Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/4f7deb-8831-4db4-b92e-c619877be219/1/xKl_XVeet0--iVMckZkTYLrEg30.roa
File: xKl_XVeet0--iVMckZkTYLrEg30.roa (raw, json)
Hash identifier: M9ajBwSt12zQk0ZAt4+4IFQreeYqRa9LDb0ZyFuGwfc=
Subject key identifier: C4:A9:7F:5D:57:9E:B7:4F:BE:89:53:1C:91:99:13:60:BA:C4:83:7D
Certificate issuer: /CN=34f2c2a7b8c521dac8c25a4a498e7164a932da23
Certificate serial: 018572E81B68AFB8844342E58368CC5DA9D5
Authority key identifier: 34:F2:C2:A7:B8:C5:21:DA:C8:C2:5A:4A:49:8E:71:64:A9:32:DA:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPLCp7jFIdrIwlpKSY5xZKky2iM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/4f7deb-8831-4db4-b92e-c619877be219/1/xKl_XVeet0--iVMckZkTYLrEg30.roa
Signing time: Mon 02 Jan 2023 14:34:52 +0000
ROA not before: Mon 02 Jan 2023 14:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8989
IP address blocks: 212.70.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:1b:68:af:b8:84:43:42:e5:83:68:cc:5d:a9:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f2c2a7b8c521dac8c25a4a498e7164a932da23
Validity
Not Before: Jan 2 14:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4a97f5d579eb74fbe89531c91991360bac4837d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2b:e9:b1:da:e6:14:77:75:f4:81:f0:58:25:
93:6d:7b:b9:43:ff:57:ee:04:37:6c:00:cc:83:9f:
f5:33:ab:c4:c2:9c:f1:97:ef:b2:ae:aa:70:6c:6b:
0f:09:ee:48:28:b6:2a:04:1c:77:00:ad:24:37:cc:
bb:49:0a:1f:73:25:e9:b8:c5:fe:f3:96:0d:32:05:
8e:81:9d:d2:c5:42:41:de:ea:99:3a:8a:2a:ba:c2:
86:31:6e:8a:14:e5:87:78:c4:43:b7:b3:66:bd:42:
c6:06:9b:92:7f:89:b1:de:40:1f:eb:93:ac:f2:72:
92:ec:9d:04:10:bc:48:27:bb:e8:c3:e6:ac:6e:5a:
2e:30:f9:fd:6d:ed:86:05:7b:b2:7a:39:9c:72:de:
a8:a0:02:97:c8:ed:f8:cc:e0:be:07:31:e7:1f:96:
86:cf:12:af:d5:58:81:43:ef:c9:af:81:bb:71:ec:
ea:e6:3c:e3:b6:89:bf:bd:a7:35:49:9c:a1:8f:78:
92:78:8c:45:cb:63:b8:2f:52:28:d9:94:0e:6f:29:
44:76:6c:de:59:f8:56:63:11:4c:dc:f6:6e:22:ef:
44:a7:7f:90:6c:d0:7b:1e:79:75:dc:5f:9b:68:3a:
57:63:5f:a7:0d:9d:41:74:25:57:8b:95:c7:cf:09:
45:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A9:7F:5D:57:9E:B7:4F:BE:89:53:1C:91:99:13:60:BA:C4:83:7D
X509v3 Authority Key Identifier:
keyid:34:F2:C2:A7:B8:C5:21:DA:C8:C2:5A:4A:49:8E:71:64:A9:32:DA:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPLCp7jFIdrIwlpKSY5xZKky2iM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4f7deb-8831-4db4-b92e-c619877be219/1/xKl_XVeet0--iVMckZkTYLrEg30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4f7deb-8831-4db4-b92e-c619877be219/1/NPLCp7jFIdrIwlpKSY5xZKky2iM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.2.0/24
