Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/89e33b-cd90-41e3-a5be-84f22603499f/1/JI2XC8lPS-PbiaN8UK3ITvyb3kI.roa
File: JI2XC8lPS-PbiaN8UK3ITvyb3kI.roa (raw, json)
Hash identifier: Hyoipi49v4fAl3hAAinYTlriu94hOaHA/ArTZhdORLc=
Subject key identifier: 24:8D:97:0B:C9:4F:4B:E3:DB:89:A3:7C:50:AD:C8:4E:FC:9B:DE:42
Certificate issuer: /CN=9ebdffe0a0641b1096337a63f96cfd4fd38b8a19
Certificate serial: 02629190
Authority key identifier: 9E:BD:FF:E0:A0:64:1B:10:96:33:7A:63:F9:6C:FD:4F:D3:8B:8A:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nr3_4KBkGxCWM3pj-Wz9T9OLihk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/89e33b-cd90-41e3-a5be-84f22603499f/1/JI2XC8lPS-PbiaN8UK3ITvyb3kI.roa
Signing time: Sat 01 Jan 2022 09:55:54 +0000
ROA not before: Sat 01 Jan 2022 09:55:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207412
IP address blocks: 212.102.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40014224 (0x2629190)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ebdffe0a0641b1096337a63f96cfd4fd38b8a19
Validity
Not Before: Jan 1 09:55:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=248d970bc94f4be3db89a37c50adc84efc9bde42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:15:7e:33:d3:27:18:fa:fc:b4:c4:24:11:62:
6d:d2:38:e4:bc:d2:0c:fb:f9:00:80:ae:e4:a4:a9:
0e:83:a4:f7:19:bd:18:8a:f5:98:f4:2a:44:75:2a:
a4:3e:c4:41:88:86:0b:f5:3d:f4:8c:e1:0f:03:45:
70:a3:c9:6d:e1:6c:4d:d8:22:37:88:25:65:7f:cc:
42:9c:48:df:73:f8:4d:a1:5e:38:16:92:30:54:c5:
37:05:c0:bf:23:f6:39:1e:6c:38:6a:6c:b0:d8:b2:
ef:5e:b9:3c:8a:f9:f7:61:2d:5f:f0:49:87:d1:9f:
71:da:5d:e6:b0:a7:bd:ba:9b:22:5b:58:13:53:91:
d4:65:51:49:fa:7d:9c:02:da:de:5f:52:a2:5a:ef:
d1:e0:94:fe:c1:4f:3e:bb:9c:2c:2d:e9:40:88:02:
01:05:38:50:df:0f:a4:ca:eb:2d:b5:74:4d:c2:54:
41:1a:95:8c:a0:68:60:71:91:66:07:b7:c4:26:f7:
09:8b:77:16:ad:e6:0b:1e:17:de:e3:8e:52:cf:f6:
da:a3:30:b5:7f:3c:03:80:37:95:9b:f4:fd:72:44:
46:d1:a3:dd:23:6b:b3:cf:b8:ec:8c:d6:04:a2:53:
01:b7:f7:e7:b9:c5:cf:76:b2:be:66:ec:63:ae:5e:
52:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8D:97:0B:C9:4F:4B:E3:DB:89:A3:7C:50:AD:C8:4E:FC:9B:DE:42
X509v3 Authority Key Identifier:
keyid:9E:BD:FF:E0:A0:64:1B:10:96:33:7A:63:F9:6C:FD:4F:D3:8B:8A:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nr3_4KBkGxCWM3pj-Wz9T9OLihk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/89e33b-cd90-41e3-a5be-84f22603499f/1/JI2XC8lPS-PbiaN8UK3ITvyb3kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/89e33b-cd90-41e3-a5be-84f22603499f/1/nr3_4KBkGxCWM3pj-Wz9T9OLihk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.111.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:40:c3:e0:91:a1:13:8d:30:b1:ba:f3:76:9d:fd:de:73:f7:
