Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/8Nz7pWuGzKddMGUQDfHKd23vSsc.roa
File: 8Nz7pWuGzKddMGUQDfHKd23vSsc.roa (raw, json)
Hash identifier: 0Zij1MsWucwtgl3mjLbhutBq2eFIXVXGt5jqt0MvUbY=
Subject key identifier: F0:DC:FB:A5:6B:86:CC:A7:5D:30:65:10:0D:F1:CA:77:6D:EF:4A:C7
Certificate issuer: /CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Certificate serial: 01942369F23B40C0DFC08F01722C7FB236C5
Authority key identifier: 7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/8Nz7pWuGzKddMGUQDfHKd23vSsc.roa
Signing time: Wed 01 Jan 2025 19:48:53 +0000
ROA not before: Wed 01 Jan 2025 19:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136744
IP address blocks: 212.23.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f2:3b:40:c0:df:c0:8f:01:72:2c:7f:b2:36:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Validity
Not Before: Jan 1 19:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0dcfba56b86cca75d3065100df1ca776def4ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d9:ae:a1:54:28:11:e4:0b:8f:2a:84:d8:47:
f3:cb:3e:67:13:b5:a8:af:e6:39:82:1c:ac:04:68:
db:87:a5:9d:84:0f:03:37:d5:54:65:cb:7f:e6:ec:
cb:78:2f:f2:ae:cf:aa:6c:24:02:08:16:5f:24:b4:
82:f4:0c:9b:a5:e4:e8:c6:a4:4e:dd:4a:38:f3:c8:
32:96:12:cd:0b:a6:a9:e7:1b:88:17:80:29:81:41:
69:d1:6c:bf:b0:cc:11:f0:5e:bf:26:d3:de:32:e7:
8b:6b:05:72:ab:28:05:47:4a:b6:91:72:82:55:82:
de:97:91:bf:71:72:35:50:ea:c7:0e:e3:51:14:57:
55:f2:a4:1b:86:45:c1:f8:09:7b:c1:c5:77:fe:bc:
27:d4:22:ef:e7:13:61:9b:8d:72:cf:29:81:f7:4f:
2f:7e:ad:eb:ad:b7:d0:4b:e0:ec:de:ab:80:5a:0a:
0a:de:42:80:3c:a7:e7:69:b6:b2:ce:de:60:41:da:
43:d3:da:c9:38:71:8f:16:a5:bb:d9:51:ff:0f:38:
04:4e:7e:18:f5:d5:64:28:c7:b9:93:6c:da:ff:72:
d3:e0:17:88:a7:9d:ec:2d:d0:52:9a:dc:fd:36:7c:
1f:42:7f:9f:f9:8a:e4:a8:ab:14:00:40:72:99:c5:
39:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DC:FB:A5:6B:86:CC:A7:5D:30:65:10:0D:F1:CA:77:6D:EF:4A:C7
X509v3 Authority Key Identifier:
keyid:7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/8Nz7pWuGzKddMGUQDfHKd23vSsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.208.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:4f:6b:12:e4:a7:a9:72:f1:2d:ab:a6:a3:bd:1a:84:0d:6d:
28:a9:f2:98:e3:ff:20:44:54:cf:43:6e:d8:0a:90:e7:1c:56:
e9:a9:c1:f1:e7:eb:a0:38:a1:f7:b9:cc:b1:a3:ee:81:d1:b8:
db:a8:f6:5e:ea:71:9a:01:08:f4:be:5e:14:d6:7b:d3:86:26:
56:fb:2f:44:40:ef:b0:5b:96:13:14:9e:4d:13:28:cd:9c:70:
17:29:ba:96:39:12:d7:9f:dd:42:0e:3c:32:d2:43:83:12:23:
ca:f6:d1:3e:be:7a:1e:4a:1e:5e:fb:48:d0:19:ff:51:9a:54:
f7:9f:6a:fd:10:f7:1b:93:a7:14:d4:59:9e:aa:ea:62:71:b3:
fb:8a:d4:52:7e:f6:c3:cf:16:9b:0c:1e:bc:75:02:fb:5e:85:
93:c3:24:f5:de:16:b1:d4:ca:da:4d:30:2c:9b:1e:f6:d1:82:
48:30:5e:db:51:ec:c8:45:90:c4:24:d9:7b:58:8c:e8:47:99:
44:4a:1d:71:7d:98:12:1b:d8:8d:5a:df:b5:f4:09:0b:2a:fd:
2f:d6:79:7d:9b:01:93:6a:62:0d:51:52:b8:e8:f1:3e:16:06:
5d:fa:67:a2:02:f8:ae:cc:0d:20:8d:fc:b8:3e:e5:b1:a5:36:
5c:99:14:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjafI7QMDfwI8Bcix/sjbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzczNGRmZWExMjA2NTc0MTJlYTg2N2RkYmM3Yjg0ZDEz
MmJmNzgwHhcNMjUwMTAxMTk0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGRjZmJhNTZiODZjY2E3NWQzMDY1MTAwZGYxY2E3NzZkZWY0YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9muoVQoEeQLjyqE2Efzyz5nE7Wo
r+Y5ghysBGjbh6WdhA8DN9VUZct/5uzLeC/yrs+qbCQCCBZfJLSC9AybpeToxqRO
3Uo488gylhLNC6ap5xuIF4ApgUFp0Wy/sMwR8F6/JtPeMueLawVyqygFR0q2kXKC
VYLel5G/cXI1UOrHDuNRFFdV8qQbhkXB+Al7wcV3/rwn1CLv5xNhm41yzymB908v
fq3rrbfQS+Ds3quAWgoK3kKAPKfnabayzt5gQdpD09rJOHGPFqW72VH/DzgETn4Y
9dVkKMe5k2za/3LT4BeIp53sLdBSmtz9NnwfQn+f+YrkqKsUAEBymcU5QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDc+6VrhsynXTBlEA3xyndt70rHMB8GA1UdIwQY
MBaAFH93NN/qEgZXQS6oZ928e4TRMr94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYt
MTk2OTMxOTYyZDNjLzEvOE56N3BXdUd6S2RkTUdVUURmSEtkMjN2U3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYtMTk2OTMxOTYyZDNj
LzEvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfQMA0G
CSqGSIb3DQEBCwUAA4IBAQBfT2sS5KepcvEtq6ajvRqEDW0oqfKY4/8gRFTPQ27Y
CpDnHFbpqcHx5+ugOKH3ucyxo+6B0bjbqPZe6nGaAQj0vl4U1nvThiZW+y9EQO+w
W5YTFJ5NEyjNnHAXKbqWORLXn91CDjwy0kODEiPK9tE+vnoeSh5e+0jQGf9RmlT3
n2r9EPcbk6cU1FmequpicbP7itRSfvbDzxabDB68dQL7XoWTwyT13hax1MraTTAs
mx720YJIMF7bUezIRZDEJNl7WIzoR5lESh1xfZgSG9iNWt+19AkLKv0v1nl9mwGT
amINUVK46PE+FgZd+meiAviuzA0gjfy4PuWxpTZcmRTB
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:28:22 2025 by rpki-client