Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/8foZPawfC4Bge_VpnjQP50GOAg8.roa
File: 8foZPawfC4Bge_VpnjQP50GOAg8.roa (raw, json)
Hash identifier: GRqVhwrx6ASLBDj77rYjcJvDM0QCQ1bVWMj8DIm3F+M=
Subject key identifier: F1:FA:19:3D:AC:1F:0B:80:60:7B:F5:69:9E:34:0F:E7:41:8E:02:0F
Certificate issuer: /CN=d223093ce150874016d793f439f43d2e6440c3f2
Certificate serial: 019420D608C12054705A7041B6185C981871
Authority key identifier: D2:23:09:3C:E1:50:87:40:16:D7:93:F4:39:F4:3D:2E:64:40:C3:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0iMJPOFQh0AW15P0OfQ9LmRAw_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/8foZPawfC4Bge_VpnjQP50GOAg8.roa
Signing time: Wed 01 Jan 2025 07:48:05 +0000
ROA not before: Wed 01 Jan 2025 07:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 212.123.46.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:08:c1:20:54:70:5a:70:41:b6:18:5c:98:18:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d223093ce150874016d793f439f43d2e6440c3f2
Validity
Not Before: Jan 1 07:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1fa193dac1f0b80607bf5699e340fe7418e020f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ea:9f:e1:43:14:ef:55:36:7a:42:17:ec:49:
30:00:2d:58:73:98:b1:ca:cb:40:e0:9a:75:58:06:
d0:17:62:27:54:0c:f2:0c:b1:da:0a:51:73:3d:42:
8f:47:71:9b:97:f9:9b:e4:05:db:12:28:c9:fd:c1:
5d:c8:6c:39:ae:5a:cb:f2:51:d2:cb:c9:9d:71:6d:
a1:00:9c:59:37:53:4a:6d:e9:a8:da:91:43:23:ba:
54:db:ef:05:4c:d6:ca:6f:7b:2c:ce:52:f1:5a:d4:
35:47:d3:33:4c:19:71:22:26:44:f4:60:c2:4c:3f:
ed:45:b7:dd:43:7f:96:c6:e1:b8:5d:59:41:88:ec:
94:b2:03:38:cb:38:04:5d:be:aa:c0:fc:7d:d4:eb:
fe:cb:c2:b1:94:7b:d5:8b:46:0d:f2:43:d0:db:b7:
ef:87:d4:9b:d8:a4:dd:ce:a4:42:3a:79:a1:87:a4:
df:6b:6e:7a:85:c7:69:ac:17:3f:20:4e:fd:83:ba:
df:66:17:cf:54:6e:48:a6:9e:0a:15:1d:ef:81:c0:
56:35:33:c0:e2:d7:e1:ff:61:ec:ae:15:93:0a:a8:
b3:93:87:91:42:d2:ec:3e:61:3b:15:e9:9e:10:6b:
3d:63:a4:7a:d4:30:09:1d:9b:3a:f3:13:3a:f9:12:
a3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:FA:19:3D:AC:1F:0B:80:60:7B:F5:69:9E:34:0F:E7:41:8E:02:0F
X509v3 Authority Key Identifier:
keyid:D2:23:09:3C:E1:50:87:40:16:D7:93:F4:39:F4:3D:2E:64:40:C3:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0iMJPOFQh0AW15P0OfQ9LmRAw_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/8foZPawfC4Bge_VpnjQP50GOAg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/0iMJPOFQh0AW15P0OfQ9LmRAw_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.123.46.0/23
Signature Algorithm: sha256WithRSAEncryption
