Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/EzrvXLF-MmLybEmZJ2eW2xEONHs.roa
File: EzrvXLF-MmLybEmZJ2eW2xEONHs.roa (raw, json)
Hash identifier: RF6Dl/sCu3vkVuvkH1yCtoGTVf/6WBZmKUrbuif2lko=
Subject key identifier: 13:3A:EF:5C:B1:7E:32:62:F2:6C:49:99:27:67:96:DB:11:0E:34:7B
Certificate issuer: /CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Certificate serial: 01941FFA430D75252C7B3B58EED58D96EA7C
Authority key identifier: A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/EzrvXLF-MmLybEmZJ2eW2xEONHs.roa
Signing time: Wed 01 Jan 2025 03:48:02 +0000
ROA not before: Wed 01 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 212.60.8.0/24 maxlen: 24
212.60.9.0/24 maxlen: 24
212.60.10.0/24 maxlen: 24
212.60.11.0/24 maxlen: 24
2a09:800:2000::/35 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:43:0d:75:25:2c:7b:3b:58:ee:d5:8d:96:ea:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Validity
Not Before: Jan 1 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=133aef5cb17e3262f26c4999276796db110e347b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b8:21:7f:19:e2:1f:87:f9:a8:f8:3a:2d:44:
50:6b:3a:91:11:4b:71:f5:41:48:8a:c6:f5:64:fc:
40:d9:9c:94:44:ce:b5:1b:e6:93:59:76:11:6a:58:
cb:cf:24:9f:8e:3a:b9:a5:b8:af:f6:7a:e5:54:6d:
a4:47:62:cf:91:39:f2:2d:56:e2:11:4b:71:f1:3a:
32:62:1d:e1:80:c4:bc:a8:d9:af:96:4d:11:a4:b0:
db:65:3e:57:08:5a:80:78:ca:9d:fb:a0:1c:af:98:
e0:be:32:bf:dd:11:9d:8e:b7:67:2a:cb:2e:17:97:
48:18:d0:46:5f:ed:3d:79:eb:8d:70:0b:de:1f:c7:
47:c5:fc:ed:f5:7c:87:97:77:8c:b0:9b:e3:0d:ab:
cd:18:72:04:26:53:2c:45:3c:ec:62:7a:12:5d:f4:
48:b5:1f:c9:eb:1b:5c:37:51:c8:b9:26:4f:e9:09:
01:54:70:f9:5f:8e:31:13:12:fd:1d:9f:31:cf:25:
ba:3b:72:ed:39:e5:84:4f:31:66:f6:2e:63:70:7b:
0b:0e:9c:4c:fa:24:ff:21:d7:b5:11:39:6a:0b:79:
09:16:03:24:79:ca:d0:96:c5:4c:24:47:0a:0e:fb:
28:11:2d:ba:31:96:f6:35:12:9b:b8:0d:41:5d:08:
43:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:3A:EF:5C:B1:7E:32:62:F2:6C:49:99:27:67:96:DB:11:0E:34:7B
X509v3 Authority Key Identifier:
keyid:A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/EzrvXLF-MmLybEmZJ2eW2xEONHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.8.0/22
IPv6:
2a09:800:2000::/35
Signature Algorithm: sha256WithRSAEncryption
9d:67:33:5e:d5:55:e8:4f:ef:9d:52:b3:3b:1c:02:4d:0f:dc:
e3:e1:32:ec:fb:87:2b:7a:6c:e4:47:23:1c:34:51:b8:64:2e:
2d:9f:98:bb:97:9f:8f:ca:2f:31:c6:c2:0e:30:cb:c5:60:d5:
7a:c2:25:19:f1:d8:e3:a2:e2:6f:8b:5f:f9:87:04:47:2b:73:
61:9a:91:b9:15:b6:e6:d3:b0:53:17:9a:86:f8:24:04:ed:d2:
71:89:6e:ce:45:0a:67:2f:aa:39:3e:08:65:74:35:01:fe:d9:
5d:25:47:5f:c9:c4:16:bd:cd:c1:dd:54:28:14:e3:ca:66:f3:
1d:02:c1:86:e3:28:44:e7:6b:ef:75:60:a0:81:88:43:95:8a:
49:62:1e:7d:e0:85:18:50:7a:f9:18:aa:0d:55:f5:8d:4e:57:
67:4d:66:0b:56:71:97:45:b9:be:52:4a:ba:34:a3:14:23:93:
e5:ee:48:52:ee:3a:90:23:cc:81:20:5f:2d:36:9b:6f:8c:d2:
f6:be:80:f9:70:2e:ef:3d:d4:6e:7d:5a:a1:78:b2:f2:59:df:
3d:c0:50:82:2f:77:d3:67:ca:52:71:0f:8b:90:40:00:42:58:
2d:be:2f:a4:47:d5:12:c8:39:5c:5b:94:bd:f9:82:fb:b2:23:
c3:d8:a7:22
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQf+kMNdSUseztY7tWNlup8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTJkNjM3Y2IwYWNjZjg3MjFmNDNlMjY2Y2UyMTNmOGVk
ZGQyNmEwHhcNMjUwMTAxMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzNhZWY1Y2IxN2UzMjYyZjI2YzQ5OTkyNzY3OTZkYjExMGUzNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7ghfxniH4f5qPg6LURQazqREUtx
9UFIisb1ZPxA2ZyURM61G+aTWXYRaljLzySfjjq5pbiv9nrlVG2kR2LPkTnyLVbi
EUtx8ToyYh3hgMS8qNmvlk0RpLDbZT5XCFqAeMqd+6Acr5jgvjK/3RGdjrdnKssu
F5dIGNBGX+09eeuNcAveH8dHxfzt9XyHl3eMsJvjDavNGHIEJlMsRTzsYnoSXfRI
tR/J6xtcN1HIuSZP6QkBVHD5X44xExL9HZ8xzyW6O3LtOeWETzFm9i5jcHsLDpxM
+iT/Ide1ETlqC3kJFgMkecrQlsVMJEcKDvsoES26MZb2NRKbuA1BXQhDwQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBM671yxfjJi8mxJmSdnltsRDjR7MB8GA1UdIwQY
MBaAFKGi1jfLCsz4ch9D4mbOIT+O3dJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQt
ZTIxOTc0YTI5NGJhLzEvRXpydlhMRi1NbUx5YkVtWkoyZVcyeEVPTkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQtZTIxOTc0YTI5NGJh
LzEvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQC1DwIMA4E
AgACMAgDBgUqCQgAIDANBgkqhkiG9w0BAQsFAAOCAQEAnWczXtVV6E/vnVKzOxwC
TQ/c4+Ey7PuHK3ps5EcjHDRRuGQuLZ+Yu5efj8ovMcbCDjDLxWDVesIlGfHY46Li
b4tf+YcERytzYZqRuRW25tOwUxeahvgkBO3ScYluzkUKZy+qOT4IZXQ1Af7ZXSVH
X8nEFr3Nwd1UKBTjymbzHQLBhuMoROdr73VgoIGIQ5WKSWIefeCFGFB6+RiqDVX1
jU5XZ01mC1Zxl0W5vlJKujSjFCOT5e5IUu46kCPMgSBfLTabb4zS9r6A+XAu7z3U
bn1aoXiy8lnfPcBQgi9302fKUnEPi5BAAEJYLb4vpEfVEsg5XFuUvfmC+7Ijw9in
Ig==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:24 2025 by rpki-client