Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/FBdxjOu8SX4p5g9e-XxmzyShdHQ.roa
File: FBdxjOu8SX4p5g9e-XxmzyShdHQ.roa (raw, json)
Hash identifier: mngc3R66oJgb9rQ/5d73AA7n7b16oOQZDw1SHYqnhTA=
Subject key identifier: 14:17:71:8C:EB:BC:49:7E:29:E6:0F:5E:F9:7C:66:CF:24:A1:74:74
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01942747D233A48C3E406AE80167253EC46E
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/FBdxjOu8SX4p5g9e-XxmzyShdHQ.roa
Signing time: Thu 02 Jan 2025 13:50:05 +0000
ROA not before: Thu 02 Jan 2025 13:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208787
IP address blocks: 212.103.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d2:33:a4:8c:3e:40:6a:e8:01:67:25:3e:c4:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 13:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1417718cebbc497e29e60f5ef97c66cf24a17474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3c:60:c1:cc:74:ac:d1:4a:01:5f:62:54:33:
e5:51:9d:10:3a:e2:83:a1:48:fb:03:90:84:2b:f3:
34:88:64:ac:de:72:da:6d:7e:e5:b3:a1:1f:45:57:
32:79:6e:69:d7:3c:b4:38:78:64:fb:17:21:10:28:
02:16:49:ae:aa:b6:03:33:cb:25:f0:9b:9f:f7:92:
df:3a:93:95:e0:65:cf:2b:ad:06:8b:45:e3:9c:fe:
02:72:8d:e2:a1:ce:42:5e:f6:3d:70:88:28:02:80:
e5:af:ec:a0:ec:ce:ed:1c:d4:f2:12:95:09:e4:ea:
ef:e9:31:4a:97:a7:75:a1:27:db:4e:b2:49:a8:48:
c2:72:12:5b:b6:f5:ff:a7:a4:b8:b6:60:62:66:67:
37:6e:fc:ef:48:4d:1c:84:b3:29:73:fe:6f:aa:5c:
2f:8e:02:a0:0e:76:c2:62:4e:7c:09:a5:35:d0:c7:
78:99:88:2e:85:35:14:69:73:ec:2c:ca:ee:65:fc:
76:91:f2:c6:56:ff:c1:86:98:75:fb:77:a4:61:c2:
e0:e0:62:8f:99:0a:29:1f:6e:e6:5a:90:fc:16:aa:
99:21:47:4d:8a:01:52:23:16:58:5a:c6:46:ef:27:
ad:17:3a:6a:ae:82:7b:58:53:d4:07:31:94:b1:99:
0c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:17:71:8C:EB:BC:49:7E:29:E6:0F:5E:F9:7C:66:CF:24:A1:74:74
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/FBdxjOu8SX4p5g9e-XxmzyShdHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.41.0/24
Signature Algorithm: sha256WithRSAEncryption
32:3a:b2:cc:45:ab:06:56:c7:6c:92:ba:34:38:5f:f9:89:83:
e1:e7:67:39:42:36:b5:79:c0:25:e1:2d:19:a6:3f:66:fb:57:
3e:fa:c3:c1:ca:a4:cf:49:40:88:18:d6:4c:fa:df:99:98:42:
bd:43:09:37:9b:96:f5:67:5f:cb:8e:ad:c9:27:5b:11:a4:b1:
48:fb:c6:19:7f:c9:80:cb:2a:94:86:bf:11:cb:2d:be:03:93:
2f:fc:1d:84:85:1e:1a:41:4e:17:9a:62:82:7e:19:76:21:61:
27:1e:be:61:1e:b4:52:20:0b:49:85:80:e5:35:f8:9d:30:41:
b1:8a:e7:ab:aa:b0:a5:e1:6e:b3:64:fe:c8:b4:41:98:06:f1:
71:1d:bb:89:c8:18:a5:d4:e1:58:82:46:a2:09:11:dd:57:4c:
9f:9e:dc:c7:33:f4:eb:de:55:d7:1a:db:2f:79:d1:19:70:74:
77:ca:e4:05:29:13:06:7d:67:c0:d7:4a:5a:40:3b:a2:6d:7d:
d2:6d:01:f3:c3:05:a7:74:ea:8f:0a:fe:0a:3d:ad:1f:d1:cb:
a9:64:8d:d1:fb:2f:c0:bb:e4:cc:4f:d9:d9:c4:1f:89:d6:a1:
c2:4c:bb:17:46:7d:72:2a:5c:25:e3:cb:75:1d:e9:05:74:6c:
1a:a6:4f:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR9IzpIw+QGroAWclPsRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjUwMTAyMTM1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDE3NzE4Y2ViYmM0OTdlMjllNjBmNWVmOTdjNjZjZjI0YTE3NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDxgwcx0rNFKAV9iVDPlUZ0QOuKD
oUj7A5CEK/M0iGSs3nLabX7ls6EfRVcyeW5p1zy0OHhk+xchECgCFkmuqrYDM8sl
8Juf95LfOpOV4GXPK60Gi0XjnP4Cco3ioc5CXvY9cIgoAoDlr+yg7M7tHNTyEpUJ
5Orv6TFKl6d1oSfbTrJJqEjCchJbtvX/p6S4tmBiZmc3bvzvSE0chLMpc/5vqlwv
jgKgDnbCYk58CaU10Md4mYguhTUUaXPsLMruZfx2kfLGVv/Bhph1+3ekYcLg4GKP
mQopH27mWpD8FqqZIUdNigFSIxZYWsZG7yetFzpqroJ7WFPUBzGUsZkMcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBQXcYzrvEl+KeYPXvl8Zs8koXR0MB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvRkJkeGpPdThTWDRwNWc5ZS1YeG16eVNoZEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GcpMA0G
CSqGSIb3DQEBCwUAA4IBAQAyOrLMRasGVsdskro0OF/5iYPh52c5Qja1ecAl4S0Z
pj9m+1c++sPByqTPSUCIGNZM+t+ZmEK9Qwk3m5b1Z1/Ljq3JJ1sRpLFI+8YZf8mA
yyqUhr8Ryy2+A5Mv/B2EhR4aQU4XmmKCfhl2IWEnHr5hHrRSIAtJhYDlNfidMEGx
iuerqrCl4W6zZP7ItEGYBvFxHbuJyBil1OFYgkaiCRHdV0yfntzHM/Tr3lXXGtsv
edEZcHR3yuQFKRMGfWfA10paQDuibX3SbQHzwwWndOqPCv4KPa0f0cupZI3R+y/A
u+TMT9nZxB+J1qHCTLsXRn1yKlwl48t1HekFdGwapk/6
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:30:22 2025 by rpki-client