Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/byPULx-h0hDBMwlrWP0NSIqmxag.roa
File: byPULx-h0hDBMwlrWP0NSIqmxag.roa (raw, json)
Hash identifier: 1EZ8C9VkIwAtkCaaPnQH3FhfJCpQmAnDvnOwml2odog=
Subject key identifier: 6F:23:D4:2F:1F:A1:D2:10:C1:33:09:6B:58:FD:0D:48:8A:A6:C5:A8
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018CC2DB69BB1625091148FA9FFA238FE885
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/byPULx-h0hDBMwlrWP0NSIqmxag.roa
Signing time: Mon 01 Jan 2024 02:30:08 +0000
ROA not before: Mon 01 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216202
IP address blocks: 213.109.98.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:69:bb:16:25:09:11:48:fa:9f:fa:23:8f:e8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f23d42f1fa1d210c133096b58fd0d488aa6c5a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:db:22:4b:d7:19:1e:03:e3:b8:d9:98:cc:35:
1e:52:fd:1d:86:a4:fe:ae:6b:d9:37:e8:0b:1a:3a:
ad:75:cf:69:0a:c2:d2:d0:e5:04:66:30:75:05:fc:
d7:eb:f0:fe:76:1a:85:23:dc:42:c5:f2:12:57:4f:
5f:89:88:da:c8:d4:bd:e9:8a:a4:d8:20:14:9e:b6:
4d:48:23:a7:5d:cd:6a:68:ea:c2:bb:c3:33:af:d4:
69:75:aa:72:1b:9a:d4:a1:69:04:a5:07:52:64:56:
9b:08:b5:a8:c5:b0:f8:3c:a9:8a:dd:3b:c7:f4:0f:
c7:e6:57:6a:e4:c9:bf:13:64:48:22:4c:a5:b4:e1:
e1:4b:c1:27:60:52:60:65:28:39:60:e6:82:a2:2b:
3d:78:ce:2f:7b:9a:ee:76:51:1b:c4:02:2e:22:7c:
2f:39:b0:6f:74:cf:be:4e:65:7f:a4:0d:0d:17:af:
e6:41:d3:7f:7c:90:a6:a8:db:08:24:55:26:f6:5c:
1d:76:c2:11:4e:3a:fd:8a:93:32:54:8a:83:78:ba:
cd:2c:2b:18:ec:ea:54:d0:31:28:e1:5e:e4:17:0e:
01:b1:40:f9:5e:b3:f0:89:06:7d:38:44:71:d0:b3:
ae:e4:99:5a:64:d2:f5:93:78:88:9d:30:7d:64:4b:
cd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:23:D4:2F:1F:A1:D2:10:C1:33:09:6B:58:FD:0D:48:8A:A6:C5:A8
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/byPULx-h0hDBMwlrWP0NSIqmxag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.98.0/23
Signature Algorithm: sha256WithRSAEncryption
01:e8:d1:fc:bf:62:37:00:b8:50:01:23:46:6a:0c:cf:54:d4:
0f:96:a2:27:a8:04:2d:85:2c:36:1e:77:0b:1a:35:40:fe:e4:
7b:f6:72:54:f6:1e:1b:33:81:a8:6f:99:89:db:e0:52:0b:d6:
b6:9a:77:d2:4b:26:96:d8:21:bd:4b:b7:e4:67:22:f5:89:a4:
5e:4c:9a:d8:d9:b4:51:76:f3:d7:44:e6:50:55:d0:42:b9:ef:
43:ed:a6:42:bb:79:ff:36:7e:84:6c:6f:66:d5:e2:44:2c:f5:
09:47:9b:6e:52:0c:ce:3f:d7:73:30:c7:f9:a1:5d:c8:7c:38:
54:56:e6:7a:dc:82:d4:62:d0:30:e6:78:79:02:bb:e6:d4:69:
ba:2e:c4:d8:dc:be:74:b0:28:81:08:49:c6:5c:63:74:a7:8b:
28:bf:4d:e1:a0:ce:1b:0b:4e:a6:24:56:e8:39:23:4a:b7:d1:
c9:81:8c:70:36:79:d6:c0:4f:a1:c1:1f:ab:4a:4c:70:d0:f9:
f2:65:ab:52:9a:40:fe:9c:26:20:81:a1:1a:de:cf:88:07:6b:
58:b4:05:85:12:00:92:a6:db:22:4e:29:07:df:89:4b:c5:9c:
6c:89:88:47:e5:ab:57:d4:f3:44:92:c6:83:c4:8c:39:8a:e2:
3a:9e:ad:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22m7FiUJEUj6n/ojj+iFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTAxMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjIzZDQyZjFmYTFkMjEwYzEzMzA5NmI1OGZkMGQ0ODhhYTZjNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNsiS9cZHgPjuNmYzDUeUv0dhqT+
rmvZN+gLGjqtdc9pCsLS0OUEZjB1BfzX6/D+dhqFI9xCxfISV09fiYjayNS96Yqk
2CAUnrZNSCOnXc1qaOrCu8Mzr9RpdapyG5rUoWkEpQdSZFabCLWoxbD4PKmK3TvH
9A/H5ldq5Mm/E2RIIkyltOHhS8EnYFJgZSg5YOaCois9eM4ve5rudlEbxAIuInwv
ObBvdM++TmV/pA0NF6/mQdN/fJCmqNsIJFUm9lwddsIRTjr9ipMyVIqDeLrNLCsY
7OpU0DEo4V7kFw4BsUD5XrPwiQZ9OERx0LOu5JlaZNL1k3iInTB9ZEvNsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8j1C8fodIQwTMJa1j9DUiKpsWoMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvYnlQVUx4LWgwaERCTXdscldQME5TSXFteGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1W1iMA0G
CSqGSIb3DQEBCwUAA4IBAQAB6NH8v2I3ALhQASNGagzPVNQPlqInqAQthSw2HncL
GjVA/uR79nJU9h4bM4Gob5mJ2+BSC9a2mnfSSyaW2CG9S7fkZyL1iaReTJrY2bRR
dvPXROZQVdBCue9D7aZCu3n/Nn6EbG9m1eJELPUJR5tuUgzOP9dzMMf5oV3IfDhU
VuZ63ILUYtAw5nh5Arvm1Gm6LsTY3L50sCiBCEnGXGN0p4sov03hoM4bC06mJFbo
OSNKt9HJgYxwNnnWwE+hwR+rSkxw0PnyZatSmkD+nCYggaEa3s+IB2tYtAWFEgCS
ptsiTikH34lLxZxsiYhH5atX1PNEksaDxIw5iuI6nq3l
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:33 2025 by rpki-client