Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/h4yh5t3VeU09ez4z5QgiB3uf1M8.roa
File: h4yh5t3VeU09ez4z5QgiB3uf1M8.roa (raw, json)
Hash identifier: 7vB9u+MBS8X00ggm9Dac/PkydD1mr0tiX66Zdum6Ios=
Subject key identifier: 87:8C:A1:E6:DD:D5:79:4D:3D:7B:3E:33:E5:08:22:07:7B:9F:D4:CF
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 018E136AA9EA4E620245D2203ECF5EB06FE2
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/h4yh5t3VeU09ez4z5QgiB3uf1M8.roa
Signing time: Wed 06 Mar 2024 10:59:01 +0000
ROA not before: Wed 06 Mar 2024 10:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216363
IP address blocks: 212.59.104.0/22 maxlen: 22
212.59.108.0/24 maxlen: 24
212.59.110.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:6a:a9:ea:4e:62:02:45:d2:20:3e:cf:5e:b0:6f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Mar 6 10:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=878ca1e6ddd5794d3d7b3e33e50822077b9fd4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:94:17:88:dd:b8:00:95:f6:72:07:a8:56:62:
ad:c4:b6:21:6d:74:cf:7e:34:6c:83:6c:f1:dc:da:
84:88:1b:6b:2b:71:d2:48:e8:5b:f9:a8:74:f1:fe:
f8:06:48:b3:54:9d:1c:dc:06:91:7d:c6:d2:b7:37:
54:7b:96:bb:d5:02:46:1e:4a:63:a6:ed:3a:cd:5f:
bb:44:f0:74:c8:eb:9f:53:17:ce:44:a0:a8:ae:a5:
e5:d4:d0:03:11:70:1a:a9:5d:36:e2:6a:f7:72:8c:
c9:0b:ab:87:01:01:fd:7d:5e:21:17:38:ab:67:92:
9a:ea:00:61:4d:f9:b0:c6:41:65:e3:43:cc:14:f3:
df:39:11:4c:87:fb:44:81:ff:dc:17:a3:c5:3e:e7:
9a:a0:86:6b:8b:9b:f9:13:10:f6:dc:b0:2d:81:e9:
68:32:e0:2a:46:95:12:4f:b4:64:24:80:ae:89:04:
7b:9c:0a:54:9f:d9:90:a7:4d:93:40:43:0e:c6:1e:
2f:ce:2b:78:85:1a:6e:a6:34:16:6d:85:f1:b5:82:
11:7c:f2:45:ad:8e:92:00:7f:5f:6b:3d:c7:44:7d:
ee:a5:a8:35:9c:b8:56:cc:ca:2a:f9:75:58:da:59:
22:ef:0d:98:89:0b:3f:06:9c:c6:59:eb:c6:6f:46:
e4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:8C:A1:E6:DD:D5:79:4D:3D:7B:3E:33:E5:08:22:07:7B:9F:D4:CF
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/h4yh5t3VeU09ez4z5QgiB3uf1M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.59.104.0-212.59.108.255
212.59.110.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:d8:9d:ad:c8:b5:cf:48:b3:54:94:49:d7:74:29:9c:24:a9:
8f:94:94:64:a9:1f:7e:66:be:06:0a:ae:8f:ce:dd:36:ee:08:
36:1a:b3:0c:40:e1:3b:3e:f1:49:89:73:31:f4:af:8b:45:54:
fc:98:4a:1a:98:ca:e8:f4:51:32:17:4f:13:49:85:fd:af:9c:
d1:7a:ad:f9:a8:b8:04:2f:6e:38:2d:ee:81:2d:b3:bd:9a:17:
38:4f:96:e3:33:c3:ac:ed:5d:f3:f7:ec:c8:44:14:6c:04:b2:
b6:11:38:72:d1:21:39:a8:88:ff:8e:94:26:c9:be:c6:44:76:
b7:d2:f5:f9:77:fa:30:cd:8a:fb:9d:a1:9e:7d:ab:15:0e:0b:
1f:2c:0a:32:4e:63:6b:91:65:84:ef:34:98:f5:e9:c4:d2:95:
47:43:ec:cc:11:78:ff:2e:4e:28:2c:c5:aa:32:61:c5:d0:4c:
41:60:18:2a:a5:05:6d:ba:0c:57:75:5a:26:08:41:06:96:4c:
3b:46:75:0d:10:36:b2:be:70:c3:85:a9:af:eb:5b:12:a5:c4:
e9:ef:4f:63:4c:dc:af:41:6b:0e:74:37:68:82:8d:49:3e:9d:
1e:16:d0:aa:d2:94:93:e9:17:83:4a:88:00:1b:4a:01:ca:7a:
97:f4:68:58
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY4TaqnqTmICRdIgPs9esG/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjQwMzA2MTA1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzhjYTFlNmRkZDU3OTRkM2Q3YjNlMzNlNTA4MjIwNzdiOWZkNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJQXiN24AJX2cgeoVmKtxLYhbXTP
fjRsg2zx3NqEiBtrK3HSSOhb+ah08f74BkizVJ0c3AaRfcbStzdUe5a71QJGHkpj
pu06zV+7RPB0yOufUxfORKCorqXl1NADEXAaqV024mr3cozJC6uHAQH9fV4hFzir
Z5Ka6gBhTfmwxkFl40PMFPPfORFMh/tEgf/cF6PFPueaoIZri5v5ExD23LAtgelo
MuAqRpUST7RkJICuiQR7nApUn9mQp02TQEMOxh4vzit4hRpupjQWbYXxtYIRfPJF
rY6SAH9faz3HRH3upag1nLhWzMoq+XVY2lki7w2YiQs/BpzGWevGb0bk/QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIeMoebd1XlNPXs+M+UIIgd7n9TPMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvaDR5aDV0M1ZlVTA5ZXo0ejVRZ2lCM3VmMU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPUO2gD
BADUO2wDBAHUO24wDQYJKoZIhvcNAQELBQADggEBAFvYna3Itc9Is1SUSdd0KZwk
qY+UlGSpH35mvgYKro/O3TbuCDYaswxA4Ts+8UmJczH0r4tFVPyYShqYyuj0UTIX
TxNJhf2vnNF6rfmouAQvbjgt7oEts72aFzhPluMzw6ztXfP37MhEFGwEsrYROHLR
ITmoiP+OlCbJvsZEdrfS9fl3+jDNivudoZ59qxUOCx8sCjJOY2uRZYTvNJj16cTS
lUdD7MwReP8uTigsxaoyYcXQTEFgGCqlBW26DFd1WiYIQQaWTDtGdQ0QNrK+cMOF
qa/rWxKlxOnvT2NM3K9Baw50N2iCjUk+nR4W0KrSlJPpF4NKiAAbSgHKepf0aFg=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:24 2024 by rpki-client on console.sobornost.net