Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/53e415-2876-4653-9a0a-70798463f50f/1/1PH-HAWeCZYgPs6j7By8OsllNe8.roa
File: 1PH-HAWeCZYgPs6j7By8OsllNe8.roa (raw, json)
Hash identifier: vK3qeikJF6g+nz6/Cb9sZDjWEV3q9/tnFYuz4jGsv4A=
Subject key identifier: D4:F1:FE:1C:05:9E:09:96:20:3E:CE:A3:EC:1C:BC:3A:C9:65:35:EF
Certificate issuer: /CN=bb641d5a52f440f7989e3c1f616e95ae7cf50ba8
Certificate serial: 01888FF054DE796E7A7EEA1B5783EDB5C8B2
Authority key identifier: BB:64:1D:5A:52:F4:40:F7:98:9E:3C:1F:61:6E:95:AE:7C:F5:0B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u2QdWlL0QPeYnjwfYW6Vrnz1C6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/53e415-2876-4653-9a0a-70798463f50f/1/1PH-HAWeCZYgPs6j7By8OsllNe8.roa
Signing time: Tue 06 Jun 2023 09:01:12 +0000
ROA not before: Tue 06 Jun 2023 09:01:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 212.23.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8f:f0:54:de:79:6e:7a:7e:ea:1b:57:83:ed:b5:c8:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb641d5a52f440f7989e3c1f616e95ae7cf50ba8
Validity
Not Before: Jun 6 09:01:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4f1fe1c059e0996203ecea3ec1cbc3ac96535ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c1:4c:10:66:fa:cc:f9:04:a5:66:a8:2d:cf:
06:d2:94:51:36:dd:fb:5b:f9:35:e4:e1:c0:a7:47:
86:60:65:a3:6d:54:d5:da:df:b4:20:53:51:14:75:
7a:9d:0f:43:3e:9f:ba:df:5a:1d:b9:63:2b:35:c9:
bf:d7:be:bf:4c:09:18:af:08:a9:49:66:a8:4f:6e:
0b:e1:57:f2:a8:cb:65:14:a5:a7:59:08:6a:9c:89:
8e:b6:1b:ea:1a:85:1a:4b:07:46:45:94:34:06:ca:
04:4f:20:b7:08:45:92:3b:37:38:8b:75:d9:bf:ac:
d6:80:9d:9d:0c:b4:7a:23:63:86:56:eb:a2:be:6e:
21:e0:60:1e:66:e8:59:8a:c3:47:8f:01:40:61:8b:
00:01:f9:8d:93:21:88:3d:1c:ba:ec:a2:8c:5b:8d:
a9:c4:96:3d:fa:1a:46:e5:34:1b:fc:09:c5:1e:65:
3c:67:4a:f3:d3:a4:40:af:b8:9e:a9:47:00:af:26:
26:ce:f1:cd:f6:d6:03:94:89:86:7e:51:d1:42:30:
b9:b4:e7:9a:9b:61:83:d4:2c:77:61:3b:94:fd:cf:
cd:88:11:50:a0:8e:29:c9:aa:ba:af:6c:3e:e8:fc:
d1:e8:5b:4c:79:4f:1d:41:50:45:a2:c2:a2:a4:b8:
50:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F1:FE:1C:05:9E:09:96:20:3E:CE:A3:EC:1C:BC:3A:C9:65:35:EF
X509v3 Authority Key Identifier:
keyid:BB:64:1D:5A:52:F4:40:F7:98:9E:3C:1F:61:6E:95:AE:7C:F5:0B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u2QdWlL0QPeYnjwfYW6Vrnz1C6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/53e415-2876-4653-9a0a-70798463f50f/1/1PH-HAWeCZYgPs6j7By8OsllNe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/53e415-2876-4653-9a0a-70798463f50f/1/u2QdWlL0QPeYnjwfYW6Vrnz1C6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.207.0/24
