Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/m3WJy6Nx1jmFJY5FHH9n2UOdJws.roa
File: m3WJy6Nx1jmFJY5FHH9n2UOdJws.roa (raw, json)
Hash identifier: jav8ssVRQMde4PDJ7GGgHbXAm2hXDqPNhB5UO2AeSPM=
Subject key identifier: 9B:75:89:CB:A3:71:D6:39:85:25:8E:45:1C:7F:67:D9:43:9D:27:0B
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01939131F3148D60FD36DA1D3A85D43C36B5
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/m3WJy6Nx1jmFJY5FHH9n2UOdJws.roa
Signing time: Wed 04 Dec 2024 10:23:09 +0000
ROA not before: Wed 04 Dec 2024 10:23:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 212.87.202.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:31:f3:14:8d:60:fd:36:da:1d:3a:85:d4:3c:36:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Dec 4 10:23:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b7589cba371d63985258e451c7f67d9439d270b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bd:b1:e4:d0:58:e9:49:78:21:88:d0:3a:1d:
7c:f1:ff:f1:a7:76:a2:c3:db:f6:2c:7f:ee:e6:63:
8f:3d:44:28:2a:06:7e:72:30:c6:b8:64:76:5c:b6:
89:e0:ab:87:95:8f:62:5e:e7:3f:d4:b6:d9:19:4c:
75:87:93:a3:13:89:5d:e0:5c:8e:51:30:75:5b:72:
dd:cf:33:37:33:8a:35:13:ea:c1:e7:49:40:b1:0d:
40:ab:9f:18:d1:e2:32:4f:b3:6e:ea:53:84:30:d7:
2c:d7:21:2f:03:d9:2a:a9:78:08:b6:df:3c:28:81:
cb:7d:b9:66:78:c4:e2:ce:16:8b:85:4d:c7:a0:f5:
31:33:85:2f:ee:b9:e9:54:2d:cc:cb:b2:92:35:53:
8d:62:62:4c:5c:64:ab:bd:6e:85:d5:c1:79:fa:04:
fe:4a:9b:ad:1a:0c:59:d1:13:fa:03:7b:ef:35:17:
6a:c9:a1:a6:e2:a5:95:b5:03:d0:bb:43:a9:a2:3e:
a5:2f:fc:d0:e8:a5:f4:0c:ca:6b:42:fd:22:17:2a:
2e:5b:b8:82:b7:62:c2:06:73:64:e6:17:6b:1a:42:
8b:da:46:21:14:1e:85:e8:3a:75:05:b4:07:35:ea:
59:dc:cc:e9:b1:1a:e8:dd:ca:bd:a6:6f:0a:f1:c0:
a2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:75:89:CB:A3:71:D6:39:85:25:8E:45:1C:7F:67:D9:43:9D:27:0B
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/m3WJy6Nx1jmFJY5FHH9n2UOdJws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.202.0/23
Signature Algorithm: sha256WithRSAEncryption
40:e7:f0:61:9d:9b:57:73:a2:df:7a:3d:be:5d:b3:86:97:52:
5b:00:f8:65:d4:46:c7:27:ff:03:6d:5e:ca:66:55:2c:c3:22:
75:8a:89:b8:6a:b5:31:89:7f:bb:4d:90:71:1b:7d:ea:65:b5:
4f:c3:c6:13:90:c0:cc:90:bd:c3:0c:84:54:f2:92:5d:04:0e:
78:e4:9d:6e:65:2c:50:c5:e4:60:2e:67:85:ff:3f:f4:90:27:
65:23:ef:63:92:e3:95:0d:8a:4c:d2:0a:c4:c9:cc:2f:6e:bc:
2b:5f:ab:07:eb:49:c5:c6:22:b0:39:e7:d6:6f:e8:5c:9d:2f:
db:01:f4:a7:6b:69:e4:30:3e:bc:6e:05:60:a2:69:05:88:a4:
36:49:21:d9:5c:4f:fe:7a:63:64:27:e7:a8:2e:fe:4e:5f:13:
bf:db:0d:a2:76:aa:77:cd:ad:c7:e1:20:4f:a0:bf:a7:e8:fc:
c7:2e:0a:22:63:1f:21:c8:92:08:f2:c2:e9:8d:95:0f:11:69:
4c:76:b2:25:ea:3d:73:63:81:68:50:7d:39:fc:2c:86:9c:23:
6e:01:12:07:b4:70:77:55:ce:ea:a6:1e:ad:0b:04:b9:0a:28:
bc:c8:f7:43:cf:ce:a2:f2:8e:78:77:9d:ab:e7:be:fa:57:83:
f7:89:60:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZORMfMUjWD9NtodOoXUPDa1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQxMjA0MTAyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc1ODljYmEzNzFkNjM5ODUyNThlNDUxYzdmNjdkOTQzOWQyNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb2x5NBY6Ul4IYjQOh188f/xp3ai
w9v2LH/u5mOPPUQoKgZ+cjDGuGR2XLaJ4KuHlY9iXuc/1LbZGUx1h5OjE4ld4FyO
UTB1W3LdzzM3M4o1E+rB50lAsQ1Aq58Y0eIyT7Nu6lOEMNcs1yEvA9kqqXgItt88
KIHLfblmeMTizhaLhU3HoPUxM4Uv7rnpVC3My7KSNVONYmJMXGSrvW6F1cF5+gT+
SputGgxZ0RP6A3vvNRdqyaGm4qWVtQPQu0Opoj6lL/zQ6KX0DMprQv0iFyouW7iC
t2LCBnNk5hdrGkKL2kYhFB6F6Dp1BbQHNepZ3MzpsRro3cq9pm8K8cCi4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJt1icujcdY5hSWORRx/Z9lDnScLMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvbTNXSnk2Tngxam1GSlk1RkhIOW4yVU9kSndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FfKMA0G
CSqGSIb3DQEBCwUAA4IBAQBA5/BhnZtXc6Lfej2+XbOGl1JbAPhl1EbHJ/8DbV7K
ZlUswyJ1iom4arUxiX+7TZBxG33qZbVPw8YTkMDMkL3DDIRU8pJdBA545J1uZSxQ
xeRgLmeF/z/0kCdlI+9jkuOVDYpM0grEycwvbrwrX6sH60nFxiKwOefWb+hcnS/b
AfSna2nkMD68bgVgomkFiKQ2SSHZXE/+emNkJ+eoLv5OXxO/2w2idqp3za3H4SBP
oL+n6PzHLgoiYx8hyJII8sLpjZUPEWlMdrIl6j1zY4FoUH05/CyGnCNuARIHtHB3
Vc7qph6tCwS5Cii8yPdDz86i8o54d52r5776V4P3iWDg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:04 2025 by rpki-client