9f:25:8d:d5:55:88:50:ae:10:6b:d3:25:d0:94:15:f8:9a:6e:
c2:a7:04:b5:a3:44:e2:0d:d5:e2:0c:ef:66:25:04:71:24:db:
a3:aa:e2:b2:2a:7a:e3:f3:7d:e6:bd:06:1e:eb:9a:77:06:48:
b6:8c:b5:60:56:2f:2f:4d:6a:9b:2a:04:56:db:e1:3e:58:fb:
b8:82:da:a1:ae:e9:a0:7c:04:34:9b:12:53:e5:94:c6:5c:d6:
f0:9a:b5:02:04:01:b2:cb:5a:e7:19:11:a8:ac:4a:6a:ee:1a:
b5:40:05:92:78:d8:50:a8:42:27:e9:e4:b1:d5:c5:96:ca:c2:
99:b3:27:d7:e3:b6:58:22:55:a6:f2:2c:23:cd:95:08:74:f1:
4f:3e:69:80:de:2b:41:42:ba:8b:52:f8:62:34:d6:d8:a2:09:
07:24:1f:13:65:71:fe:5c:6d:13:5a:dd:8a:72:ee:8c:3d:1a:
e0:7a:cc:3e:cb:fa:6f:74:8b:cf:10:8d:2c:29:16:22:d9:8e:
00:86:ed:c1:25:50:54:96:7a:db:92:32:c3:98:4f:90:23:67:
77:99:b9:e0:94:7f:0c:09:55:ec:e1:77:59:3d:aa:e5:59:52:
e2:04:87:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmKRkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZWJkZmZlMGEwNjQxYjEwOTYzMzdhNjNmOTZjZmQ0ZmQzOGI4YTE5MB4XDTIyMDEw
MTA5NTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ4ZDk3MGJjOTRm
NGJlM2RiODlhMzdjNTBhZGM4NGVmYzliZGU0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJEVfjPTJxj6/LTEJBFibdI45LzSDPv5AICu5KSpDoOk9xm9
GIr1mPQqRHUqpD7EQYiGC/U99IzhDwNFcKPJbeFsTdgiN4glZX/MQpxI33P4TaFe
OBaSMFTFNwXAvyP2OR5sOGpssNiy7165PIr592EtX/BJh9Gfcdpd5rCnvbqbIltY
E1OR1GVRSfp9nALa3l9Solrv0eCU/sFPPrucLC3pQIgCAQU4UN8PpMrrLbV0TcJU
QRqVjKBoYHGRZge3xCb3CYt3Fq3mCx4X3uOOUs/22qMwtX88A4A3lZv0/XJERtGj
3SNrs8+47IzWBKJTAbf357nFz3ayvmbsY65eUtsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQkjZcLyU9L49uJo3xQrchO/JveQjAfBgNVHSMEGDAWgBSevf/goGQbEJYz
emP5bP1P04uKGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25yM180S0JrR3hDV00zcGotV3o5VDlPTGloay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvODllMzNiLWNkOTAtNDFlMy1hNWJlLTg0ZjIyNjAzNDk5Zi8x
L0pJMlhDOGxQUy1QYmlhTjhVSzNJVHZ5YjNrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
ODllMzNiLWNkOTAtNDFlMy1hNWJlLTg0ZjIyNjAzNDk5Zi8xL25yM180S0JrR3hD
V00zcGotV3o5VDlPTGloay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRmbzANBgkqhkiG9w0BAQsFAAOC
AQEAukDD4JGhE40wsbrzdp393nP3nyWN1VWIUK4Qa9Ml0JQV+JpuwqcEtaNE4g3V
4gzvZiUEcSTbo6risip64/N95r0GHuuadwZItoy1YFYvL01qmyoEVtvhPlj7uILa
oa7poHwENJsSU+WUxlzW8Jq1AgQBssta5xkRqKxKau4atUAFknjYUKhCJ+nksdXF
lsrCmbMn1+O2WCJVpvIsI82VCHTxTz5pgN4rQUK6i1L4YjTW2KIJByQfE2Vx/lxt
E1rdinLujD0a4HrMPsv6b3SLzxCNLCkWItmOAIbtwSVQVJZ625Iyw5hPkCNnd5m5
4JR/DAlV7OF3WT2q5VlS4gSHzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org