Signature Algorithm: sha256WithRSAEncryption
10:62:5d:41:f6:1b:a2:4a:10:6d:c1:61:89:5c:c6:f1:3b:fd:
02:06:21:6e:8a:f4:15:09:f6:21:ac:bb:d9:f1:b8:91:5e:24:
f6:40:bc:ca:3f:c4:90:f2:43:af:cf:a1:c6:1a:f5:4c:69:e8:
74:56:2f:e3:45:67:23:58:33:91:f5:d8:69:39:2c:7d:c4:81:
81:b1:04:60:aa:49:e8:ea:86:c3:c2:7e:5b:ae:30:d2:1d:f5:
d0:ea:d2:11:55:ea:48:35:3e:6f:d8:fd:70:45:00:42:6d:97:
05:02:52:ca:70:3b:d7:f0:3b:47:fe:e3:c2:f3:bd:3d:41:ee:
f2:45:37:a2:d9:b3:1d:ba:8b:da:88:1f:ad:33:94:29:0f:39:
87:a3:92:f8:11:de:c6:c2:f9:9e:0f:14:08:9f:0a:ee:5d:11:
24:d7:37:0d:38:18:4d:b4:5b:bb:54:a0:bb:8a:63:58:e6:83:
c7:c1:54:bc:67:81:0f:4b:c5:1b:fe:7a:38:4b:9a:5c:7b:55:
a6:07:f7:f5:3e:cd:76:57:85:26:d8:fa:e0:cc:58:dd:37:d4:
c5:a6:6d:d8:02:69:cd:52:2c:e6:d9:87:a3:37:90:ed:89:35:
05:ef:29:30:99:25:cd:f0:16:1c:ad:c6:14:49:a3:25:f9:59:
29:e3:da:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiP8FTeeW56fuobV4PttciyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNjQxZDVhNTJmNDQwZjc5ODllM2MxZjYxNmU5NWFlN2Nm
NTBiYTgwHhcNMjMwNjA2MDkwMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGYxZmUxYzA1OWUwOTk2MjAzZWNlYTNlYzFjYmMzYWM5NjUzNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsFMEGb6zPkEpWaoLc8G0pRRNt37
W/k15OHAp0eGYGWjbVTV2t+0IFNRFHV6nQ9DPp+631oduWMrNcm/176/TAkYrwip
SWaoT24L4VfyqMtlFKWnWQhqnImOthvqGoUaSwdGRZQ0BsoETyC3CEWSOzc4i3XZ
v6zWgJ2dDLR6I2OGVuuivm4h4GAeZuhZisNHjwFAYYsAAfmNkyGIPRy67KKMW42p
xJY9+hpG5TQb/AnFHmU8Z0rz06RAr7ieqUcAryYmzvHN9tYDlImGflHRQjC5tOea
m2GD1Cx3YTuU/c/NiBFQoI4pyaq6r2w+6PzR6FtMeU8dQVBFosKipLhQPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTx/hwFngmWID7Oo+wcvDrJZTXvMB8GA1UdIwQY
MBaAFLtkHVpS9ED3mJ48H2Fula589QuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTJRZFdsTDBRUGVZbmp3ZllXNlZybnoxQzZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81M2U0MTUtMjg3Ni00NjUzLTlhMGEt
NzA3OTg0NjNmNTBmLzEvMVBILUhBV2VDWllnUHM2ajdCeThPc2xsTmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81M2U0MTUtMjg3Ni00NjUzLTlhMGEtNzA3OTg0NjNmNTBm
LzEvdTJRZFdsTDBRUGVZbmp3ZllXNlZybnoxQzZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfPMA0G
CSqGSIb3DQEBCwUAA4IBAQAQYl1B9huiShBtwWGJXMbxO/0CBiFuivQVCfYhrLvZ
8biRXiT2QLzKP8SQ8kOvz6HGGvVMaeh0Vi/jRWcjWDOR9dhpOSx9xIGBsQRgqkno
6obDwn5brjDSHfXQ6tIRVepINT5v2P1wRQBCbZcFAlLKcDvX8DtH/uPC8709Qe7y
RTei2bMduovaiB+tM5QpDzmHo5L4Ed7GwvmeDxQInwruXREk1zcNOBhNtFu7VKC7
imNY5oPHwVS8Z4EPS8Ub/no4S5pce1WmB/f1Ps12V4Um2PrgzFjdN9TFpm3YAmnN
Uizm2YejN5DtiTUF7ykwmSXN8BYcrcYUSaMl+Vkp49qU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:29 2025 by rpki-client