Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/I5Dlj2iBXR78bV2NI4oXxT6DVcQ.roa
File: I5Dlj2iBXR78bV2NI4oXxT6DVcQ.roa (raw, json)
Hash identifier: pUPvPv3IMdPMN3mngjSRkbMNdszUqvQ/W+9CudZep1s=
Subject key identifier: 23:90:E5:8F:68:81:5D:1E:FC:6D:5D:8D:23:8A:17:C5:3E:83:55:C4
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 019422FC1A307B484974587757AF2D538175
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/I5Dlj2iBXR78bV2NI4oXxT6DVcQ.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200856
IP address blocks: 212.19.58.0/24 maxlen: 32
2a02:2e0:406::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1a:30:7b:48:49:74:58:77:57:af:2d:53:81:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2390e58f68815d1efc6d5d8d238a17c53e8355c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3a:98:c0:07:63:91:a7:e5:73:f3:f2:63:dc:
9c:c0:34:32:c7:5f:44:70:c6:45:26:23:8e:28:e8:
93:95:8b:ed:41:54:8f:58:cb:f1:0e:5b:28:7e:d3:
28:a3:8a:46:27:cf:70:d4:a1:00:4c:b2:bd:0e:70:
ce:80:2f:d3:7a:0a:33:36:d2:1d:83:83:6c:df:b5:
48:7e:76:45:15:74:c2:03:7c:0f:a3:f1:40:c4:7a:
f5:e5:dc:b8:39:86:55:7e:a6:eb:fa:dd:9a:ba:51:
28:6f:b7:00:94:e5:6d:59:3b:8b:c9:9d:7c:15:29:
28:30:53:3d:3b:01:6d:b8:7f:bc:77:07:2c:b1:71:
91:5c:24:0b:06:3d:70:47:f1:64:23:8e:00:eb:b6:
37:f5:cf:5f:ac:2f:1a:44:10:4b:8d:a1:79:4c:c1:
80:71:24:d8:05:23:fd:ed:7b:d7:fc:29:9b:36:5b:
c8:47:07:64:fe:0b:02:33:5f:b0:1f:26:08:14:0c:
e3:83:49:42:69:fc:2d:5d:d9:77:43:41:27:f7:47:
0b:91:e8:7a:00:b2:80:34:b3:ca:4e:81:44:e5:36:
01:e0:2b:7a:f5:42:27:24:ee:9a:20:83:f8:7c:3a:
1b:3c:27:0c:38:83:f0:55:fc:c0:00:f6:c3:e2:8f:
03:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:90:E5:8F:68:81:5D:1E:FC:6D:5D:8D:23:8A:17:C5:3E:83:55:C4
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/I5Dlj2iBXR78bV2NI4oXxT6DVcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.19.58.0/24
IPv6:
2a02:2e0:406::/48
Signature Algorithm: sha256WithRSAEncryption
25:c9:58:3e:4b:ea:f9:ae:85:25:f6:af:16:76:dc:c5:72:13:
cb:d8:cb:4b:5f:d3:ed:70:9f:af:82:da:f1:1b:cf:e0:ea:5f:
ad:59:d9:85:67:10:91:0c:c8:ec:5c:ab:cb:14:ff:5a:57:a3:
45:23:2d:55:02:c4:3d:c9:d7:61:49:80:a4:ca:26:4a:54:10:
38:cc:3c:b9:45:5c:57:e7:0b:b8:9f:15:2c:45:16:9b:f2:1b:
e8:fe:f2:b3:04:fa:f7:1b:bc:bb:3a:9e:ab:39:58:db:b0:6a:
10:f1:68:58:5a:01:33:20:10:99:d9:28:53:97:89:c7:60:bf:
20:90:a3:69:83:50:b8:3b:74:c7:40:41:aa:f3:0c:22:fe:2f:
55:bb:16:69:d0:16:eb:98:c6:d0:cf:e3:9a:5e:a7:2a:ae:66:
4b:99:ed:16:4a:58:db:77:78:a9:a5:15:eb:de:63:a0:59:59:
2c:ef:41:c5:44:d3:7b:71:63:6e:4a:df:bb:d3:e1:c1:24:13:
e0:13:c3:3b:2f:4d:d3:4b:c8:12:ef:6e:e4:ba:b0:a7:ca:b3:
f6:93:ca:78:95:96:4b:b4:51:7a:aa:4e:da:aa:93:6e:b7:f1:
77:b6:65:61:1a:37:34:25:cc:d0:c4:96:5d:0a:4a:22:ba:85:
1d:96:6c:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi/Bowe0hJdFh3V68tU4F1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzkwZTU4ZjY4ODE1ZDFlZmM2ZDVkOGQyMzhhMTdjNTNlODM1NWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDqYwAdjkaflc/PyY9ycwDQyx19E
cMZFJiOOKOiTlYvtQVSPWMvxDlsoftMoo4pGJ89w1KEATLK9DnDOgC/TegozNtId
g4Ns37VIfnZFFXTCA3wPo/FAxHr15dy4OYZVfqbr+t2aulEob7cAlOVtWTuLyZ18
FSkoMFM9OwFtuH+8dwcssXGRXCQLBj1wR/FkI44A67Y39c9frC8aRBBLjaF5TMGA
cSTYBSP97XvX/CmbNlvIRwdk/gsCM1+wHyYIFAzjg0lCafwtXdl3Q0En90cLkeh6
ALKANLPKToFE5TYB4Ct69UInJO6aIIP4fDobPCcMOIPwVfzAAPbD4o8DrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCOQ5Y9ogV0e/G1djSOKF8U+g1XEMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvSTVEbGoyaUJYUjc4YlYyTkk0b1h4VDZEVmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1BM6MA8E
AgACMAkDBwAqAgLgBAYwDQYJKoZIhvcNAQELBQADggEBACXJWD5L6vmuhSX2rxZ2
3MVyE8vYy0tf0+1wn6+C2vEbz+DqX61Z2YVnEJEMyOxcq8sU/1pXo0UjLVUCxD3J
12FJgKTKJkpUEDjMPLlFXFfnC7ifFSxFFpvyG+j+8rME+vcbvLs6nqs5WNuwahDx
aFhaATMgEJnZKFOXicdgvyCQo2mDULg7dMdAQarzDCL+L1W7FmnQFuuYxtDP45pe
pyquZkuZ7RZKWNt3eKmlFeveY6BZWSzvQcVE03txY25K37vT4cEkE+ATwzsvTdNL
yBLvbuS6sKfKs/aTyniVlku0UXqqTtqqk2638Xe2ZWEaNzQlzNDEll0KSiK6hR2W
bDY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:29 2025 by rpki-client