Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/dcd34b-c2c0-45a2-82df-b986b343bd4f/1/Zo1P2UbOsAqc272IhEGibipGN5g.roa
File: Zo1P2UbOsAqc272IhEGibipGN5g.roa (raw, json)
Hash identifier: tpk4qzNw7NrvmwxSaPXeG0bKDY5tAeAvhle3BeNbPP8=
Subject key identifier: 66:8D:4F:D9:46:CE:B0:0A:9C:DB:BD:88:84:41:A2:6E:2A:46:37:98
Certificate issuer: /CN=bc535e38f4c75a5db058ff5646c2ed341f3e89a4
Certificate serial: 0187E7B80E9ED8BBA4EDD91760644391E75A
Authority key identifier: BC:53:5E:38:F4:C7:5A:5D:B0:58:FF:56:46:C2:ED:34:1F:3E:89:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vFNeOPTHWl2wWP9WRsLtNB8-iaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/dcd34b-c2c0-45a2-82df-b986b343bd4f/1/Zo1P2UbOsAqc272IhEGibipGN5g.roa
Signing time: Thu 04 May 2023 17:03:31 +0000
ROA not before: Thu 04 May 2023 17:03:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59447
IP address blocks: 212.52.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:b8:0e:9e:d8:bb:a4:ed:d9:17:60:64:43:91:e7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc535e38f4c75a5db058ff5646c2ed341f3e89a4
Validity
Not Before: May 4 17:03:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=668d4fd946ceb00a9cdbbd888441a26e2a463798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0c:ac:b2:42:58:43:2c:b5:51:3b:53:78:e3:
d6:f6:d6:18:72:12:1d:44:f6:f7:c8:91:8d:5a:34:
8b:89:08:f6:09:cd:6b:7d:1e:b3:ac:18:33:11:5a:
5d:df:25:4b:a6:45:8f:1c:8d:a5:d5:32:b4:06:54:
00:ad:14:cf:cc:2f:2c:a5:7a:15:b4:68:ab:70:22:
3b:8e:18:9d:3c:14:8b:39:fd:98:e5:53:64:37:ec:
05:af:30:7e:e9:50:c2:3d:76:86:80:38:0d:d7:f5:
04:26:bf:62:7d:47:8f:e5:38:45:8a:a4:81:4b:c8:
dd:e6:03:7e:fb:9f:2d:f1:a7:a4:06:1e:1e:58:93:
6e:7a:1e:28:80:f9:2c:16:7c:0e:64:cd:d4:a4:b3:
23:1c:5f:cb:80:52:d0:7c:09:3c:30:1d:b6:b0:b1:
16:e7:79:84:a7:ad:2f:08:d0:c9:3b:bd:12:1f:63:
be:a8:e7:37:14:6e:63:6a:d6:36:96:5d:a6:47:49:
64:19:a2:00:8a:93:9e:f0:60:7b:62:3a:f4:a7:62:
c8:41:bd:77:f2:9f:60:5b:e5:9c:e0:84:58:39:01:
90:1d:a0:95:97:af:3a:a5:1f:39:ef:2c:1a:4f:f9:
56:d1:b5:78:b6:da:05:58:83:65:14:fe:ba:d4:57:
55:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8D:4F:D9:46:CE:B0:0A:9C:DB:BD:88:84:41:A2:6E:2A:46:37:98
X509v3 Authority Key Identifier:
keyid:BC:53:5E:38:F4:C7:5A:5D:B0:58:FF:56:46:C2:ED:34:1F:3E:89:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFNeOPTHWl2wWP9WRsLtNB8-iaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/dcd34b-c2c0-45a2-82df-b986b343bd4f/1/Zo1P2UbOsAqc272IhEGibipGN5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/dcd34b-c2c0-45a2-82df-b986b343bd4f/1/vFNeOPTHWl2wWP9WRsLtNB8-iaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.52.14.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9c:99:00:13:cb:1f:8e:b2:bb:fa:c9:18:5c:c2:1a:7d:f9:
