Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/d342b8-f64d-43f3-875c-1d64b21d3c74/1/2-HbLd3pHey3EVDVbG6uacZBpl0.roa
File: 2-HbLd3pHey3EVDVbG6uacZBpl0.roa (raw, json)
Hash identifier: RkPdce4+gFqfYliUaP/vLtvJbIGxQYKlh+uLy66yRtQ=
Subject key identifier: DB:E1:DB:2D:DD:E9:1D:EC:B7:11:50:D5:6C:6E:AE:69:C6:41:A6:5D
Certificate issuer: /CN=3ea3f5f665bb54bd5efce90a25656109863f8786
Certificate serial: 01856F39176BFF676B72E19475A5F64E5D84
Authority key identifier: 3E:A3:F5:F6:65:BB:54:BD:5E:FC:E9:0A:25:65:61:09:86:3F:87:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqP19mW7VL1e_OkKJWVhCYY_h4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/d342b8-f64d-43f3-875c-1d64b21d3c74/1/2-HbLd3pHey3EVDVbG6uacZBpl0.roa
Signing time: Sun 01 Jan 2023 21:24:50 +0000
ROA not before: Sun 01 Jan 2023 21:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 212.18.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:17:6b:ff:67:6b:72:e1:94:75:a5:f6:4e:5d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea3f5f665bb54bd5efce90a25656109863f8786
Validity
Not Before: Jan 1 21:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe1db2ddde91decb71150d56c6eae69c641a65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:58:e8:b8:46:53:e2:f2:ae:83:de:60:1a:54:
b1:19:4e:2b:bd:93:39:42:cd:d6:cd:73:21:8a:9c:
f3:7c:35:94:20:1d:85:8b:c1:d4:f3:7f:82:b3:1c:
67:7d:44:d7:28:b2:e3:87:d0:71:9a:84:46:43:ef:
25:6f:e2:84:fe:40:7f:25:25:7f:77:ef:91:98:7d:
6b:1d:e6:1c:5d:f9:35:76:23:32:1b:83:c1:64:5f:
52:96:cc:aa:87:bc:62:26:f8:ea:1b:09:6a:76:1a:
fd:11:ea:df:ae:c7:da:ea:bf:6e:9e:ff:1c:e2:9d:
75:b1:53:76:19:ac:31:2a:e5:93:07:49:3e:99:a7:
f5:ed:a4:87:97:0b:4b:cb:94:46:45:f3:e8:bb:40:
0c:a6:27:61:85:f5:3f:40:9c:61:8d:51:7c:e0:18:
b9:c2:82:f3:7e:22:fc:6e:57:8a:32:f6:fe:ed:52:
7a:c3:3f:99:3d:be:44:b5:ed:7a:e1:72:99:55:eb:
89:df:c1:b4:6a:17:42:fa:d7:ee:39:81:db:68:78:
4a:dc:fa:d3:d9:b3:65:ee:e2:ec:52:b6:38:5c:c0:
b1:7f:88:cb:e8:45:2e:44:ee:87:b2:24:e7:8b:37:
05:73:84:03:c2:c6:54:c5:b7:ea:d7:93:a3:df:f8:
c7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E1:DB:2D:DD:E9:1D:EC:B7:11:50:D5:6C:6E:AE:69:C6:41:A6:5D
X509v3 Authority Key Identifier:
keyid:3E:A3:F5:F6:65:BB:54:BD:5E:FC:E9:0A:25:65:61:09:86:3F:87:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqP19mW7VL1e_OkKJWVhCYY_h4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/d342b8-f64d-43f3-875c-1d64b21d3c74/1/2-HbLd3pHey3EVDVbG6uacZBpl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/d342b8-f64d-43f3-875c-1d64b21d3c74/1/PqP19mW7VL1e_OkKJWVhCYY_h4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.116.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:16:cb:b6:d7:37:a6:3b:83:8e:56:70:ec:83:a4:1d:8c:9a:
