Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/1uUjO7pETOFcHem2Hg6p_kdQESg.roa
File: 1uUjO7pETOFcHem2Hg6p_kdQESg.roa (raw, json)
Hash identifier: HAmU73GqFEkht5gWJePFggEzF2DP0w5E1kQ3iTNl5rc=
Subject key identifier: D6:E5:23:3B:BA:44:4C:E1:5C:1D:E9:B6:1E:0E:A9:FE:47:50:11:28
Certificate issuer: /CN=46ca4dc9c70661f721d68ce53601d3d5f9aa8c32
Certificate serial: 018ACB84DEEF58CBAF00763A6E1C1821777E
Authority key identifier: 46:CA:4D:C9:C7:06:61:F7:21:D6:8C:E5:36:01:D3:D5:F9:AA:8C:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RspNyccGYfch1ozlNgHT1fmqjDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/1uUjO7pETOFcHem2Hg6p_kdQESg.roa
Signing time: Mon 25 Sep 2023 08:46:37 +0000
ROA not before: Mon 25 Sep 2023 08:46:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20648
IP address blocks: 212.34.128.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:84:de:ef:58:cb:af:00:76:3a:6e:1c:18:21:77:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ca4dc9c70661f721d68ce53601d3d5f9aa8c32
Validity
Not Before: Sep 25 08:46:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6e5233bba444ce15c1de9b61e0ea9fe47501128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:65:23:b3:29:27:6a:27:3b:da:8e:f8:12:75:
35:3d:bc:c7:a2:2e:88:33:0b:e5:a3:a3:3a:e4:9f:
7d:d2:a4:a0:9f:52:be:a4:d9:c2:3f:75:0c:13:21:
dd:c1:5e:d6:5a:3b:37:b1:43:fd:fe:7f:aa:05:19:
07:e8:8c:83:39:dd:a5:42:60:38:b7:28:60:6a:d9:
21:cc:ad:bb:c6:c1:af:53:4a:9d:e4:11:90:6c:0e:
2f:8e:dd:78:09:09:de:e0:2c:50:85:91:fe:78:5f:
b3:53:21:f4:6f:39:d1:eb:cc:5a:4b:5c:92:86:a0:
09:61:fc:b2:06:c2:37:be:3e:75:78:7c:6a:a7:ff:
70:04:ef:67:1d:62:eb:81:6f:6c:83:74:95:7c:b1:
a4:a8:c0:81:b2:93:0c:ff:b7:8a:07:b3:04:92:3f:
91:aa:c8:3a:d0:e7:81:c7:70:bd:85:85:f8:93:89:
0c:6c:2b:f6:f6:12:bc:80:17:7d:7c:a3:6a:0c:54:
80:9d:c4:4f:cd:41:5d:d9:7f:8d:93:aa:10:a7:1f:
e3:4a:14:4f:37:5f:c8:74:45:03:b9:b7:cb:0d:17:
da:c9:0f:e8:2d:9a:f5:bc:72:47:c9:2d:40:d4:42:
4c:15:42:14:0c:8a:c3:76:9d:9b:74:19:fd:d0:4e:
e5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E5:23:3B:BA:44:4C:E1:5C:1D:E9:B6:1E:0E:A9:FE:47:50:11:28
X509v3 Authority Key Identifier:
keyid:46:CA:4D:C9:C7:06:61:F7:21:D6:8C:E5:36:01:D3:D5:F9:AA:8C:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RspNyccGYfch1ozlNgHT1fmqjDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/1uUjO7pETOFcHem2Hg6p_kdQESg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/RspNyccGYfch1ozlNgHT1fmqjDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.34.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b1:f5:c1:67:46:65:61:9a:62:e7:01:2f:d9:75:95:c7:af:8c:
00:5e:bc:7e:86:7a:c0:7e:8d:f9:05:11:e2:22:bd:0e:ea:8a:
c3:24:73:b5:97:53:c2:5e:de:73:fe:00:b2:40:8e:bc:f5:3d:
13:fb:ef:12:5c:19:53:d9:80:5f:96:c3:a9:3a:19:f8:18:13:
39:d8:db:36:ca:17:8d:66:ae:0b:96:c0:34:ef:e1:96:90:71:
a3:69:48:fb:3e:d2:9d:61:81:1b:c7:7d:71:29:a9:e0:0d:48:
7f:9c:1f:74:7e:8c:c0:20:2d:74:c0:b5:ec:6b:50:68:33:51:
39:9f:f9:2f:0b:8d:ca:dc:06:a1:5a:43:99:da:c9:1e:ee:ac:
70:5b:4a:2f:09:c6:78:79:81:3a:b0:f0:09:df:1f:77:43:68:
d9:ef:f2:e5:a1:af:d2:cf:e5:f1:ae:32:22:f1:35:66:6c:84:
7e:7b:6e:e7:99:1c:d7:1c:4f:76:82:d8:34:a0:03:47:f5:2e:
ab:57:ef:35:5e:ba:d2:45:96:8f:55:8d:cb:44:81:ba:40:e8:
1f:1d:9d:25:7c:6b:6e:2f:e5:b0:31:76:90:ab:0e:13:33:5d:
b5:b7:70:7c:84:fa:42:08:40:4f:4a:c5:a7:ca:58:cb:30:01:
e5:fd:f2:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrLhN7vWMuvAHY6bhwYIXd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Y2E0ZGM5YzcwNjYxZjcyMWQ2OGNlNTM2MDFkM2Q1Zjlh
YThjMzIwHhcNMjMwOTI1MDg0NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU1MjMzYmJhNDQ0Y2UxNWMxZGU5YjYxZTBlYTlmZTQ3NTAxMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Ujsyknaic72o74EnU1PbzHoi6I
Mwvlo6M65J990qSgn1K+pNnCP3UMEyHdwV7WWjs3sUP9/n+qBRkH6IyDOd2lQmA4
tyhgatkhzK27xsGvU0qd5BGQbA4vjt14CQne4CxQhZH+eF+zUyH0bznR68xaS1yS
hqAJYfyyBsI3vj51eHxqp/9wBO9nHWLrgW9sg3SVfLGkqMCBspMM/7eKB7MEkj+R
qsg60OeBx3C9hYX4k4kMbCv29hK8gBd9fKNqDFSAncRPzUFd2X+Nk6oQpx/jShRP
N1/IdEUDubfLDRfayQ/oLZr1vHJHyS1A1EJMFUIUDIrDdp2bdBn90E7lkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNblIzu6REzhXB3pth4Oqf5HUBEoMB8GA1UdIwQY
MBaAFEbKTcnHBmH3IdaM5TYB09X5qowyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNwTnljY0dZZmNoMW96bE5nSFQxZm1xakRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wMGIxNWEtMzBhZi00MmNhLWFlODct
YTA3YTRmYzdiNDVjLzEvMXVVak83cEVUT0ZjSGVtMkhnNnBfa2RRRVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wMGIxNWEtMzBhZi00MmNhLWFlODctYTA3YTRmYzdiNDVj
LzEvUnNwTnljY0dZZmNoMW96bE5nSFQxZm1xakRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1CKAMA0G
CSqGSIb3DQEBCwUAA4IBAQCx9cFnRmVhmmLnAS/ZdZXHr4wAXrx+hnrAfo35BRHi
Ir0O6orDJHO1l1PCXt5z/gCyQI689T0T++8SXBlT2YBflsOpOhn4GBM52Ns2yheN
Zq4LlsA07+GWkHGjaUj7PtKdYYEbx31xKangDUh/nB90fozAIC10wLXsa1BoM1E5
n/kvC43K3AahWkOZ2ske7qxwW0ovCcZ4eYE6sPAJ3x93Q2jZ7/Lloa/Sz+XxrjIi
8TVmbIR+e27nmRzXHE92gtg0oANH9S6rV+81XrrSRZaPVY3LRIG6QOgfHZ0lfGtu
L+WwMXaQqw4TM121t3B8hPpCCEBPSsWnyljLMAHl/fJt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:12 2025 by rpki-client