Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/apJcLNQ6b6dqvxRnCKTXB5-YTNo.roa
File: apJcLNQ6b6dqvxRnCKTXB5-YTNo.roa (raw, json)
Hash identifier: XqRy10H7hHaopbjHQeYNzNvOV+wdLAWX41DsvnjDaPE=
Subject key identifier: 6A:92:5C:2C:D4:3A:6F:A7:6A:BF:14:67:08:A4:D7:07:9F:98:4C:DA
Certificate issuer: /CN=9de68c02854f9dc6785912249522ab7509937e48
Certificate serial: 01840B68F021C65A8AFAD6006904743B9E22
Authority key identifier: 9D:E6:8C:02:85:4F:9D:C6:78:59:12:24:95:22:AB:75:09:93:7E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/neaMAoVPncZ4WRIklSKrdQmTfkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/apJcLNQ6b6dqvxRnCKTXB5-YTNo.roa
Signing time: Mon 24 Oct 2022 19:12:17 +0000
ROA not before: Mon 24 Oct 2022 19:12:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210439
IP address blocks: 212.23.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0b:68:f0:21:c6:5a:8a:fa:d6:00:69:04:74:3b:9e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de68c02854f9dc6785912249522ab7509937e48
Validity
Not Before: Oct 24 19:12:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a925c2cd43a6fa76abf146708a4d7079f984cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:89:d2:30:3c:11:ff:78:e6:43:e4:0f:0b:a9:
23:6e:f5:57:c4:48:51:ff:a2:0c:4f:4e:a2:c8:91:
a1:61:af:04:72:f1:80:d6:40:97:a3:bb:6f:de:18:
0e:59:92:51:39:78:a9:f8:da:d2:a3:17:4d:00:01:
15:2f:3d:19:50:b2:41:2d:ae:4c:63:19:9c:f0:27:
26:23:2e:4b:0b:19:47:4e:44:5e:3d:05:b9:18:04:
0e:17:a4:e4:e8:bf:1a:4e:19:04:b1:ff:5a:5c:20:
2f:32:04:31:e8:11:c9:8c:a0:b9:a1:9e:b5:ce:0c:
60:4c:60:93:5b:6f:31:bf:7a:a7:cb:1a:39:3f:43:
31:c8:7c:c0:50:85:87:b1:95:8e:f5:9d:68:85:d7:
bb:61:7c:f7:d8:b8:46:68:78:65:19:ce:d2:0d:65:
c9:29:51:88:c6:69:2f:19:ab:fc:30:fc:f6:88:15:
b2:46:33:e3:4f:7c:06:97:fd:1a:66:36:14:2f:ec:
88:59:e5:78:4e:ed:fb:e2:aa:a6:42:aa:e9:80:12:
6f:40:e9:20:fd:5e:09:65:84:9e:39:60:70:3a:94:
03:64:c8:b4:6f:c9:d2:b0:25:8b:e4:1b:95:d9:41:
48:d6:20:d5:90:31:9c:96:7b:7c:75:9d:9f:d2:3a:
01:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:92:5C:2C:D4:3A:6F:A7:6A:BF:14:67:08:A4:D7:07:9F:98:4C:DA
X509v3 Authority Key Identifier:
keyid:9D:E6:8C:02:85:4F:9D:C6:78:59:12:24:95:22:AB:75:09:93:7E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/neaMAoVPncZ4WRIklSKrdQmTfkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/apJcLNQ6b6dqvxRnCKTXB5-YTNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/neaMAoVPncZ4WRIklSKrdQmTfkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.203.0/24