Signature Algorithm: sha256WithRSAEncryption
94:c2:ba:2d:df:00:9a:f7:4b:65:5a:6a:c0:70:b9:d5:21:c4:
1b:a8:a7:0c:e1:9d:10:52:43:24:e0:50:90:40:20:19:6f:60:
a6:88:67:ba:65:46:5d:79:fa:bc:ff:e1:d6:a7:92:f6:e8:5d:
87:0f:48:dc:7d:38:fe:8a:67:4c:ad:d1:82:b0:93:a2:21:f3:
6b:19:76:39:a0:fa:0c:0b:9c:58:96:b2:07:c4:38:15:5f:69:
93:51:78:76:29:2a:7c:8d:c9:ba:70:fa:28:86:c3:e0:c1:4c:
b1:da:e9:9b:1f:c2:42:37:d5:8a:98:11:e4:f0:be:18:7f:c7:
92:07:ed:49:23:5e:78:19:60:24:5a:db:37:c4:e5:91:d2:fa:
2d:3f:38:9b:62:5f:46:ca:03:ec:2e:e1:53:9d:d6:fb:12:78:
3a:5c:b7:4e:f7:fb:04:ba:ec:33:78:69:82:dd:10:b8:12:d7:
48:86:77:8a:7f:e8:27:1d:e3:23:fd:45:07:e6:58:4d:a7:65:
ba:3e:58:48:c9:da:c9:f3:b6:91:9d:d0:63:c6:80:62:90:47:
18:f0:11:e3:8c:91:d9:5c:d4:cf:ea:94:e0:23:95:11:3f:36:
b8:6e:7b:98:ae:c0:64:24:a4:3a:b0:3a:85:e3:06:24:a2:e5:
ec:f7:c5:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy6Btor7iEQ0Llg2jMXanVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjJjMmE3YjhjNTIxZGFjOGMyNWE0YTQ5OGU3MTY0YTkz
MmRhMjMwHhcNMjMwMTAyMTQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGE5N2Y1ZDU3OWViNzRmYmU4OTUzMWM5MTk5MTM2MGJhYzQ4MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyvpsdrmFHd19IHwWCWTbXu5Q/9X
7gQ3bADMg5/1M6vEwpzxl++yrqpwbGsPCe5IKLYqBBx3AK0kN8y7SQofcyXpuMX+
85YNMgWOgZ3SxUJB3uqZOooqusKGMW6KFOWHeMRDt7NmvULGBpuSf4mx3kAf65Os
8nKS7J0EELxIJ7vow+asblouMPn9be2GBXuyejmcct6ooAKXyO34zOC+BzHnH5aG
zxKv1ViBQ+/Jr4G7cezq5jzjtom/vac1SZyhj3iSeIxFy2O4L1Io2ZQObylEdmze
WfhWYxFM3PZuIu9Ep3+QbNB7Hnl13F+baDpXY1+nDZ1BdCVXi5XHzwlFKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSpf11XnrdPvolTHJGZE2C6xIN9MB8GA1UdIwQY
MBaAFDTywqe4xSHayMJaSkmOcWSpMtojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBMQ3A3akZJZHJJd2xwS1NZNXhaS2t5MmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ZjdkZWItODgzMS00ZGI0LWI5MmUt
YzYxOTg3N2JlMjE5LzEveEtsX1hWZWV0MC0taVZNY2taa1RZTHJFZzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80ZjdkZWItODgzMS00ZGI0LWI5MmUtYzYxOTg3N2JlMjE5
LzEvTlBMQ3A3akZJZHJJd2xwS1NZNXhaS2t5MmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EYCMA0G
CSqGSIb3DQEBCwUAA4IBAQCUwrot3wCa90tlWmrAcLnVIcQbqKcM4Z0QUkMk4FCQ
QCAZb2CmiGe6ZUZdefq8/+HWp5L26F2HD0jcfTj+imdMrdGCsJOiIfNrGXY5oPoM
C5xYlrIHxDgVX2mTUXh2KSp8jcm6cPoohsPgwUyx2umbH8JCN9WKmBHk8L4Yf8eS
B+1JI154GWAkWts3xOWR0votPzibYl9GygPsLuFTndb7Eng6XLdO9/sEuuwzeGmC
3RC4EtdIhneKf+gnHeMj/UUH5lhNp2W6PlhIydrJ87aRndBjxoBikEcY8BHjjJHZ
XNTP6pTgI5URPza4bnuYrsBkJKQ6sDqF4wYkouXs98W4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:33 2024 by rpki-client on console-fra.rpki-client.org