Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/xuAAnj2HLyhqpLpEAYtTkPeYFIQ.roa
File: xuAAnj2HLyhqpLpEAYtTkPeYFIQ.roa (raw, json)
Hash identifier: C8yYstqOlJF3OlumGJoCTb8+iL1JGbHOmFzX/sOJpFA=
Subject key identifier: C6:E0:00:9E:3D:87:2F:28:6A:A4:BA:44:01:8B:53:90:F7:98:14:84
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01918F69D20E5F044B91B72CAED34B79E877
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/xuAAnj2HLyhqpLpEAYtTkPeYFIQ.roa
Signing time: Mon 26 Aug 2024 15:59:22 +0000
ROA not before: Mon 26 Aug 2024 15:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 212.87.200.0/24 maxlen: 24
212.87.201.0/24 maxlen: 24
212.87.202.0/24 maxlen: 24
212.87.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8f:69:d2:0e:5f:04:4b:91:b7:2c:ae:d3:4b:79:e8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Aug 26 15:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6e0009e3d872f286aa4ba44018b5390f7981484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:74:e7:0e:b0:79:73:f3:f4:e9:59:a9:f9:0c:
4b:56:a2:14:cf:76:12:5b:d9:f5:dc:cd:45:0f:27:
3f:1a:24:b5:ad:13:2f:e0:14:ed:c0:04:58:b3:a7:
75:7b:1e:2a:7c:78:ad:f8:59:7b:70:80:ce:b6:c1:
c0:5b:09:a6:6e:a6:ef:7b:1b:1d:34:11:f5:0d:10:
9b:15:f4:d7:1a:58:0e:65:18:e6:3d:fc:6d:b0:22:
90:13:a4:ad:1c:1d:fa:b2:00:e5:08:50:6c:61:fe:
2a:a2:27:45:b8:d2:8b:3c:81:31:92:7f:b4:33:29:
24:8b:08:e6:e5:3d:a6:07:b4:5a:2a:94:fd:dd:cd:
00:9c:c3:54:3e:21:b8:83:e0:ee:d2:bc:81:6d:56:
2f:84:cb:45:37:52:f8:dc:12:76:55:a1:37:d0:14:
b3:8e:b7:79:13:54:74:37:63:23:47:7a:18:d8:a1:
87:80:f0:17:0f:bb:e4:a1:28:e0:2a:a0:c3:e5:dd:
7a:db:2c:a8:4d:91:ae:a7:6f:2c:11:71:78:a1:cc:
8f:df:3f:7a:99:3f:57:05:51:5b:e3:1b:f8:7c:84:
1a:30:53:08:08:12:3e:5a:4b:ff:b9:e7:c8:63:71:
ea:8d:b2:81:9d:ff:fc:b7:ee:31:eb:78:1c:65:94:
93:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E0:00:9E:3D:87:2F:28:6A:A4:BA:44:01:8B:53:90:F7:98:14:84
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/xuAAnj2HLyhqpLpEAYtTkPeYFIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.200.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:b9:50:4c:ba:e0:bc:5d:c9:b9:58:da:c6:98:19:44:32:0e:
44:ba:9d:4f:ee:23:08:07:a5:08:e3:8a:af:5e:cc:1c:d5:b4:
30:68:b5:1f:fc:5a:5c:09:a8:5c:8d:c4:a4:2a:53:33:c8:41:
a7:6c:9c:af:37:22:28:56:d0:80:ac:cf:e0:d4:0d:c2:22:fa:
77:bf:a2:45:ab:b2:b1:39:54:67:0f:ba:80:42:db:74:c3:e3:
a2:b4:a2:d9:7a:ca:5d:dd:e1:3e:8d:f0:8b:bb:e5:59:20:4b:
95:23:b7:03:fe:0c:4a:97:bf:3d:c7:97:07:a9:97:a6:56:6b:
f3:69:ba:5e:94:1d:90:fd:80:8d:09:6c:5c:a4:22:c9:82:21:
eb:8d:3c:d1:70:54:a2:cc:50:a1:e4:2b:31:95:81:df:94:63:
59:79:2e:05:b1:a2:24:60:a3:65:9d:79:44:bb:56:b1:63:59:
a0:1e:d8:17:54:12:bb:d2:fe:ef:49:46:18:04:f5:45:8a:4c:
b6:7d:3e:a5:a1:75:78:97:83:68:03:30:f8:ac:b0:ec:4c:e0:
00:6f:2f:1d:f1:c2:4b:80:f6:bb:4a:e3:95:c7:b2:8b:a6:c1:
bd:cc:f7:17:29:0a:03:46:e7:62:0e:f5:7a:36:7d:b2:88:73:
41:91:71:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGPadIOXwRLkbcsrtNLeeh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwODI2MTU1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmUwMDA5ZTNkODcyZjI4NmFhNGJhNDQwMThiNTM5MGY3OTgxNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HTnDrB5c/P06Vmp+QxLVqIUz3YS
W9n13M1FDyc/GiS1rRMv4BTtwARYs6d1ex4qfHit+Fl7cIDOtsHAWwmmbqbvexsd
NBH1DRCbFfTXGlgOZRjmPfxtsCKQE6StHB36sgDlCFBsYf4qoidFuNKLPIExkn+0
Mykkiwjm5T2mB7RaKpT93c0AnMNUPiG4g+Du0ryBbVYvhMtFN1L43BJ2VaE30BSz
jrd5E1R0N2MjR3oY2KGHgPAXD7vkoSjgKqDD5d162yyoTZGup28sEXF4ocyP3z96
mT9XBVFb4xv4fIQaMFMICBI+Wkv/uefIY3HqjbKBnf/8t+4x63gcZZSTlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbgAJ49hy8oaqS6RAGLU5D3mBSEMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEveHVBQW5qMkhMeWhxcExwRUFZdFRrUGVZRklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1FfIMA0G
CSqGSIb3DQEBCwUAA4IBAQCquVBMuuC8Xcm5WNrGmBlEMg5Eup1P7iMIB6UI44qv
Xswc1bQwaLUf/FpcCahcjcSkKlMzyEGnbJyvNyIoVtCArM/g1A3CIvp3v6JFq7Kx
OVRnD7qAQtt0w+OitKLZespd3eE+jfCLu+VZIEuVI7cD/gxKl789x5cHqZemVmvz
abpelB2Q/YCNCWxcpCLJgiHrjTzRcFSizFCh5CsxlYHflGNZeS4FsaIkYKNlnXlE
u1axY1mgHtgXVBK70v7vSUYYBPVFiky2fT6loXV4l4NoAzD4rLDsTOAAby8d8cJL
gPa7SuOVx7KLpsG9zPcXKQoDRudiDvV6Nn2yiHNBkXFn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:41 2025 by rpki-client