Signature Algorithm: sha256WithRSAEncryption
95:b0:64:fc:b7:9e:54:e7:9e:19:ee:19:c2:85:fa:5c:f6:89:
29:82:0e:5c:ac:79:2c:8a:e7:26:82:ba:b0:7e:36:39:43:6c:
20:d3:14:c7:8a:96:a1:0b:37:3d:01:d0:2f:0c:9d:58:bd:fc:
34:1e:bb:c4:c3:55:6e:a7:05:ff:13:5e:8f:55:d8:a0:46:5c:
3f:ac:a2:bc:26:b3:ea:45:b9:06:71:23:7b:a3:20:91:b9:3c:
7c:6a:1f:e0:95:22:3f:3f:96:af:08:5f:73:8c:bb:6f:88:92:
00:2f:b3:7b:fc:9c:a5:3f:c8:41:48:50:8c:cc:61:68:25:47:
e7:7a:30:49:65:d4:f3:b7:ae:d4:65:9d:37:61:90:41:21:08:
31:7f:2c:cc:7f:9b:ef:89:f7:f1:f5:ad:ec:2c:4e:ef:f0:60:
51:0b:c8:1a:e3:8b:41:5f:93:3e:df:44:53:e0:6d:9a:03:b1:
77:89:c3:63:ed:a1:c4:1e:75:c4:87:8a:73:83:ad:28:61:4d:
1d:ea:53:9b:71:39:5a:9f:85:b5:36:5f:2b:78:93:bf:13:a3:
c7:4c:71:d3:d9:83:f8:ae:b3:f3:f1:2f:dc:e3:dd:6e:9e:4a:
49:31:6f:cd:fc:df:8e:c8:38:af:a6:f4:d8:17:64:20:f8:30:
72:f7:6f:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQLaPAhxlqK+tYAaQR0O54iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZTY4YzAyODU0ZjlkYzY3ODU5MTIyNDk1MjJhYjc1MDk5
MzdlNDgwHhcNMjIxMDI0MTkxMjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTkyNWMyY2Q0M2E2ZmE3NmFiZjE0NjcwOGE0ZDcwNzlmOTg0Y2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4nSMDwR/3jmQ+QPC6kjbvVXxEhR
/6IMT06iyJGhYa8EcvGA1kCXo7tv3hgOWZJROXip+NrSoxdNAAEVLz0ZULJBLa5M
Yxmc8CcmIy5LCxlHTkRePQW5GAQOF6Tk6L8aThkEsf9aXCAvMgQx6BHJjKC5oZ61
zgxgTGCTW28xv3qnyxo5P0MxyHzAUIWHsZWO9Z1ohde7YXz32LhGaHhlGc7SDWXJ
KVGIxmkvGav8MPz2iBWyRjPjT3wGl/0aZjYUL+yIWeV4Tu374qqmQqrpgBJvQOkg
/V4JZYSeOWBwOpQDZMi0b8nSsCWL5BuV2UFI1iDVkDGclnt8dZ2f0joB3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqSXCzUOm+nar8UZwik1wefmEzaMB8GA1UdIwQY
MBaAFJ3mjAKFT53GeFkSJJUiq3UJk35IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmVhTUFvVlBuY1o0V1JJa2xTS3JkUW1UZmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81YmUwYmQtNjk1Yi00NTNjLTliZjQt
YTZlY2I4OTkxOGI0LzEvYXBKY0xOUTZiNmRxdnhSbkNLVFhCNS1ZVE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81YmUwYmQtNjk1Yi00NTNjLTliZjQtYTZlY2I4OTkxOGI0
LzEvbmVhTUFvVlBuY1o0V1JJa2xTS3JkUW1UZmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfLMA0G
CSqGSIb3DQEBCwUAA4IBAQCVsGT8t55U554Z7hnChfpc9okpgg5crHksiucmgrqw
fjY5Q2wg0xTHipahCzc9AdAvDJ1Yvfw0HrvEw1VupwX/E16PVdigRlw/rKK8JrPq
RbkGcSN7oyCRuTx8ah/glSI/P5avCF9zjLtviJIAL7N7/JylP8hBSFCMzGFoJUfn
ejBJZdTzt67UZZ03YZBBIQgxfyzMf5vviffx9a3sLE7v8GBRC8ga44tBX5M+30RT
4G2aA7F3icNj7aHEHnXEh4pzg60oYU0d6lObcTlan4W1Nl8reJO/E6PHTHHT2YP4
rrPz8S/c491unkpJMW/N/N+OyDivpvTYF2Qg+DBy92++
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:06 2025 by rpki-client