Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/DUIJZvRDQ202HKrZ6QZsgh8Lpxg.roa
File: DUIJZvRDQ202HKrZ6QZsgh8Lpxg.roa (raw, json)
Hash identifier: WYZK5bFTDM+c1kX5q/i2Za+Wt5aspj2Z2UKRWytwMBA=
Subject key identifier: 0D:42:09:66:F4:43:43:6D:36:1C:AA:D9:E9:06:6C:82:1F:0B:A7:18
Certificate issuer: /CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Certificate serial: 019427B6143F8C1A6528A13B58AD8BDE07B7
Authority key identifier: A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/DUIJZvRDQ202HKrZ6QZsgh8Lpxg.roa
Signing time: Thu 02 Jan 2025 15:50:31 +0000
ROA not before: Thu 02 Jan 2025 15:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 212.101.192.0/19 maxlen: 24
212.101.192.0/24 maxlen: 24
212.101.201.0/24 maxlen: 24
212.101.204.0/24 maxlen: 24
212.101.205.0/24 maxlen: 24
212.101.207.0/24 maxlen: 24
212.101.211.0/24 maxlen: 24
212.101.212.0/23 maxlen: 24
212.101.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:14:3f:8c:1a:65:28:a1:3b:58:ad:8b:de:07:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Validity
Not Before: Jan 2 15:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d420966f443436d361caad9e9066c821f0ba718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:95:d0:90:de:f6:fe:3b:cd:67:c0:2c:f0:52:
5f:8b:3c:32:38:d5:bc:a4:a9:df:61:ab:a7:04:4c:
a2:81:5b:5e:91:99:0e:02:36:6f:56:1b:47:05:6f:
05:30:ff:7f:f2:23:0e:31:fe:67:2a:39:d5:cd:c3:
9f:23:9b:a8:1c:b1:23:d7:45:2a:49:a3:06:7a:07:
cf:a1:b4:ee:c9:e3:17:a8:35:f2:c6:ec:b0:5e:8d:
c1:32:62:e7:1f:98:de:7a:2e:58:a3:6c:46:9c:44:
e2:ce:b0:5e:92:30:d7:ae:a6:64:a6:fc:a0:f8:41:
67:48:d8:e6:58:fe:0f:9e:22:c9:2a:db:6e:82:80:
bb:78:51:08:56:ac:08:2c:a0:e4:3e:e5:a6:39:55:
76:d5:40:23:e5:0b:db:29:47:25:59:07:7d:64:b9:
d9:bc:f1:53:ce:c2:f9:16:64:49:1a:d0:77:3c:bd:
26:02:17:02:29:0a:3b:af:df:c3:e4:e6:32:51:2b:
94:94:70:06:7b:0c:43:2b:e2:35:96:7a:9c:b7:bd:
ea:84:9d:72:12:a4:60:a9:a2:4a:fb:52:66:07:74:
cf:82:28:be:dc:14:b5:e7:f4:94:b0:b4:30:87:3e:
c3:35:62:83:ca:57:15:1e:c6:ff:c3:7d:03:f2:3f:
da:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:42:09:66:F4:43:43:6D:36:1C:AA:D9:E9:06:6C:82:1F:0B:A7:18
X509v3 Authority Key Identifier:
keyid:A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/DUIJZvRDQ202HKrZ6QZsgh8Lpxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/p67mdiDZwK5j0pV4XJ2VbwY8IcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.101.192.0/19
Signature Algorithm: sha256WithRSAEncryption
