Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/428db9-a1a4-4f5d-a411-df29d618d660/1/bUBxFG9mcYcGYMR4pKYLiu1U5oY.roa
File: bUBxFG9mcYcGYMR4pKYLiu1U5oY.roa (raw, json)
Hash identifier: WzalD2p1K0yD8hv+vhJxG+1YnYw5igPdv3VI6hW/r+U=
Subject key identifier: 6D:40:71:14:6F:66:71:87:06:60:C4:78:A4:A6:0B:8A:ED:54:E6:86
Certificate issuer: /CN=0eecb618add708467f774d93e2674076993ecd54
Certificate serial: 018CC493784AE5A68F4997460B3EE17D48E5
Authority key identifier: 0E:EC:B6:18:AD:D7:08:46:7F:77:4D:93:E2:67:40:76:99:3E:CD:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Duy2GK3XCEZ_d02T4mdAdpk-zVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/428db9-a1a4-4f5d-a411-df29d618d660/1/bUBxFG9mcYcGYMR4pKYLiu1U5oY.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206502
IP address blocks: 78.108.212.0/24 maxlen: 24
78.108.212.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:78:4a:e5:a6:8f:49:97:46:0b:3e:e1:7d:48:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eecb618add708467f774d93e2674076993ecd54
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d4071146f6671870660c478a4a60b8aed54e686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:19:dd:85:59:57:38:b6:1f:6c:57:2f:4e:74:
3a:04:e8:7f:22:0f:9f:f1:9b:9d:10:72:ef:85:5f:
b3:ae:f1:5d:66:d0:aa:a4:37:f5:e3:c4:d4:82:47:
2a:0d:8d:6e:38:87:51:b6:df:01:4f:c2:9d:f8:d7:
09:bf:a2:e2:68:08:44:91:51:41:f7:99:dd:7f:64:
0d:15:9e:3c:00:3d:62:20:5a:3d:dd:7c:9f:37:48:
22:da:aa:40:00:1b:7d:89:52:0e:9f:df:2f:37:2b:
14:31:be:aa:01:95:ca:e0:69:c5:3e:06:52:25:b5:
73:5e:3c:61:93:ac:db:eb:69:e2:b5:51:11:81:86:
0d:1d:91:b3:32:af:06:5c:75:8a:c7:f5:f6:d4:c3:
24:4a:df:74:ab:75:59:76:34:54:63:87:f7:99:d1:
79:fb:d4:8c:41:ba:4e:98:c5:71:62:33:a0:fe:3d:
d1:b5:ae:38:4e:65:cd:b3:78:f0:2e:20:c5:7e:d8:
ef:9c:5b:00:ef:71:d5:7f:d3:4f:11:bd:62:6c:41:
0d:05:6f:19:6b:56:cd:45:d8:fa:02:81:d1:4e:3d:
0b:31:2f:4d:29:31:09:1d:54:7a:b9:61:4b:99:7e:
cf:c2:d8:74:77:09:32:66:bc:f6:cf:5a:81:2b:2a:
aa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:40:71:14:6F:66:71:87:06:60:C4:78:A4:A6:0B:8A:ED:54:E6:86
X509v3 Authority Key Identifier:
keyid:0E:EC:B6:18:AD:D7:08:46:7F:77:4D:93:E2:67:40:76:99:3E:CD:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Duy2GK3XCEZ_d02T4mdAdpk-zVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/428db9-a1a4-4f5d-a411-df29d618d660/1/bUBxFG9mcYcGYMR4pKYLiu1U5oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/428db9-a1a4-4f5d-a411-df29d618d660/1/Duy2GK3XCEZ_d02T4mdAdpk-zVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.212.0/23
