Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/6kOpeVKCMryPnSWXwoWUxGONQZA.roa
File: 6kOpeVKCMryPnSWXwoWUxGONQZA.roa (raw, json)
Hash identifier: wgXHrL7pKve2XnFpVGEdcTM9hUZ8PIV7WYmoByl6ukU=
Subject key identifier: EA:43:A9:79:52:82:32:BC:8F:9D:25:97:C2:85:94:C4:63:8D:41:90
Certificate issuer: /CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Certificate serial: 018C529B547028FB6A048097104BBFC17E98
Authority key identifier: A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/6kOpeVKCMryPnSWXwoWUxGONQZA.roa
Signing time: Sun 10 Dec 2023 07:22:40 +0000
ROA not before: Sun 10 Dec 2023 07:22:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209975
IP address blocks: 212.60.8.0/27 maxlen: 27
212.60.8.0/24 maxlen: 24
212.60.8.0/22 maxlen: 22
212.60.9.0/24 maxlen: 24
212.60.11.0/24 maxlen: 24
212.60.10.0/24 maxlen: 24
2a09:800:1002::/48 maxlen: 48
2a09:800:1001::/48 maxlen: 48
2a09:800::/35 maxlen: 35
2a09:800:2000::/35 maxlen: 35
2a09:800:4000::/35 maxlen: 35
2a09:800::/36 maxlen: 36
2a09:800:1000::/48 maxlen: 48
2a09:800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:52:9b:54:70:28:fb:6a:04:80:97:10:4b:bf:c1:7e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Validity
Not Before: Dec 10 07:22:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea43a979528232bc8f9d2597c28594c4638d4190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:a5:68:8f:6c:31:45:6b:62:58:9a:2b:00:
e0:42:c0:6b:52:8d:ad:bd:2c:29:11:a3:e2:e7:7b:
54:b2:4c:3b:00:c9:ca:21:7f:ae:4a:5a:72:6a:b5:
e5:1d:6a:dc:b8:7b:5f:1c:66:e6:0b:48:2d:d6:b8:
c8:fc:54:9a:7b:7f:b0:ef:95:fe:f5:3d:92:3b:16:
be:87:b8:32:34:dc:aa:d6:70:ac:f9:3e:49:26:68:
08:62:1d:9a:20:c0:9e:47:4e:a3:83:d3:46:27:6d:
f4:97:7a:83:0d:76:5c:86:94:12:0c:9f:1c:b0:1a:
e1:d7:63:17:45:47:f3:a1:37:1e:73:7a:f9:e7:37:
95:f0:91:01:14:48:6e:59:ff:b1:d4:f2:9a:e1:94:
cb:10:8e:25:e3:5d:11:77:fa:b0:fa:cf:48:1a:bc:
e6:8f:63:86:71:16:1c:cd:ae:0e:28:1b:ec:58:f9:
0e:75:fe:89:50:36:1f:72:c8:e4:f6:3f:75:4e:54:
5b:67:65:ea:3d:fb:89:8d:64:30:e1:19:9d:7f:0b:
f8:ce:63:f2:60:8b:01:16:d7:c7:57:4f:7d:7e:13:
1b:79:d0:95:75:68:33:83:d5:5e:f9:37:de:91:a4:
2c:6e:19:c2:13:d5:46:9d:e2:12:2d:c8:17:af:de:
80:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:43:A9:79:52:82:32:BC:8F:9D:25:97:C2:85:94:C4:63:8D:41:90
X509v3 Authority Key Identifier:
keyid:A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/6kOpeVKCMryPnSWXwoWUxGONQZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.8.0/22
