Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/GIQBtXrkrDrEhJy39snt_uhqvHg.roa
File: GIQBtXrkrDrEhJy39snt_uhqvHg.roa (raw, json)
Hash identifier: gDXE5IDARzlfL8w6IWi9c5fd4W+YAo3P5B622rZT9IE=
Subject key identifier: 18:84:01:B5:7A:E4:AC:3A:C4:84:9C:B7:F6:C9:ED:FE:E8:6A:BC:78
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 019397AA233BE0ECD748E78838921B9E19D5
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/GIQBtXrkrDrEhJy39snt_uhqvHg.roa
Signing time: Thu 05 Dec 2024 16:32:09 +0000
ROA not before: Thu 05 Dec 2024 16:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9076
IP address blocks: 212.104.1.0/24 maxlen: 24
212.104.10.0/24 maxlen: 24
212.104.14.0/24 maxlen: 24
212.104.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:97:aa:23:3b:e0:ec:d7:48:e7:88:38:92:1b:9e:19:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Dec 5 16:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=188401b57ae4ac3ac4849cb7f6c9edfee86abc78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:35:66:39:59:e2:06:28:47:4b:03:ab:cc:ce:
78:b1:f2:36:0a:07:cc:ab:e2:10:ee:86:f7:80:e5:
af:33:04:da:9f:c7:7e:67:7b:5e:5a:a6:b7:7e:ca:
3c:19:81:6c:a2:33:fc:4f:e3:8a:13:ff:98:5a:40:
33:6b:bd:36:cc:3c:eb:fb:6a:4c:e9:0a:d1:a2:7e:
fc:60:2c:84:92:0a:d6:aa:87:88:f4:9f:8a:d3:f9:
6e:21:25:3f:51:5e:bd:69:80:7c:fb:70:eb:d3:e8:
42:ec:cd:bd:ff:37:a5:ad:8a:25:7c:2d:24:ab:00:
16:bb:d8:81:81:cd:84:ca:7d:4a:16:ab:e6:7f:fa:
74:0b:d1:a8:32:8a:a2:e3:b5:ce:09:ae:3a:2d:36:
93:0a:0c:24:1b:a4:11:18:9c:df:ee:b8:7f:d0:b5:
1b:31:e9:23:1e:2e:6b:40:37:f6:db:db:b7:f3:08:
84:7e:46:09:c7:88:66:0f:c1:65:c7:4e:b4:80:31:
37:d2:a1:88:18:04:98:4c:1c:6d:68:ce:63:bd:37:
a9:2e:0a:a9:9f:13:b2:a3:37:7f:37:39:37:53:78:
52:a9:ac:9a:75:f0:52:25:d5:29:23:38:5f:7d:70:
93:40:ba:dc:5b:de:b1:a9:f4:23:65:c6:6b:19:9b:
47:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:84:01:B5:7A:E4:AC:3A:C4:84:9C:B7:F6:C9:ED:FE:E8:6A:BC:78
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/GIQBtXrkrDrEhJy39snt_uhqvHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.1.0/24
212.104.10.0/24
212.104.14.0/24
212.104.43.0/24
Signature Algorithm: sha256WithRSAEncryption
76:fd:f9:df:94:23:b3:28:d4:5d:90:75:05:04:60:73:a1:aa:
97:fd:64:a2:9f:e6:65:21:4d:bd:a4:ea:25:d0:96:72:78:28:
69:f9:5d:05:05:97:f3:7d:24:a1:ed:a1:c3:f4:ff:de:f9:6e:
78:0b:87:7b:4c:ac:39:65:9c:4c:0b:5b:c8:cc:a4:bb:b0:22:
7a:71:8c:6c:f9:29:72:da:d1:31:7e:06:59:03:83:a6:85:4a:
58:23:6e:ae:9c:33:fc:d0:f9:a0:8f:34:21:49:48:02:8a:0f:
70:ec:1d:1f:b5:71:29:48:5a:b3:9f:b1:13:aa:df:ec:4e:4a:
94:d4:9a:82:7a:9c:2f:f5:e0:1c:69:cd:74:97:b4:be:7f:80:
5d:de:ef:2c:4e:db:64:31:8a:03:5c:f4:2b:9b:cd:5b:20:81:
84:8b:42:83:9d:ee:f3:3a:63:b1:3a:3a:b4:e1:9b:c9:6e:3b:
67:2a:0c:52:e4:7f:b1:1d:c4:ca:8a:73:9d:ec:de:0c:5b:bc:
ae:db:ab:9d:ad:4b:a7:63:d5:9c:91:74:03:15:2b:77:74:2c:
d1:8c:e0:37:b4:b7:b3:95:a3:f5:3b:f8:9c:3b:d4:02:c3:40:
3d:61:93:85:d0:96:0e:81:46:a0:a5:ba:ae:a6:da:04:46:47:
9a:de:55:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOXqiM74OzXSOeIOJIbnhnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjQxMjA1MTYzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg0MDFiNTdhZTRhYzNhYzQ4NDljYjdmNmM5ZWRmZWU4NmFiYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTVmOVniBihHSwOrzM54sfI2CgfM
q+IQ7ob3gOWvMwTan8d+Z3teWqa3fso8GYFsojP8T+OKE/+YWkAza702zDzr+2pM
6QrRon78YCyEkgrWqoeI9J+K0/luISU/UV69aYB8+3Dr0+hC7M29/zelrYolfC0k
qwAWu9iBgc2Eyn1KFqvmf/p0C9GoMoqi47XOCa46LTaTCgwkG6QRGJzf7rh/0LUb
MekjHi5rQDf229u38wiEfkYJx4hmD8Flx060gDE30qGIGASYTBxtaM5jvTepLgqp
nxOyozd/Nzk3U3hSqayadfBSJdUpIzhffXCTQLrcW96xqfQjZcZrGZtHMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBiEAbV65Kw6xISct/bJ7f7oarx4MB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvR0lRQnRYcmtyRHJFaEp5MzlzbnRfdWhxdkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1GgBAwQA
1GgKAwQA1GgOAwQA1GgrMA0GCSqGSIb3DQEBCwUAA4IBAQB2/fnflCOzKNRdkHUF
BGBzoaqX/WSin+ZlIU29pOol0JZyeChp+V0FBZfzfSSh7aHD9P/e+W54C4d7TKw5
ZZxMC1vIzKS7sCJ6cYxs+Sly2tExfgZZA4OmhUpYI26unDP80PmgjzQhSUgCig9w
7B0ftXEpSFqzn7ETqt/sTkqU1JqCepwv9eAcac10l7S+f4Bd3u8sTttkMYoDXPQr
m81bIIGEi0KDne7zOmOxOjq04ZvJbjtnKgxS5H+xHcTKinOd7N4MW7yu26udrUun
Y9WckXQDFSt3dCzRjOA3tLezlaP1O/icO9QCw0A9YZOF0JYOgUagpbquptoERkea
3lVo
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:12 2024 by rpki-client on console.sobornost.net