Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/53e415-2876-4653-9a0a-70798463f50f/1/B9fqP8xg8fgOKVvAVRZOOqtQhE8.roa
File: B9fqP8xg8fgOKVvAVRZOOqtQhE8.roa (raw, json)
Hash identifier: kS4s6zPFjwCZBOpzxuLoT0AW9uIHManzX7SsLWQLrKU=
Subject key identifier: 07:D7:EA:3F:CC:60:F1:F8:0E:29:5B:C0:55:16:4E:3A:AB:50:84:4F
Certificate issuer: /CN=bb641d5a52f440f7989e3c1f616e95ae7cf50ba8
Certificate serial: 01856BCA2C318F37B78EFBF1D5D10B196292
Authority key identifier: BB:64:1D:5A:52:F4:40:F7:98:9E:3C:1F:61:6E:95:AE:7C:F5:0B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u2QdWlL0QPeYnjwfYW6Vrnz1C6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/53e415-2876-4653-9a0a-70798463f50f/1/B9fqP8xg8fgOKVvAVRZOOqtQhE8.roa
Signing time: Sun 01 Jan 2023 05:24:49 +0000
ROA not before: Sun 01 Jan 2023 05:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211020
IP address blocks: 212.23.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:2c:31:8f:37:b7:8e:fb:f1:d5:d1:0b:19:62:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb641d5a52f440f7989e3c1f616e95ae7cf50ba8
Validity
Not Before: Jan 1 05:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07d7ea3fcc60f1f80e295bc055164e3aab50844f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:f0:ec:7d:32:d2:0c:f7:c4:ab:69:bd:33:
ef:af:9b:a9:da:5f:7b:29:f0:14:82:d3:67:6e:98:
4f:d7:d1:8b:97:3e:f6:8f:f1:2f:36:ea:9d:5c:1c:
b1:b8:80:dc:bd:98:4c:c2:12:0c:d0:99:55:93:1e:
a2:6e:15:0e:42:27:7d:c1:b6:d6:f1:31:26:48:5c:
a9:e1:7c:e2:73:e8:e8:df:7c:70:fd:68:8b:22:0f:
a6:5f:4a:96:f4:da:ff:4f:55:a0:49:d6:59:15:58:
86:66:52:6e:a3:9e:2e:59:af:48:79:20:cc:fb:21:
e7:50:1f:67:7b:4d:67:67:fe:d8:3a:15:99:eb:4e:
b9:8e:a8:68:80:a9:03:f2:ae:83:f0:aa:6d:c8:a9:
85:25:a9:7d:ba:56:97:9c:16:de:fd:ad:56:a7:b2:
8a:fe:7f:5b:25:90:28:2d:14:b7:38:1b:8b:18:d1:
9b:b6:57:6d:53:2a:21:c6:03:03:4f:fc:8a:47:64:
54:16:8c:ae:5c:13:db:b8:61:32:7d:f3:43:d1:22:
ed:b6:bf:a3:d0:7f:79:50:7b:5c:60:4a:81:c8:ba:
08:3b:2e:9d:a8:86:19:2f:d5:ae:c9:0e:4d:61:b0:
1a:e1:2f:64:54:a7:8c:1b:16:98:d9:b9:c3:81:53:
86:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D7:EA:3F:CC:60:F1:F8:0E:29:5B:C0:55:16:4E:3A:AB:50:84:4F
X509v3 Authority Key Identifier:
keyid:BB:64:1D:5A:52:F4:40:F7:98:9E:3C:1F:61:6E:95:AE:7C:F5:0B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u2QdWlL0QPeYnjwfYW6Vrnz1C6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/53e415-2876-4653-9a0a-70798463f50f/1/B9fqP8xg8fgOKVvAVRZOOqtQhE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/53e415-2876-4653-9a0a-70798463f50f/1/u2QdWlL0QPeYnjwfYW6Vrnz1C6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.207.0/24
