43Q
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:41:25 2025 by rpki-client