b1:a7:e1:18:c6:29:9c:44:5b:34:0f:ac:b5:ea:ef:ea:92:54:
ef:e0:ab:d9:7e:e2:27:df:bd:40:f7:95:61:32:a1:92:ce:0a:
64:da:e3:7e:7b:70:bb:30:04:41:e6:e9:54:05:0c:47:d5:bc:
cf:7e:4a:18:e0:4c:d2:cb:3d:21:58:95:a2:cf:2e:25:d3:4b:
05:52:b7:67:22:fa:7a:31:9e:ae:04:ba:a4:02:60:35:5b:d5:
d2:4d:45:2e:cb:da:d5:3c:bd:3d:65:e8:98:b0:9f:66:34:4d:
2b:0b:a3:e7:9a:46:41:ba:4a:c1:fa:47:cd:24:b9:c8:9b:8b:
70:cd:c5:20:0d:83:eb:11:57:dd:83:eb:1c:66:96:22:fb:a5:
d0:1b:2e:4d:55:6e:e6:2f:71:05:17:26:e0:1e:f7:f9:de:e7:
40:21:5e:38:31:d5:57:b9:7b:85:f4:29:88:0e:dc:73:62:3a:
eb:5a:2d:0e:2b:c5:ef:58:4f:44:5a:04:ab:ae:47:3d:76:19:
71:c0:1e:30:ec:28:1a:fd:30:17:6c:c9:2a:94:76:9b:b4:7b:
3c:e5:89:4f:79:41:d9:64:ef:db:61:90:f8:1e:4a:e0:7c:f6:
75:a0:61:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfnuA6e2Luk7dkXYGRDkedaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNTM1ZTM4ZjRjNzVhNWRiMDU4ZmY1NjQ2YzJlZDM0MWYz
ZTg5YTQwHhcNMjMwNTA0MTcwMzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjhkNGZkOTQ2Y2ViMDBhOWNkYmJkODg4NDQxYTI2ZTJhNDYzNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgysskJYQyy1UTtTeOPW9tYYchId
RPb3yJGNWjSLiQj2Cc1rfR6zrBgzEVpd3yVLpkWPHI2l1TK0BlQArRTPzC8spXoV
tGircCI7jhidPBSLOf2Y5VNkN+wFrzB+6VDCPXaGgDgN1/UEJr9ifUeP5ThFiqSB
S8jd5gN++58t8aekBh4eWJNueh4ogPksFnwOZM3UpLMjHF/LgFLQfAk8MB22sLEW
53mEp60vCNDJO70SH2O+qOc3FG5jatY2ll2mR0lkGaIAipOe8GB7Yjr0p2LIQb13
8p9gW+Wc4IRYOQGQHaCVl686pR857ywaT/lW0bV4ttoFWINlFP661FdVjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGaNT9lGzrAKnNu9iIRBom4qRjeYMB8GA1UdIwQY
MBaAFLxTXjj0x1pdsFj/VkbC7TQfPomkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZOZU9QVEhXbDJ3V1A5V1JzTHROQjgtaWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kY2QzNGItYzJjMC00NWEyLTgyZGYt
Yjk4NmIzNDNiZDRmLzEvWm8xUDJVYk9zQXFjMjcySWhFR2liaXBHTjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kY2QzNGItYzJjMC00NWEyLTgyZGYtYjk4NmIzNDNiZDRm
LzEvdkZOZU9QVEhXbDJ3V1A5V1JzTHROQjgtaWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DQOMA0G
CSqGSIb3DQEBCwUAA4IBAQCXnJkAE8sfjrK7+skYXMIaffmxp+EYximcRFs0D6y1
6u/qklTv4KvZfuIn371A95VhMqGSzgpk2uN+e3C7MARB5ulUBQxH1bzPfkoY4EzS
yz0hWJWizy4l00sFUrdnIvp6MZ6uBLqkAmA1W9XSTUUuy9rVPL09ZeiYsJ9mNE0r
C6PnmkZBukrB+kfNJLnIm4twzcUgDYPrEVfdg+scZpYi+6XQGy5NVW7mL3EFFybg
Hvf53udAIV44MdVXuXuF9CmIDtxzYjrrWi0OK8XvWE9EWgSrrkc9dhlxwB4w7Cga
/TAXbMkqlHabtHs85YlPeUHZZO/bYZD4HkrgfPZ1oGGr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:12 2025 by rpki-client