71:58:da:38:23:16:15:fd:f5:d3:94:02:30:03:5e:81:ef:9e:
2d:38:73:38:6f:75:f2:07:85:cf:5b:68:d3:e3:97:22:6c:8a:
93:b0:48:ca:de:85:84:18:4f:86:cc:50:be:8b:1a:0e:f0:9d:
f9:43:fc:99:2b:dd:87:ea:44:f3:d3:9d:0c:41:2d:1b:32:ca:
b6:44:38:f1:42:4f:7c:70:a2:41:9d:1d:df:04:e5:60:b9:fa:
75:65:5d:6b:68:4e:a0:f8:29:f5:d3:49:ba:27:c5:c6:bd:6e:
7d:2d:2c:98:8b:cb:b5:dc:31:76:69:6a:3c:81:f0:40:f8:de:
52:bd:af:c3:50:ee:ef:5a:9c:fa:0c:94:31:74:ed:59:43:3c:
ae:d5:e2:25:f9:e5:db:90:c9:40:18:70:53:63:5c:eb:60:9f:
21:20:5e:8d:35:f0:8a:af:48:a8:4e:76:0d:79:2c:9b:90:7a:
f1:bc:7b:01:de:f4:69:5c:91:f6:8d:b8:87:11:0a:17:57:a0:
0a:f0:1f:6c:e1:d3:61:ca:ae:88:e9:ee:b9:85:d3:99:d6:3d:
1f:4b:c9:68:a9:de:15:86:8d:f3:9a:e2:c5:d8:d1:77:c1:96:
3d:d2:73:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvORdr/2drcuGUdaX2Tl2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTNmNWY2NjViYjU0YmQ1ZWZjZTkwYTI1NjU2MTA5ODYz
Zjg3ODYwHhcNMjMwMTAxMjEyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmUxZGIyZGRkZTkxZGVjYjcxMTUwZDU2YzZlYWU2OWM2NDFhNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFjouEZT4vKug95gGlSxGU4rvZM5
Qs3WzXMhipzzfDWUIB2Fi8HU83+CsxxnfUTXKLLjh9BxmoRGQ+8lb+KE/kB/JSV/
d++RmH1rHeYcXfk1diMyG4PBZF9Slsyqh7xiJvjqGwlqdhr9Eerfrsfa6r9unv8c
4p11sVN2GawxKuWTB0k+maf17aSHlwtLy5RGRfPou0AMpidhhfU/QJxhjVF84Bi5
woLzfiL8bleKMvb+7VJ6wz+ZPb5Ete164XKZVeuJ38G0ahdC+tfuOYHbaHhK3PrT
2bNl7uLsUrY4XMCxf4jL6EUuRO6HsiTnizcFc4QDwsZUxbfq15Oj3/jHUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvh2y3d6R3stxFQ1WxurmnGQaZdMB8GA1UdIwQY
MBaAFD6j9fZlu1S9XvzpCiVlYQmGP4eGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFQMTltVzdWTDFlX09rS0pXVmhDWVlfaDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9kMzQyYjgtZjY0ZC00M2YzLTg3NWMt
MWQ2NGIyMWQzYzc0LzEvMi1IYkxkM3BIZXkzRVZEVmJHNnVhY1pCcGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9kMzQyYjgtZjY0ZC00M2YzLTg3NWMtMWQ2NGIyMWQzYzc0
LzEvUHFQMTltVzdWTDFlX09rS0pXVmhDWVlfaDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BJ0MA0G
CSqGSIb3DQEBCwUAA4IBAQDrFsu21zemO4OOVnDsg6QdjJpxWNo4IxYV/fXTlAIw
A16B754tOHM4b3XyB4XPW2jT45cibIqTsEjK3oWEGE+GzFC+ixoO8J35Q/yZK92H
6kTz050MQS0bMsq2RDjxQk98cKJBnR3fBOVgufp1ZV1raE6g+Cn100m6J8XGvW59
LSyYi8u13DF2aWo8gfBA+N5Sva/DUO7vWpz6DJQxdO1ZQzyu1eIl+eXbkMlAGHBT
Y1zrYJ8hIF6NNfCKr0ioTnYNeSybkHrxvHsB3vRpXJH2jbiHEQoXV6AK8B9s4dNh
yq6I6e65hdOZ1j0fS8loqd4Vho3zmuLF2NF3wZY90nNZ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:23 2025 by rpki-client