Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d95f32-822a-4cfe-9853-4ebef8884396/1/lRz2gnfLm7nHaNSGeuPC7z_h668.roa
File: lRz2gnfLm7nHaNSGeuPC7z_h668.roa (raw, json)
Hash identifier: 8k0N7eTmOOHH9ozZI5M8UWNCcA5B8u1B/kuz2VrrXfI=
Subject key identifier: 95:1C:F6:82:77:CB:9B:B9:C7:68:D4:86:7A:E3:C2:EF:3F:E1:EB:AF
Certificate issuer: /CN=712c99cc338f692da8f81b716bad79d1c9d7c820
Certificate serial: 019420D5F665935A9C7B02E6B88A61318CD2
Authority key identifier: 71:2C:99:CC:33:8F:69:2D:A8:F8:1B:71:6B:AD:79:D1:C9:D7:C8:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cSyZzDOPaS2o-Btxa6150cnXyCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d95f32-822a-4cfe-9853-4ebef8884396/1/lRz2gnfLm7nHaNSGeuPC7z_h668.roa
Signing time: Wed 01 Jan 2025 07:48:00 +0000
ROA not before: Wed 01 Jan 2025 07:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201333
IP address blocks: 212.54.232.0/21 maxlen: 24
212.54.240.0/20 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f6:65:93:5a:9c:7b:02:e6:b8:8a:61:31:8c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712c99cc338f692da8f81b716bad79d1c9d7c820
Validity
Not Before: Jan 1 07:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=951cf68277cb9bb9c768d4867ae3c2ef3fe1ebaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ee:90:5f:14:20:5e:ac:cd:ab:54:ff:ef:0b:
cd:b6:f9:4b:5c:f4:6e:41:f9:40:be:54:df:8b:bf:
73:9f:d7:af:8a:85:65:73:eb:31:aa:69:30:81:4e:
e9:ce:16:2b:6e:2c:2a:06:66:a8:88:52:d6:62:21:
82:da:46:0c:c9:11:08:f3:c0:a9:4a:e7:0e:f7:45:
02:55:5f:18:7d:19:da:a1:ef:bd:e9:a2:87:7d:ae:
05:a9:a1:45:f5:47:c7:f7:37:6d:b2:4a:9d:49:a8:
0f:34:8d:71:d1:fa:20:fc:bd:32:a9:e6:6d:7d:6e:
b9:e0:5e:4d:95:48:32:ed:a0:24:09:39:c0:b6:ad:
9e:b8:f3:97:c0:f9:23:28:ac:84:88:6c:70:93:d6:
cc:9f:4d:91:03:26:83:19:c9:0b:53:54:4f:36:4f:
f1:e3:61:37:9f:3d:79:b9:1c:2f:d0:2c:5d:06:11:
c0:f7:fc:3a:92:07:41:76:2e:b0:be:ae:ff:12:74:
9c:1d:cd:66:f5:f8:c0:76:8c:6b:b2:d0:7f:02:91:
1d:62:bd:ae:7c:d0:65:9a:af:7b:0b:01:83:d4:ec:
52:e0:62:73:4d:0d:89:95:7b:27:b3:d4:1f:56:c8:
21:c5:b8:37:1b:b3:e7:88:e8:d6:3a:1c:4a:0f:52:
f9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1C:F6:82:77:CB:9B:B9:C7:68:D4:86:7A:E3:C2:EF:3F:E1:EB:AF
X509v3 Authority Key Identifier:
keyid:71:2C:99:CC:33:8F:69:2D:A8:F8:1B:71:6B:AD:79:D1:C9:D7:C8:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cSyZzDOPaS2o-Btxa6150cnXyCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d95f32-822a-4cfe-9853-4ebef8884396/1/lRz2gnfLm7nHaNSGeuPC7z_h668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d95f32-822a-4cfe-9853-4ebef8884396/1/cSyZzDOPaS2o-Btxa6150cnXyCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.54.232.0-212.54.255.255
