Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/hPv_EOj_IrPqjC0Bp6hLSeMvgrk.roa
File: hPv_EOj_IrPqjC0Bp6hLSeMvgrk.roa (raw, json)
Hash identifier: yRTesKN8OaW2gWdNmwrTHD6X4GTYLehWj7YjhdW1h/c=
Subject key identifier: 84:FB:FF:10:E8:FF:22:B3:EA:8C:2D:01:A7:A8:4B:49:E3:2F:82:B9
Certificate issuer: /CN=2cf3834cdab5abbcdb6bc5cf4e5503d16e84623a
Certificate serial: 018D13D7ED40F0141635B6302CEEBE413E52
Authority key identifier: 2C:F3:83:4C:DA:B5:AB:BC:DB:6B:C5:CF:4E:55:03:D1:6E:84:62:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPODTNq1q7zba8XPTlUD0W6EYjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/hPv_EOj_IrPqjC0Bp6hLSeMvgrk.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 31.222.240.0/24 maxlen: 24
212.52.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ed:40:f0:14:16:35:b6:30:2c:ee:be:41:3e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cf3834cdab5abbcdb6bc5cf4e5503d16e84623a
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84fbff10e8ff22b3ea8c2d01a7a84b49e32f82b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:28:31:9a:2e:16:ef:1a:d0:68:5e:56:cb:
8f:c8:bb:1e:2a:7b:cf:22:b4:28:b8:f9:2f:ff:cd:
5b:d0:7f:45:25:5a:31:a1:f9:f4:95:3d:e6:c4:4f:
b0:77:bc:e0:7f:ce:b9:58:f1:87:78:3b:bc:f4:5e:
1d:20:49:ee:74:23:45:b0:1d:de:19:95:35:93:a4:
f8:94:cc:60:b5:63:2c:3e:3f:d9:a1:ba:29:98:6b:
92:e4:66:33:66:f1:9c:89:12:7c:5d:cd:05:76:ee:
de:47:93:d2:90:c5:4f:7b:1f:d4:fb:0e:15:63:e2:
59:78:70:55:ad:28:1b:8a:db:96:3c:3c:14:b3:54:
17:f8:cf:7d:64:61:70:e2:5b:54:b8:0a:43:ed:00:
7a:b2:52:ca:47:32:37:70:2d:42:e9:c4:e8:37:8c:
8c:5a:31:1f:55:ac:28:85:3c:58:07:4f:68:56:20:
70:e9:12:fb:68:1d:b4:e6:50:64:53:55:d7:c3:3f:
aa:a5:82:59:a1:16:6c:d7:c9:b9:f8:de:43:30:f6:
d9:2f:76:1a:f4:20:68:3a:38:08:c1:3c:dc:84:d4:
c7:91:3d:64:e2:f3:3b:37:57:80:3e:d0:9d:74:37:
4f:4e:ad:dc:16:b6:a1:d5:ba:f2:05:bf:3e:1b:ed:
c9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FB:FF:10:E8:FF:22:B3:EA:8C:2D:01:A7:A8:4B:49:E3:2F:82:B9
X509v3 Authority Key Identifier:
keyid:2C:F3:83:4C:DA:B5:AB:BC:DB:6B:C5:CF:4E:55:03:D1:6E:84:62:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPODTNq1q7zba8XPTlUD0W6EYjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/hPv_EOj_IrPqjC0Bp6hLSeMvgrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/LPODTNq1q7zba8XPTlUD0W6EYjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.240.0/24
212.52.4.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c4:87:45:eb:30:59:69:11:59:4d:c5:41:c5:a5:ac:4a:a0:
