Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/IHvKxmr3uwpJKwkutA9nKfip_F8.roa
File: IHvKxmr3uwpJKwkutA9nKfip_F8.roa (raw, json)
Hash identifier: E257yWlPmy47lDQ49F17JotJ+RKeZHzV+AfLNrTNJCw=
Subject key identifier: 20:7B:CA:C6:6A:F7:BB:0A:49:2B:09:2E:B4:0F:67:29:F8:A9:FC:5F
Certificate issuer: /CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Certificate serial: 01942068682CF68B9B4065C5D7466C15CB22
Authority key identifier: 3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/IHvKxmr3uwpJKwkutA9nKfip_F8.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 212.4.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:68:2c:f6:8b:9b:40:65:c5:d7:46:6c:15:cb:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=207bcac66af7bb0a492b092eb40f6729f8a9fc5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a5:44:3f:da:c0:ac:ef:ba:5f:97:55:2e:59:
46:e3:cd:92:01:7c:1b:74:5c:42:a3:42:be:ea:70:
00:5a:fd:5d:6a:80:07:79:bb:5c:eb:dd:d0:c0:d7:
8c:07:50:26:37:ee:7b:59:a4:3e:e4:73:55:8e:6e:
c3:48:e7:e5:48:fb:74:ee:50:54:86:a0:93:66:16:
2a:28:0f:0c:3e:d7:13:8c:7a:5b:df:3c:9e:ad:bb:
52:93:a6:c1:6e:71:3e:c0:34:ac:35:92:72:f3:68:
90:f8:53:26:b7:19:70:8a:63:41:01:4f:47:0d:01:
cf:b8:2e:2b:2b:f0:ea:98:19:73:f5:e3:7d:1d:4b:
1e:e8:6a:ad:df:59:c9:b3:56:0c:5e:62:bd:33:49:
fb:f2:a1:e1:b0:e6:b6:04:e3:17:64:df:da:2c:2f:
82:54:15:3a:e5:85:4f:6c:d8:b0:d3:05:47:69:d5:
b1:1a:b8:85:ee:cb:3e:c8:f3:2f:5e:46:eb:f1:ad:
a3:a8:1b:77:f1:b5:df:1c:8d:6b:cf:ab:3b:54:c3:
92:76:85:e7:d4:22:04:b0:e7:d1:2a:45:0e:23:70:
d4:4a:a3:f7:0e:5c:1f:30:47:99:f5:5d:0b:cf:d5:
3e:47:ef:a4:be:f1:ee:d5:00:96:78:82:32:ee:f2:
51:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7B:CA:C6:6A:F7:BB:0A:49:2B:09:2E:B4:0F:67:29:F8:A9:FC:5F
X509v3 Authority Key Identifier:
keyid:3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/IHvKxmr3uwpJKwkutA9nKfip_F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.4.240.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:b1:f8:2c:74:ea:99:f5:51:ac:1e:e2:a0:1c:fa:55:a6:b1:
03:43:e1:6a:ab:62:10:2b:9d:3e:72:8c:11:6d:df:e4:1f:00:
f0:ed:59:a5:15:11:aa:66:30:44:08:1e:e2:d9:83:e4:d2:dd:
01:3f:69:9f:d5:e1:e7:a8:8d:73:14:29:f8:6d:1d:b9:10:7d:
75:2d:22:d6:57:89:70:a8:e8:a4:12:0e:5f:c3:06:1c:4f:42:
3c:c4:84:24:d6:5a:12:f4:ef:00:64:9f:29:07:a1:f2:c6:9b:
db:68:9b:fa:37:fe:00:5a:05:2e:b2:e6:3f:dc:07:63:44:11:
78:9c:2a:8a:60:ec:51:b2:bf:e5:48:c2:e1:fc:aa:c2:56:f3:
fa:53:4a:88:84:64:c8:eb:76:a4:0d:2a:2a:e9:07:db:75:2d:
75:93:5c:14:cc:1a:70:4f:a7:a2:24:c8:7f:43:d0:46:85:b5:
e9:13:65:d7:14:be:c5:3b:f0:4e:77:35:a2:83:70:c9:6c:30:
5c:c5:91:bc:9f:3a:6a:ee:28:c5:9d:a9:bc:26:bd:01:c9:bd:
d1:68:74:16:d3:22:7e:12:2f:ed:86:be:c2:c3:0c:74:f1:2b:
d1:38:4f:b8:83:a8:a7:71:97:5a:64:b7:a3:6a:75:62:18:57:
67:b0:30:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaGgs9oubQGXF10ZsFcsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjhhNDBjNmEyYzY5OTNjOWZiZTgxZGYzZWE3ZGQzNzJm
OTZkZWMwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDdiY2FjNjZhZjdiYjBhNDkyYjA5MmViNDBmNjcyOWY4YTlmYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKVEP9rArO+6X5dVLllG482SAXwb
dFxCo0K+6nAAWv1daoAHebtc693QwNeMB1AmN+57WaQ+5HNVjm7DSOflSPt07lBU
hqCTZhYqKA8MPtcTjHpb3zyerbtSk6bBbnE+wDSsNZJy82iQ+FMmtxlwimNBAU9H
DQHPuC4rK/DqmBlz9eN9HUse6Gqt31nJs1YMXmK9M0n78qHhsOa2BOMXZN/aLC+C
VBU65YVPbNiw0wVHadWxGriF7ss+yPMvXkbr8a2jqBt38bXfHI1rz6s7VMOSdoXn
1CIEsOfRKkUOI3DUSqP3DlwfMEeZ9V0Lz9U+R++kvvHu1QCWeIIy7vJR6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCB7ysZq97sKSSsJLrQPZyn4qfxfMB8GA1UdIwQY
MBaAFD34pAxqLGmTyfvoHfPqfdNy+W3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2Yt
ODk1YTVhMzkyNDM4LzEvSUh2S3htcjN1d3BKS3drdXRBOW5LZmlwX0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2YtODk1YTVhMzkyNDM4
LzEvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1ATwMA0G
CSqGSIb3DQEBCwUAA4IBAQDGsfgsdOqZ9VGsHuKgHPpVprEDQ+Fqq2IQK50+cowR
bd/kHwDw7VmlFRGqZjBECB7i2YPk0t0BP2mf1eHnqI1zFCn4bR25EH11LSLWV4lw
qOikEg5fwwYcT0I8xIQk1loS9O8AZJ8pB6HyxpvbaJv6N/4AWgUusuY/3AdjRBF4
nCqKYOxRsr/lSMLh/KrCVvP6U0qIhGTI63akDSoq6QfbdS11k1wUzBpwT6eiJMh/
Q9BGhbXpE2XXFL7FO/BOdzWig3DJbDBcxZG8nzpq7ijFnam8Jr0Byb3RaHQW0yJ+
Ei/thr7Cwwx08SvROE+4g6incZdaZLejanViGFdnsDC1
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:44:16 2025 by rpki-client