Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/GSpTlfTO5KcQK2jI527EKT02SMc.roa
File: GSpTlfTO5KcQK2jI527EKT02SMc.roa (raw, json)
Hash identifier: TpoUJbGzlzV0iUGibBYOB2or2f2ZUtWBHSlc5utMfHk=
Subject key identifier: 19:2A:53:95:F4:CE:E4:A7:10:2B:68:C8:E7:6E:C4:29:3D:36:48:C7
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 019427B5D3A3C99F90532945D514BD602B76
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/GSpTlfTO5KcQK2jI527EKT02SMc.roa
Signing time: Thu 02 Jan 2025 15:50:15 +0000
ROA not before: Thu 02 Jan 2025 15:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47254
IP address blocks: 212.102.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d3:a3:c9:9f:90:53:29:45:d5:14:bd:60:2b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Jan 2 15:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=192a5395f4cee4a7102b68c8e76ec4293d3648c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:53:1d:5c:fe:9e:28:77:f9:fe:22:55:0b:58:
91:24:37:ba:c5:f9:9f:96:65:47:0c:be:cb:09:0f:
47:ac:f5:ea:99:41:15:69:8c:76:83:8e:45:9c:86:
b6:91:19:ac:4d:0c:50:a9:d2:6f:ba:48:86:b3:64:
b2:fe:1a:2c:36:bb:ee:30:ab:c1:6c:7f:22:26:8f:
8b:3a:51:4c:e3:6e:36:c8:b1:e5:b7:46:64:3c:f2:
41:e3:61:f6:3f:28:9e:1e:6a:50:c3:e3:54:65:c0:
4a:ba:a9:1b:66:4b:5d:fd:43:bc:8e:72:e1:94:3e:
e5:8c:48:c3:74:1a:a4:5f:61:70:e0:5d:33:b0:b8:
19:8b:c3:17:94:dc:5d:77:b6:d3:2a:b6:33:54:82:
77:a3:6a:90:bf:d1:43:7e:cf:fc:b9:09:74:84:b1:
3f:b6:65:77:c6:5c:08:0b:85:a6:49:91:aa:a8:26:
3a:bb:ad:8c:1a:ec:e1:60:c8:38:a6:cb:f4:71:40:
09:66:f0:eb:2a:44:c6:14:fb:94:bd:58:fd:01:6a:
80:9b:de:98:08:11:75:4e:df:a2:f0:e0:af:56:23:
19:ee:ff:ae:eb:0d:90:e8:a9:94:85:4e:58:a2:8b:
7e:bf:5a:89:bd:bd:31:0e:bc:de:12:21:40:6f:aa:
71:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2A:53:95:F4:CE:E4:A7:10:2B:68:C8:E7:6E:C4:29:3D:36:48:C7
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/GSpTlfTO5KcQK2jI527EKT02SMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.98.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:16:a4:27:67:f3:97:64:f3:22:b8:29:37:92:e7:a7:27:70:
59:c3:d6:6e:60:09:be:ac:a1:b7:99:f1:2b:12:e1:a6:c3:4d:
01:9b:4f:21:0c:2b:db:75:e1:46:a1:61:e3:90:c7:89:61:e4:
e7:ef:fb:06:d4:5d:be:2f:b9:c2:3e:39:9f:9f:83:82:46:2e:
72:3d:9f:cc:67:fd:74:8d:db:3e:03:8f:9f:ef:6a:57:bc:43:
30:75:86:56:a4:8b:5e:f6:cc:d3:88:3f:21:3a:a4:fc:49:74:
3d:e6:89:13:c7:66:94:59:36:b6:35:45:4a:1b:1c:e1:bf:f2:
c1:90:90:64:e9:4d:80:8d:13:3e:1e:d5:56:0f:45:6a:08:6f:
f8:88:6b:25:98:2a:e1:72:b3:e6:ed:c4:9e:9e:0b:a7:0b:1f:
5c:98:40:7a:9c:ea:bf:66:0b:38:9d:b6:87:4a:63:09:68:ea:
1a:1b:9b:f3:e2:92:00:9b:02:4d:f0:ef:20:59:3b:4d:a0:6c:
17:54:da:3f:99:73:ca:28:1a:c9:26:b7:d8:50:e4:63:2a:09:
fb:ca:85:38:ef:e4:e0:b6:15:42:82:c8:10:c0:b0:c0:d2:90:
76:7c:f2:eb:c0:4c:d3:16:13:38:43:80:28:c9:c1:c8:94:85:
66:f5:72:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntdOjyZ+QUylF1RS9YCt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy
MmMyMjgwHhcNMjUwMTAyMTU1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJhNTM5NWY0Y2VlNGE3MTAyYjY4YzhlNzZlYzQyOTNkMzY0OGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VMdXP6eKHf5/iJVC1iRJDe6xfmf
lmVHDL7LCQ9HrPXqmUEVaYx2g45FnIa2kRmsTQxQqdJvukiGs2Sy/hosNrvuMKvB
bH8iJo+LOlFM4242yLHlt0ZkPPJB42H2PyieHmpQw+NUZcBKuqkbZktd/UO8jnLh
lD7ljEjDdBqkX2Fw4F0zsLgZi8MXlNxdd7bTKrYzVIJ3o2qQv9FDfs/8uQl0hLE/
tmV3xlwIC4WmSZGqqCY6u62MGuzhYMg4psv0cUAJZvDrKkTGFPuUvVj9AWqAm96Y
CBF1Tt+i8OCvViMZ7v+u6w2Q6KmUhU5Yoot+v1qJvb0xDrzeEiFAb6pxoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkqU5X0zuSnECtoyOduxCk9NkjHMB8GA1UdIwQY
MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt
MDc3YmM4YmExZTVkLzEvR1NwVGxmVE81S2NRSzJqSTUyN0VLVDAyU01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk
LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GZiMA0G
CSqGSIb3DQEBCwUAA4IBAQAeFqQnZ/OXZPMiuCk3kuenJ3BZw9ZuYAm+rKG3mfEr
EuGmw00Bm08hDCvbdeFGoWHjkMeJYeTn7/sG1F2+L7nCPjmfn4OCRi5yPZ/MZ/10
jds+A4+f72pXvEMwdYZWpIte9szTiD8hOqT8SXQ95okTx2aUWTa2NUVKGxzhv/LB
kJBk6U2AjRM+HtVWD0VqCG/4iGslmCrhcrPm7cSengunCx9cmEB6nOq/Zgs4nbaH
SmMJaOoaG5vz4pIAmwJN8O8gWTtNoGwXVNo/mXPKKBrJJrfYUORjKgn7yoU47+Tg
thVCgsgQwLDA0pB2fPLrwEzTFhM4Q4AoycHIlIVm9XKM
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:55:39 2025 by rpki-client