Signature Algorithm: sha256WithRSAEncryption
5e:d0:6f:3e:52:21:01:97:0d:3e:3f:ff:cc:b5:b8:a1:4b:ac:
4b:4f:f4:d0:7a:0a:d5:9e:8f:ba:62:66:3e:fb:e8:e8:68:17:
39:ef:78:97:35:57:16:5f:56:2c:33:ce:33:28:ba:ae:3e:a0:
d6:2b:21:15:49:23:59:29:2a:4d:3d:d3:71:2d:ea:4b:b8:08:
b2:66:cc:b0:da:50:c6:cb:db:4e:00:14:0d:5c:4d:89:4e:6f:
59:a9:d3:d9:68:54:9d:37:ee:d1:cf:e9:2d:5a:4b:a1:b5:4a:
d9:20:e7:ec:56:df:0c:43:e9:bd:ee:f6:b5:a1:22:c1:f1:f9:
bc:83:ef:cf:be:d5:9d:65:6b:b1:9b:b7:c3:9d:48:5d:9b:eb:
b6:14:b9:59:a8:80:cc:2a:01:e0:94:fc:ae:bd:9f:47:6a:5a:
6a:b3:f8:d2:7e:e7:7f:37:49:97:bc:d1:e5:b2:cf:a7:c6:e4:
18:da:c6:e3:43:67:8e:9f:3f:bd:13:df:56:fd:f2:06:d9:81:
cc:ec:8a:ef:4e:5a:1d:42:1b:00:6a:60:b3:95:16:3e:47:9d:
fe:10:4a:a2:4c:d7:c4:c1:d6:5d:20:43:2c:fd:d3:49:f6:9b:
62:6e:b0:b6:27:a5:39:4d:13:32:fd:23:45:a5:67:6b:5d:9f:
51:6f:84:6c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQg1fZlk1qcewLmuIphMYzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmM5OWNjMzM4ZjY5MmRhOGY4MWI3MTZiYWQ3OWQxYzlk
N2M4MjAwHhcNMjUwMTAxMDc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTFjZjY4Mjc3Y2I5YmI5Yzc2OGQ0ODY3YWUzYzJlZjNmZTFlYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2O6QXxQgXqzNq1T/7wvNtvlLXPRu
QflAvlTfi79zn9evioVlc+sxqmkwgU7pzhYrbiwqBmaoiFLWYiGC2kYMyREI88Cp
SucO90UCVV8YfRnaoe+96aKHfa4FqaFF9UfH9zdtskqdSagPNI1x0fog/L0yqeZt
fW654F5NlUgy7aAkCTnAtq2euPOXwPkjKKyEiGxwk9bMn02RAyaDGckLU1RPNk/x
42E3nz15uRwv0CxdBhHA9/w6kgdBdi6wvq7/EnScHc1m9fjAdoxrstB/ApEdYr2u
fNBlmq97CwGD1OxS4GJzTQ2JlXsns9QfVsghxbg3G7PniOjWOhxKD1L56QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFJUc9oJ3y5u5x2jUhnrjwu8/4euvMB8GA1UdIwQY
MBaAFHEsmcwzj2ktqPgbcWutedHJ18ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1N5WnpET1BhUzJvLUJ0eGE2MTUwY25YeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kOTVmMzItODIyYS00Y2ZlLTk4NTMt
NGViZWY4ODg0Mzk2LzEvbFJ6MmduZkxtN25IYU5TR2V1UEM3el9oNjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kOTVmMzItODIyYS00Y2ZlLTk4NTMtNGViZWY4ODg0Mzk2
LzEvY1N5WnpET1BhUzJvLUJ0eGE2MTUwY25YeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBAPUNugD
AwDUNjANBgkqhkiG9w0BAQsFAAOCAQEAXtBvPlIhAZcNPj//zLW4oUusS0/00HoK
1Z6PumJmPvvo6GgXOe94lzVXFl9WLDPOMyi6rj6g1ishFUkjWSkqTT3TcS3qS7gI
smbMsNpQxsvbTgAUDVxNiU5vWanT2WhUnTfu0c/pLVpLobVK2SDn7FbfDEPpve72
taEiwfH5vIPvz77VnWVrsZu3w51IXZvrthS5WaiAzCoB4JT8rr2fR2paarP40n7n
fzdJl7zR5bLPp8bkGNrG40Nnjp8/vRPfVv3yBtmBzOyK705aHUIbAGpgs5UWPked
/hBKokzXxMHWXSBDLP3TSfabYm6wtielOU0TMv0jRaVna12fUW+EbA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:03 2025 by rpki-client