46:b8:00:74:50:24:f0:5f:cf:77:69:e1:1c:a2:38:29:30:27:
44:a5:59:13:26:4a:e1:0f:ab:f3:d6:0a:cb:e1:0a:6e:1e:e1:
84:17:29:4b:07:0f:b0:36:fd:2c:d5:fe:0c:e7:26:b1:9e:e1:
ab:25:e0:3f:27:9b:f6:e0:83:67:3a:b0:45:01:66:dc:af:e3:
03:2b:26:69:13:fa:ab:13:10:5d:20:18:5e:8e:66:20:24:2e:
cc:4e:4c:71:94:5b:2e:97:85:4e:b8:92:55:5a:2a:d0:58:43:
e4:4e:8c:3f:b2:9b:c3:8e:d1:1d:7a:fe:59:a6:ef:20:aa:55:
45:46:8e:bb:52:9a:de:f9:b1:bf:9e:4c:58:ac:ea:88:3c:fb:
4c:58:c4:a9:d1:bc:39:77:3e:11:da:24:40:74:35:00:10:13:
79:57:54:cd:87:31:1e:42:22:ba:90:b5:00:56:df:97:b0:45:
cc:0f:30:b7:62:74:9b:5d:dd:ab:c8:c1:d4:3c:77:2b:aa:c2:
e9:63:29:b0:5a:08:8a:8c:82:e8:af:46:99:8f:58:34:63:2a:
49:cb:03:5f:3f:d3:aa:69:e2:5e:0f:61:26:bc:a8:53:ae:be:
f3:9a:b8:50:54:80:aa:c2:10:44:d7:24:c0:f6:82:fd:2b:b8:
52:06:bd:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthQ/jBplKKE7WK2L3ge3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YWVlNjc2MjBkOWMwYWU2M2QyOTU3ODVjOWQ5NTZmMDYz
YzIxYzMwHhcNMjUwMTAyMTU1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQyMDk2NmY0NDM0MzZkMzYxY2FhZDllOTA2NmM4MjFmMGJhNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JXQkN72/jvNZ8As8FJfizwyONW8
pKnfYaunBEyigVtekZkOAjZvVhtHBW8FMP9/8iMOMf5nKjnVzcOfI5uoHLEj10Uq
SaMGegfPobTuyeMXqDXyxuywXo3BMmLnH5jeei5Yo2xGnETizrBekjDXrqZkpvyg
+EFnSNjmWP4PniLJKttugoC7eFEIVqwILKDkPuWmOVV21UAj5QvbKUclWQd9ZLnZ
vPFTzsL5FmRJGtB3PL0mAhcCKQo7r9/D5OYyUSuUlHAGewxDK+I1lnqct73qhJ1y
EqRgqaJK+1JmB3TPgii+3BS15/SUsLQwhz7DNWKDylcVHsb/w30D8j/atQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1CCWb0Q0NtNhyq2ekGbIIfC6cYMB8GA1UdIwQY
MBaAFKeu5nYg2cCuY9KVeFydlW8GPCHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDY3bWRpRFp3SzVqMHBWNFhKMlZid1k4SWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYmEyNWEtMGFiZC00NTUwLWJjYTQt
MGI3ZjE1YjUwOWNiLzEvRFVJSlp2UkRRMjAySEtyWjZRWnNnaDhMcHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYmEyNWEtMGFiZC00NTUwLWJjYTQtMGI3ZjE1YjUwOWNi
LzEvcDY3bWRpRFp3SzVqMHBWNFhKMlZid1k4SWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1GXAMA0G
CSqGSIb3DQEBCwUAA4IBAQBGuAB0UCTwX893aeEcojgpMCdEpVkTJkrhD6vz1grL
4QpuHuGEFylLBw+wNv0s1f4M5yaxnuGrJeA/J5v24INnOrBFAWbcr+MDKyZpE/qr
ExBdIBhejmYgJC7MTkxxlFsul4VOuJJVWirQWEPkTow/spvDjtEdev5Zpu8gqlVF
Ro67Upre+bG/nkxYrOqIPPtMWMSp0bw5dz4R2iRAdDUAEBN5V1TNhzEeQiK6kLUA
Vt+XsEXMDzC3YnSbXd2ryMHUPHcrqsLpYymwWgiKjILor0aZj1g0YypJywNfP9Oq
aeJeD2EmvKhTrr7zmrhQVICqwhBE1yTA9oL9K7hSBr3U
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:05:32 2025 by rpki-client