Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/3-XpOXlSkPnf9TOx63am29Zvzds.roa
File: 3-XpOXlSkPnf9TOx63am29Zvzds.roa (raw, json)
Hash identifier: OYCmt/seUqGc9uSbd6Lvbpfj/7oe2t7Xf/xCkIFge6E=
Subject key identifier: DF:E5:E9:39:79:52:90:F9:DF:F5:33:B1:EB:76:A6:DB:D6:6F:CD:DB
Certificate issuer: /CN=7e1167886da81524431bbf2efb0572914b686ebc
Certificate serial: 01856C781207842ED3DEBB43ECDB3FA66E36
Authority key identifier: 7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/3-XpOXlSkPnf9TOx63am29Zvzds.roa
Signing time: Sun 01 Jan 2023 08:34:46 +0000
ROA not before: Sun 01 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13232
IP address blocks: 212.39.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:12:07:84:2e:d3:de:bb:43:ec:db:3f:a6:6e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e1167886da81524431bbf2efb0572914b686ebc
Validity
Not Before: Jan 1 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfe5e939795290f9dff533b1eb76a6dbd66fcddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b6:ce:0d:59:33:ab:31:a4:ad:08:4b:23:c2:
a9:94:7b:d9:62:23:a7:8c:c3:ab:8d:27:93:3e:ba:
12:6e:ab:15:b5:e8:6a:71:74:cd:88:99:f0:7f:2c:
69:a7:d3:04:4e:32:3c:eb:24:6c:64:4b:fa:40:b1:
96:78:17:18:76:ce:4c:c0:9f:d2:b8:11:33:b8:fc:
8d:c3:5e:0c:40:5a:cd:d5:8e:6d:b7:1e:52:53:a5:
78:a1:49:34:65:91:1e:8a:0d:aa:00:16:23:0e:c7:
db:7e:eb:a2:93:17:9f:a7:82:b2:14:7b:ba:76:c8:
e2:49:aa:34:c2:07:80:31:11:ec:f0:2e:93:76:a9:
a5:3f:d2:bc:43:7c:a6:07:5c:cd:eb:cb:42:52:98:
57:84:9e:11:12:0d:21:a0:ec:1b:7a:bf:07:a6:e8:
b1:42:1c:10:54:57:8f:7b:f8:94:db:b7:2e:89:99:
e1:06:6f:77:53:38:da:23:10:93:83:56:48:51:fe:
6d:e2:29:fd:e6:18:16:e6:e2:ec:d2:16:a5:4a:c4:
d6:9c:82:58:71:62:aa:77:8a:d0:0e:03:55:00:d2:
81:45:fd:7b:19:3f:80:f1:89:09:b2:ee:69:1b:c7:
62:87:f9:ae:64:d6:51:43:5a:96:39:6c:bb:eb:56:
ed:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E5:E9:39:79:52:90:F9:DF:F5:33:B1:EB:76:A6:DB:D6:6F:CD:DB
X509v3 Authority Key Identifier:
keyid:7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/3-XpOXlSkPnf9TOx63am29Zvzds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/fhFniG2oFSRDG78u-wVykUtobrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.39.228.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:27:de:fd:6e:6e:6d:97:73:a2:70:a6:32:bd:f3:85:d3:6e:
0e:ce:8e:63:03:91:86:cd:86:62:fe:f4:80:4f:f9:af:0e:67:
31:f3:d9:0a:11:32:88:02:c7:fb:d6:96:68:ca:63:ca:7a:27:
3c:5e:c7:87:e7:95:b5:ee:3f:2b:cb:a4:a0:8d:38:9e:1b:bd:
cd:50:ea:72:bc:a5:a3:00:15:b3:eb:d0:06:52:b8:4c:ff:64:
82:d6:a6:6c:2b:f8:b7:21:bf:94:40:4e:b2:1e:57:a1:f3:ab:
c7:14:db:7a:fe:29:63:90:46:dc:c9:9a:ee:9f:4b:0f:4b:c5:
75:b0:6f:f7:08:90:9f:b8:91:ba:13:36:8e:94:5f:76:dc:cf:
5b:e3:a9:f5:f5:12:19:07:bd:f5:88:e1:ab:3f:9b:09:cc:7d:
7d:8f:2c:a9:8d:70:a6:f9:56:3d:4d:12:c0:8e:df:32:ba:f6:
ca:1d:92:a4:ef:4c:5a:84:b9:b0:cb:1a:9b:df:cd:fe:74:35:
b3:6b:7c:38:ff:4c:f8:01:e7:db:8d:bb:1c:e2:b1:43:c2:80:
77:0b:1c:c9:27:d4:6c:e7:0f:c3:22:86:8b:7f:d7:b4:5d:c1:
30:26:92:e4:b1:fa:84:d7:a8:e6:19:83:5e:af:4d:66:6b:84:
bb:15:72:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseBIHhC7T3rtD7Ns/pm42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTE2Nzg4NmRhODE1MjQ0MzFiYmYyZWZiMDU3MjkxNGI2
ODZlYmMwHhcNMjMwMTAxMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmU1ZTkzOTc5NTI5MGY5ZGZmNTMzYjFlYjc2YTZkYmQ2NmZjZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrbODVkzqzGkrQhLI8KplHvZYiOn
jMOrjSeTProSbqsVtehqcXTNiJnwfyxpp9METjI86yRsZEv6QLGWeBcYds5MwJ/S
uBEzuPyNw14MQFrN1Y5ttx5SU6V4oUk0ZZEeig2qABYjDsfbfuuikxefp4KyFHu6
dsjiSao0wgeAMRHs8C6TdqmlP9K8Q3ymB1zN68tCUphXhJ4REg0hoOwber8Hpuix
QhwQVFePe/iU27cuiZnhBm93UzjaIxCTg1ZIUf5t4in95hgW5uLs0halSsTWnIJY
cWKqd4rQDgNVANKBRf17GT+A8YkJsu5pG8dih/muZNZRQ1qWOWy761btkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/l6Tl5UpD53/Uzset2ptvWb83bMB8GA1UdIwQY
MBaAFH4RZ4htqBUkQxu/LvsFcpFLaG68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYt
OWIyODJjNjQzMjU2LzEvMy1YcE9YbFNrUG5mOVRPeDYzYW0yOVp2emRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYtOWIyODJjNjQzMjU2
LzEvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1CfkMA0G
CSqGSIb3DQEBCwUAA4IBAQBqJ979bm5tl3OicKYyvfOF024Ozo5jA5GGzYZi/vSA
T/mvDmcx89kKETKIAsf71pZoymPKeic8XseH55W17j8ry6SgjTieG73NUOpyvKWj
ABWz69AGUrhM/2SC1qZsK/i3Ib+UQE6yHleh86vHFNt6/iljkEbcyZrun0sPS8V1
sG/3CJCfuJG6EzaOlF923M9b46n19RIZB731iOGrP5sJzH19jyypjXCm+VY9TRLA
jt8yuvbKHZKk70xahLmwyxqb383+dDWza3w4/0z4Aefbjbsc4rFDwoB3CxzJJ9Rs
5w/DIoaLf9e0XcEwJpLksfqE16jmGYNer01ma4S7FXIg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:49 2025 by rpki-client