52:c6:c6:94:12:85:a5:aa:74:14:ec:a7:08:09:70:3a:b9:e0:
5c:19:a1:2a:6d:b7:ea:91:2f:1b:4b:11:b1:cd:c4:b1:57:38:
33:3e:af:3f:23:5f:c1:b6:f7:60:63:f7:f7:8e:ed:73:fa:8a:
54:98:6f:bf:94:60:72:f2:6f:f6:81:3e:74:89:39:27:5a:16:
fd:1d:57:8b:9f:a2:3b:fc:45:51:ac:d5:ba:6b:b3:d3:28:26:
6a:dd:c7:4c:8d:f6:3d:be:ce:31:5d:e2:1f:41:13:ed:c3:03:
62:e8:b3:4d:33:90:a4:65:d3:08:8c:bd:c4:73:5e:1b:d2:fd:
8a:b1:91:3c:72:30:53:d1:7e:c3:13:85:8f:7e:40:9c:7c:7b:
81:6c:f9:50:06:b3:26:7a:35:6b:46:45:9d:92:f4:48:d5:8f:
1b:16:ff:ef:d2:d2:c4:87:1b:5e:3c:72:43:24:81:a2:3d:ec:
81:be:2d:c0:e7:d6:33:30:34:7d:75:4d:5b:de:b4:c9:bd:91:
80:3d:ba:b0:9c:f1:bd:98:c4:7e:95:66:5e:f6:f5:5c:86:87:
60:59:59:e9:ca:a7:d6:7a:8b:e2:01:19:6f:86:1a:3b:8e:0d:
0d:b0:8b:23:50:6e:62:e7:bc:ef:a8:cd:bc:b9:95:7e:6b:72:
2f:bf:bc:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1gjBIFRwWnBBthhcmBhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMjMwOTNjZTE1MDg3NDAxNmQ3OTNmNDM5ZjQzZDJlNjQ0
MGMzZjIwHhcNMjUwMTAxMDc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWZhMTkzZGFjMWYwYjgwNjA3YmY1Njk5ZTM0MGZlNzQxOGUwMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreqf4UMU71U2ekIX7EkwAC1Yc5ix
ystA4Jp1WAbQF2InVAzyDLHaClFzPUKPR3Gbl/mb5AXbEijJ/cFdyGw5rlrL8lHS
y8mdcW2hAJxZN1NKbemo2pFDI7pU2+8FTNbKb3sszlLxWtQ1R9MzTBlxIiZE9GDC
TD/tRbfdQ3+WxuG4XVlBiOyUsgM4yzgEXb6qwPx91Ov+y8KxlHvVi0YN8kPQ27fv
h9Sb2KTdzqRCOnmhh6Tfa256hcdprBc/IE79g7rfZhfPVG5Ipp4KFR3vgcBWNTPA
4tfh/2HsrhWTCqizk4eRQtLsPmE7FemeEGs9Y6R61DAJHZs68xM6+RKjgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPH6GT2sHwuAYHv1aZ40D+dBjgIPMB8GA1UdIwQY
MBaAFNIjCTzhUIdAFteT9Dn0PS5kQMPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGlNSlBPRlFoMEFXMTVQME9mUTlMbVJBd19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mOWEzZGQtNWE2MS00NzI0LWE1YTMt
NWIwYjA1MDkzZTBjLzEvOGZvWlBhd2ZDNEJnZV9WcG5qUVA1MEdPQWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mOWEzZGQtNWE2MS00NzI0LWE1YTMtNWIwYjA1MDkzZTBj
LzEvMGlNSlBPRlFoMEFXMTVQME9mUTlMbVJBd19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HsuMA0G
CSqGSIb3DQEBCwUAA4IBAQBSxsaUEoWlqnQU7KcICXA6ueBcGaEqbbfqkS8bSxGx
zcSxVzgzPq8/I1/BtvdgY/f3ju1z+opUmG+/lGBy8m/2gT50iTknWhb9HVeLn6I7
/EVRrNW6a7PTKCZq3cdMjfY9vs4xXeIfQRPtwwNi6LNNM5CkZdMIjL3Ec14b0v2K
sZE8cjBT0X7DE4WPfkCcfHuBbPlQBrMmejVrRkWdkvRI1Y8bFv/v0tLEhxtePHJD
JIGiPeyBvi3A59YzMDR9dU1b3rTJvZGAPbqwnPG9mMR+lWZe9vVchodgWVnpyqfW
eoviARlvhho7jg0NsIsjUG5i57zvqM28uZV+a3Ivv7wJ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:56 2025 by rpki-client