Signature Algorithm: sha256WithRSAEncryption
24:ad:a8:a3:e5:87:ec:2f:c8:97:07:9a:31:ae:c8:af:17:45:
9e:fa:a9:8d:b1:47:4d:e4:31:b7:c5:b0:d9:51:51:c6:be:33:
1a:c0:34:b9:83:d3:04:d9:34:ca:76:54:cd:24:c8:3f:28:6d:
6d:e2:b2:1c:55:f5:de:06:67:a1:8b:24:0d:c9:68:57:3a:3f:
9f:08:3b:36:8e:1b:92:8a:fe:34:fa:78:f6:47:28:09:b9:50:
fa:54:4f:e8:34:34:fb:fe:fd:d0:8f:df:d9:6c:58:16:67:97:
f9:b6:2d:40:2a:13:2f:55:24:1d:52:9f:96:04:82:16:6a:57:
b4:56:2b:33:40:f5:24:a7:3e:ac:0a:33:7d:2b:92:5a:b1:91:
27:42:38:b6:c3:5f:c5:88:86:c9:e5:c5:cf:a6:87:bc:bb:0b:
27:f1:98:aa:16:d5:b5:d5:d7:29:97:cb:69:95:98:1f:a3:a2:
6c:89:f2:3c:12:1b:94:f4:76:5c:85:75:89:b9:ce:9a:bd:25:
f9:a3:15:61:27:a7:21:dd:0f:a5:c1:00:c4:05:51:9f:6f:2c:
4b:d2:fb:d0:ad:a3:70:21:5f:39:63:d2:f8:d8:3c:ca:3d:05:
ee:51:07:70:ba:d5:32:71:20:0b:dc:c1:9b:ca:8d:01:cc:90:
bf:6f:26:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk3hK5aaPSZdGCz7hfUjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZWNiNjE4YWRkNzA4NDY3Zjc3NGQ5M2UyNjc0MDc2OTkz
ZWNkNTQwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQwNzExNDZmNjY3MTg3MDY2MGM0NzhhNGE2MGI4YWVkNTRlNjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBndhVlXOLYfbFcvTnQ6BOh/Ig+f
8ZudEHLvhV+zrvFdZtCqpDf148TUgkcqDY1uOIdRtt8BT8Kd+NcJv6LiaAhEkVFB
95ndf2QNFZ48AD1iIFo93XyfN0gi2qpAABt9iVIOn98vNysUMb6qAZXK4GnFPgZS
JbVzXjxhk6zb62nitVERgYYNHZGzMq8GXHWKx/X21MMkSt90q3VZdjRUY4f3mdF5
+9SMQbpOmMVxYjOg/j3Rta44TmXNs3jwLiDFftjvnFsA73HVf9NPEb1ibEENBW8Z
a1bNRdj6AoHRTj0LMS9NKTEJHVR6uWFLmX7Pwth0dwkyZrz2z1qBKyqqPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1AcRRvZnGHBmDEeKSmC4rtVOaGMB8GA1UdIwQY
MBaAFA7sthit1whGf3dNk+JnQHaZPs1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHV5MkdLM1hDRVpfZDAyVDRtZEFkcGstelZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80MjhkYjktYTFhNC00ZjVkLWE0MTEt
ZGYyOWQ2MThkNjYwLzEvYlVCeEZHOW1jWWNHWU1SNHBLWUxpdTFVNW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80MjhkYjktYTFhNC00ZjVkLWE0MTEtZGYyOWQ2MThkNjYw
LzEvRHV5MkdLM1hDRVpfZDAyVDRtZEFkcGstelZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTmzUMA0G
CSqGSIb3DQEBCwUAA4IBAQAkraij5YfsL8iXB5oxrsivF0We+qmNsUdN5DG3xbDZ
UVHGvjMawDS5g9ME2TTKdlTNJMg/KG1t4rIcVfXeBmehiyQNyWhXOj+fCDs2jhuS
iv40+nj2RygJuVD6VE/oNDT7/v3Qj9/ZbFgWZ5f5ti1AKhMvVSQdUp+WBIIWale0
ViszQPUkpz6sCjN9K5JasZEnQji2w1/FiIbJ5cXPpoe8uwsn8ZiqFtW11dcpl8tp
lZgfo6JsifI8EhuU9HZchXWJuc6avSX5oxVhJ6ch3Q+lwQDEBVGfbyxL0vvQraNw
IV85Y9L42DzKPQXuUQdwutUycSAL3MGbyo0BzJC/byYS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:41 2025 by rpki-client