3b:d0:cd:47:ef:56:75:f9:0e:c4:8c:77:9e:3b:99:1c:84:c1:
eb:2d:77:ad:14:ef:32:ea:d0:b9:a4:7c:ad:d0:ed:5e:73:67:
2d:f2:fd:90:45:f3:72:d9:ab:65:b0:fb:55:3b:5c:45:31:3f:
d7:8d:c7:f3:d5:8c:e4:e1:71:00:48:55:a3:11:d5:4d:05:d1:
3b:2d:99:6e:c5:cf:fd:45:ad:3f:a0:f9:e5:94:50:4e:48:9e:
c2:93:b5:41:e8:0f:e4:5d:ac:62:c6:6a:8d:6b:e0:b8:7f:d3:
22:21:d5:0f:bb:b0:e5:61:75:46:09:35:f4:5b:52:4f:60:f5:
b4:aa:26:da:b5:69:be:e7:fd:b9:32:cb:ef:8b:bc:d2:4a:ed:
e4:36:5b:be:9b:fa:97:b9:3c:1a:55:51:4a:21:cd:dd:37:6b:
a9:0e:a2:68:b7:6c:aa:26:1f:8b:69:68:86:18:7c:8a:8c:83:
54:40:ea:95:cf:ab:06:11:56:55:3a:dd:69:a2:10:56:ce:2f:
d9:8c:48:70:1d:47:cd:f0:79:7f:2b:df:1b:8e:c9:32:ff:cb:
b7:5a:24:2b:13:e4:d0:ce:02:57:8a:6b:b5:2f:19:bd:6d:ef:
55:68:f8:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0T1+1A8BQWNbYwLO6+QT5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjM4MzRjZGFiNWFiYmNkYjZiYzVjZjRlNTUwM2QxNmU4
NDYyM2EwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGZiZmYxMGU4ZmYyMmIzZWE4YzJkMDFhN2E4NGI0OWUzMmY4MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGIoMZouFu8a0GheVsuPyLseKnvP
IrQouPkv/81b0H9FJVoxofn0lT3mxE+wd7zgf865WPGHeDu89F4dIEnudCNFsB3e
GZU1k6T4lMxgtWMsPj/ZobopmGuS5GYzZvGciRJ8Xc0Fdu7eR5PSkMVPex/U+w4V
Y+JZeHBVrSgbituWPDwUs1QX+M99ZGFw4ltUuApD7QB6slLKRzI3cC1C6cToN4yM
WjEfVawohTxYB09oViBw6RL7aB205lBkU1XXwz+qpYJZoRZs18m5+N5DMPbZL3Ya
9CBoOjgIwTzchNTHkT1k4vM7N1eAPtCddDdPTq3cFrah1bryBb8+G+3JGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIT7/xDo/yKz6owtAaeoS0njL4K5MB8GA1UdIwQY
MBaAFCzzg0zatau822vFz05VA9FuhGI6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBPRFROcTFxN3piYThYUFRsVUQwVzZFWWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83ZTU1NTItMGI3ZC00MDBjLTk1ZmQt
ODU2ZjQzZjY5YWEzLzEvaFB2X0VPal9JclBxakMwQnA2aExTZU12Z3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83ZTU1NTItMGI3ZC00MDBjLTk1ZmQtODU2ZjQzZjY5YWEz
LzEvTFBPRFROcTFxN3piYThYUFRsVUQwVzZFWWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH97wAwQA
1DQEMA0GCSqGSIb3DQEBCwUAA4IBAQAwxIdF6zBZaRFZTcVBxaWsSqA70M1H71Z1
+Q7EjHeeO5kchMHrLXetFO8y6tC5pHyt0O1ec2ct8v2QRfNy2atlsPtVO1xFMT/X
jcfz1Yzk4XEASFWjEdVNBdE7LZluxc/9Ra0/oPnllFBOSJ7Ck7VB6A/kXaxixmqN
a+C4f9MiIdUPu7DlYXVGCTX0W1JPYPW0qibatWm+5/25Msvvi7zSSu3kNlu+m/qX
uTwaVVFKIc3dN2upDqJot2yqJh+LaWiGGHyKjINUQOqVz6sGEVZVOt1pohBWzi/Z
jEhwHUfN8Hl/K98bjsky/8u3WiQrE+TQzgJXimu1Lxm9be9VaPgm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:31 2025 by rpki-client