Signature Algorithm: sha256WithRSAEncryption
82:f9:0c:1b:5b:78:cd:68:bc:db:2f:25:13:f3:a1:d2:8c:b3:
76:35:e8:07:4e:a7:cb:ce:da:cb:65:72:bf:15:f7:70:d6:58:
a9:c9:2c:0d:38:1c:2a:28:10:4a:1b:3b:64:27:8d:61:f0:70:
0f:e6:01:01:d8:c4:4f:52:59:71:18:3a:3b:5f:27:63:26:55:
fe:0a:41:90:1b:1e:8e:84:f9:33:a5:ae:21:4c:ba:10:13:80:
51:49:42:01:91:34:5e:93:25:91:60:ae:8e:19:a4:5e:53:4e:
de:8f:66:2d:c9:5e:ab:ef:c3:2e:ef:9f:c8:32:5d:2b:70:59:
0f:c2:21:28:1e:86:c4:83:81:69:98:71:93:3c:c3:94:63:fc:
bc:ec:13:2a:e3:56:72:2c:f0:9e:74:64:d2:32:ed:90:41:52:
43:55:e3:ca:aa:3c:f3:a0:f6:9c:ef:0e:56:71:2c:83:28:23:
96:77:35:fd:08:f5:53:66:dc:41:25:f2:4a:e1:cf:8c:43:4b:
a3:9d:30:53:e3:49:3b:12:5b:da:84:9a:b3:f7:19:ea:32:37:
cb:94:6a:b1:2b:21:21:5b:d5:61:ad:a9:22:60:4a:15:12:56:
c1:e2:99:01:fa:c8:f3:eb:e9:59:68:9f:4c:1e:51:8f:e5:ce:
6d:96:9a:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVryiwxjze3jvvx1dELGWKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNjQxZDVhNTJmNDQwZjc5ODllM2MxZjYxNmU5NWFlN2Nm
NTBiYTgwHhcNMjMwMTAxMDUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Q3ZWEzZmNjNjBmMWY4MGUyOTViYzA1NTE2NGUzYWFiNTA4NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzfw7H0y0gz3xKtpvTPvr5up2l97
KfAUgtNnbphP19GLlz72j/EvNuqdXByxuIDcvZhMwhIM0JlVkx6ibhUOQid9wbbW
8TEmSFyp4Xzic+jo33xw/WiLIg+mX0qW9Nr/T1WgSdZZFViGZlJuo54uWa9IeSDM
+yHnUB9ne01nZ/7YOhWZ6065jqhogKkD8q6D8KptyKmFJal9ulaXnBbe/a1Wp7KK
/n9bJZAoLRS3OBuLGNGbtldtUyohxgMDT/yKR2RUFoyuXBPbuGEyffND0SLttr+j
0H95UHtcYEqByLoIOy6dqIYZL9WuyQ5NYbAa4S9kVKeMGxaY2bnDgVOGhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfX6j/MYPH4DilbwFUWTjqrUIRPMB8GA1UdIwQY
MBaAFLtkHVpS9ED3mJ48H2Fula589QuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTJRZFdsTDBRUGVZbmp3ZllXNlZybnoxQzZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81M2U0MTUtMjg3Ni00NjUzLTlhMGEt
NzA3OTg0NjNmNTBmLzEvQjlmcVA4eGc4ZmdPS1Z2QVZSWk9PcXRRaEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81M2U0MTUtMjg3Ni00NjUzLTlhMGEtNzA3OTg0NjNmNTBm
LzEvdTJRZFdsTDBRUGVZbmp3ZllXNlZybnoxQzZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfPMA0G
CSqGSIb3DQEBCwUAA4IBAQCC+QwbW3jNaLzbLyUT86HSjLN2NegHTqfLztrLZXK/
Ffdw1lipySwNOBwqKBBKGztkJ41h8HAP5gEB2MRPUllxGDo7XydjJlX+CkGQGx6O
hPkzpa4hTLoQE4BRSUIBkTRekyWRYK6OGaReU07ej2YtyV6r78Mu75/IMl0rcFkP
wiEoHobEg4FpmHGTPMOUY/y87BMq41ZyLPCedGTSMu2QQVJDVePKqjzzoPac7w5W
cSyDKCOWdzX9CPVTZtxBJfJK4c+MQ0ujnTBT40k7ElvahJqz9xnqMjfLlGqxKyEh
W9VhrakiYEoVElbB4pkB+sjz6+lZaJ9MHlGP5c5tlpqY
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:27:28 2025 by rpki-client