Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/iUALYH9Qx-KmQ_JbsjGDqKbrSMg.roa
File: iUALYH9Qx-KmQ_JbsjGDqKbrSMg.roa (raw, json)
Hash identifier: J/C5+I1o5OfCDBmHpLIr3A3a8IqhNi/mTmcSiS/HOWQ=
Subject key identifier: 89:40:0B:60:7F:50:C7:E2:A6:43:F2:5B:B2:31:83:A8:A6:EB:48:C8
Certificate issuer: /CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Certificate serial: 01906182A0681E8EDC6D19609E96A00D7FE5
Authority key identifier: A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/iUALYH9Qx-KmQ_JbsjGDqKbrSMg.roa
Signing time: Sat 29 Jun 2024 01:01:09 +0000
ROA not before: Sat 29 Jun 2024 01:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 212.60.10.0/24 maxlen: 24
212.60.11.0/24 maxlen: 24
2a09:800:2000::/35 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:61:82:a0:68:1e:8e:dc:6d:19:60:9e:96:a0:0d:7f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Validity
Not Before: Jun 29 01:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89400b607f50c7e2a643f25bb23183a8a6eb48c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8e:f2:8f:54:12:f2:84:31:a4:e3:08:c9:22:
64:1e:20:56:10:0d:29:7c:59:8e:ac:fb:73:8c:cc:
b0:64:80:93:05:8f:2d:70:b2:2a:cf:3d:ef:af:72:
25:35:3b:b6:c4:b5:41:e6:82:b0:37:cc:94:8f:f1:
35:8e:b3:09:f9:5e:4a:98:66:40:2e:77:ac:57:e5:
e9:ee:9f:bd:ab:b6:28:ce:1d:7d:cc:72:e0:bc:57:
40:f5:80:27:50:7a:0d:3e:b8:ae:a0:6a:bd:9d:37:
e8:46:d2:fa:1c:89:3e:0e:35:2a:b2:65:f9:fa:24:
e1:3d:16:e5:30:61:63:91:56:19:54:69:66:66:d5:
0a:03:63:d9:99:d2:5c:5b:8b:73:46:7f:d6:d0:fd:
1a:d3:34:c0:98:f6:7f:13:f8:1c:aa:4c:87:90:12:
89:85:7f:37:87:b2:f8:13:f7:5e:24:a7:33:b6:49:
58:27:59:9a:d9:1a:fa:e8:77:60:a8:c5:b6:c3:97:
12:91:96:a8:0c:8c:12:b3:29:1d:be:2d:76:b3:f4:
94:8f:90:5d:47:10:48:2d:04:7c:27:49:6b:47:40:
30:96:99:51:cc:46:7c:82:4a:e7:93:15:b3:2b:87:
a6:c5:8a:33:22:4a:22:8b:49:1d:2b:0b:27:d6:7f:
6c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:40:0B:60:7F:50:C7:E2:A6:43:F2:5B:B2:31:83:A8:A6:EB:48:C8
X509v3 Authority Key Identifier:
keyid:A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/iUALYH9Qx-KmQ_JbsjGDqKbrSMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.10.0/23
IPv6:
2a09:800:2000::/35
Signature Algorithm: sha256WithRSAEncryption
79:0d:81:5a:3e:80:2f:39:66:81:19:d6:38:90:04:73:6a:d8:
78:86:83:8a:af:2b:de:2b:5c:d4:c7:03:e7:21:20:62:7c:d5:
fe:1a:58:0e:82:0c:1c:57:d3:83:5e:37:aa:a0:09:1c:05:ee:
66:26:b0:c5:b3:90:c4:5a:ac:9d:eb:46:4e:32:5f:8a:89:05:
80:e3:28:78:60:9d:8b:7e:88:94:65:65:45:b7:d4:60:c5:b6:
8c:ee:3a:be:03:49:80:dd:bc:db:c4:bb:35:83:10:14:69:0e:
30:d3:10:36:95:93:a9:a0:10:49:93:3d:88:e5:46:e3:68:a4:
c4:e5:80:71:45:96:ea:63:7f:ce:ef:c8:96:3f:32:08:a8:1c:
b2:49:a3:6b:66:e8:f7:b3:48:8a:8e:84:37:6e:f9:f2:62:c1:
0f:2f:a6:5f:5f:f5:9d:10:95:83:7b:7c:69:29:a8:90:fa:2b:
7a:41:29:36:6e:6d:38:8f:0f:99:87:4e:ba:5d:f5:f0:b7:0e:
17:59:84:68:aa:db:c9:82:09:6e:09:7f:16:49:28:f0:77:b8:
14:5c:c4:d7:b1:00:ce:bd:f5:c8:24:88:3d:ec:99:4b:19:21:
12:b1:0c:a5:d1:ed:31:ec:c0:f1:23:53:48:12:a9:7a:a3:4a:
10:de:de:0b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZBhgqBoHo7cbRlgnpagDX/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTJkNjM3Y2IwYWNjZjg3MjFmNDNlMjY2Y2UyMTNmOGVk
ZGQyNmEwHhcNMjQwNjI5MDEwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQwMGI2MDdmNTBjN2UyYTY0M2YyNWJiMjMxODNhOGE2ZWI0OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI7yj1QS8oQxpOMIySJkHiBWEA0p
fFmOrPtzjMywZICTBY8tcLIqzz3vr3IlNTu2xLVB5oKwN8yUj/E1jrMJ+V5KmGZA
LnesV+Xp7p+9q7Yozh19zHLgvFdA9YAnUHoNPriuoGq9nTfoRtL6HIk+DjUqsmX5
+iThPRblMGFjkVYZVGlmZtUKA2PZmdJcW4tzRn/W0P0a0zTAmPZ/E/gcqkyHkBKJ
hX83h7L4E/deJKcztklYJ1ma2Rr66HdgqMW2w5cSkZaoDIwSsykdvi12s/SUj5Bd
RxBILQR8J0lrR0AwlplRzEZ8gkrnkxWzK4emxYozIkoii0kdKwsn1n9sLwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIlAC2B/UMfipkPyW7Ixg6im60jIMB8GA1UdIwQY
MBaAFKGi1jfLCsz4ch9D4mbOIT+O3dJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQt
ZTIxOTc0YTI5NGJhLzEvaVVBTFlIOVF4LUttUV9KYnNqR0RxS2JyU01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQtZTIxOTc0YTI5NGJh
LzEvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQB1DwKMA4E
AgACMAgDBgUqCQgAIDANBgkqhkiG9w0BAQsFAAOCAQEAeQ2BWj6ALzlmgRnWOJAE
c2rYeIaDiq8r3itc1McD5yEgYnzV/hpYDoIMHFfTg143qqAJHAXuZiawxbOQxFqs
netGTjJfiokFgOMoeGCdi36IlGVlRbfUYMW2jO46vgNJgN2828S7NYMQFGkOMNMQ
NpWTqaAQSZM9iOVG42ikxOWAcUWW6mN/zu/Ilj8yCKgcskmja2bo97NIio6EN275
8mLBDy+mX1/1nRCVg3t8aSmokPorekEpNm5tOI8PmYdOul318LcOF1mEaKrbyYIJ
bgl/Fkko8He4FFzE17EAzr31yCSIPeyZSxkhErEMpdHtMezA8SNTSBKpeqNKEN7e
Cw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:13 2025 by rpki-client