IPv6:
2a09:800::/29
Signature Algorithm: sha256WithRSAEncryption
c1:70:08:69:89:7d:da:5a:29:e6:b7:5b:32:96:2a:3f:29:11:
99:a5:95:e7:92:b2:11:74:6e:2f:5c:ee:ec:52:36:13:80:8d:
1d:2a:0f:3b:ec:8c:dc:8f:b0:41:8d:bc:e2:37:f7:bd:c7:0a:
e1:c0:14:26:70:25:0f:21:73:50:ed:02:69:4f:a7:e7:c0:29:
03:23:36:e1:e7:2b:73:2e:82:ab:8a:f8:b7:ee:c7:8d:a7:c5:
59:53:ba:88:62:ba:82:c2:46:51:9b:cd:cc:cd:71:65:49:12:
27:31:18:89:1f:fb:69:6b:cf:9e:c5:46:a4:ec:31:9d:05:ff:
1f:e4:b7:8a:7f:c4:9d:83:fa:5c:51:38:03:2f:ce:d8:37:d2:
a5:5c:a6:14:25:03:75:ff:41:86:cb:e6:62:11:2f:e0:12:b0:
45:7a:e5:0a:b5:59:fa:eb:80:6b:88:29:f0:cb:05:7d:46:8a:
51:74:74:76:29:e4:2a:74:d3:9c:c2:2e:d8:89:43:92:08:66:
87:23:4a:98:1e:db:96:d4:89:7d:34:60:c2:4d:63:4f:88:74:
c6:73:aa:b4:30:01:f8:20:80:17:35:cf:6e:24:5f:f0:77:9c:
da:5c:12:7c:59:53:3d:35:8c:13:78:6c:7b:9b:00:75:c6:95:
71:e3:c4:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxSm1RwKPtqBICXEEu/wX6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTJkNjM3Y2IwYWNjZjg3MjFmNDNlMjY2Y2UyMTNmOGVk
ZGQyNmEwHhcNMjMxMjEwMDcyMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQzYTk3OTUyODIzMmJjOGY5ZDI1OTdjMjg1OTRjNDYzOGQ0MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6SlaI9sMUVrYliaKwDgQsBrUo2t
vSwpEaPi53tUskw7AMnKIX+uSlpyarXlHWrcuHtfHGbmC0gt1rjI/FSae3+w75X+
9T2SOxa+h7gyNNyq1nCs+T5JJmgIYh2aIMCeR06jg9NGJ230l3qDDXZchpQSDJ8c
sBrh12MXRUfzoTcec3r55zeV8JEBFEhuWf+x1PKa4ZTLEI4l410Rd/qw+s9IGrzm
j2OGcRYcza4OKBvsWPkOdf6JUDYfcsjk9j91TlRbZ2XqPfuJjWQw4Rmdfwv4zmPy
YIsBFtfHV099fhMbedCVdWgzg9Ve+TfekaQsbhnCE9VGneISLcgXr96AqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOpDqXlSgjK8j50ll8KFlMRjjUGQMB8GA1UdIwQY
MBaAFKGi1jfLCsz4ch9D4mbOIT+O3dJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQt
ZTIxOTc0YTI5NGJhLzEvNmtPcGVWS0NNcnlQblNXWHdvV1V4R09OUVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQtZTIxOTc0YTI5NGJh
LzEvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC1DwIMA0E
AgACMAcDBQMqCQgAMA0GCSqGSIb3DQEBCwUAA4IBAQDBcAhpiX3aWinmt1sylio/
KRGZpZXnkrIRdG4vXO7sUjYTgI0dKg877Izcj7BBjbziN/e9xwrhwBQmcCUPIXNQ
7QJpT6fnwCkDIzbh5ytzLoKrivi37seNp8VZU7qIYrqCwkZRm83MzXFlSRInMRiJ
H/tpa8+exUak7DGdBf8f5LeKf8Sdg/pcUTgDL87YN9KlXKYUJQN1/0GGy+ZiES/g
ErBFeuUKtVn664BriCnwywV9RopRdHR2KeQqdNOcwi7YiUOSCGaHI0qYHtuW1Il9
NGDCTWNPiHTGc6q0MAH4IIAXNc9uJF/wd5zaXBJ8WVM9NYwTeGx7mwB1xpVx48Q/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:46 2025 by rpki-client