Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/p95TkP9kEgZr3UAqVDk3n9T2diA.roa
File: p95TkP9kEgZr3UAqVDk3n9T2diA.roa (raw, json)
Hash identifier: DvqC5Nhu+cryP1cCztoBH/w9qpDfYSr3YswtQqRZ1uw=
Subject key identifier: A7:DE:53:90:FF:64:12:06:6B:DD:40:2A:54:39:37:9F:D4:F6:76:20
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C554E1199000C84A9FDE652BBB8A7
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/p95TkP9kEgZr3UAqVDk3n9T2diA.roa
Signing time: Thu 02 Jan 2025 09:50:21 +0000
ROA not before: Thu 02 Jan 2025 09:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8675
IP address blocks: 212.12.0.0/19 maxlen: 24
212.12.4.0/24 maxlen: 24
212.12.21.0/24 maxlen: 24
212.35.160.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:55:4e:11:99:00:0c:84:a9:fd:e6:52:bb:b8:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7de5390ff6412066bdd402a5439379fd4f67620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0c:6e:64:76:33:f1:15:57:39:64:2f:ae:43:
f6:a0:b4:62:3e:81:30:22:6f:8d:c1:d9:3a:de:e8:
84:e7:7f:bb:c2:1c:4d:f3:cb:f5:d6:1b:0e:1e:e9:
fd:ea:8e:b5:25:b4:d4:bc:ed:4d:1b:fb:a4:e7:4c:
e6:9c:68:04:6f:35:c8:62:ba:5a:1e:8e:97:6a:28:
22:ad:d3:b9:cd:62:09:1a:5a:8c:fd:ff:cc:59:cf:
24:4d:fb:fb:bf:41:9a:f7:07:4e:c2:ef:38:ce:2a:
42:8c:da:e6:28:b3:9d:81:45:88:28:14:b5:dc:35:
a3:dc:34:c3:41:1d:6c:d0:44:49:d4:95:4d:d9:a4:
54:f4:5f:52:0f:52:3b:cc:aa:34:2a:54:85:73:80:
2d:ad:1c:f2:b4:56:49:ab:e6:c9:23:93:4e:b8:57:
d9:6d:63:72:f9:6f:3e:ab:df:e8:f1:d9:e4:ec:41:
19:df:e6:d9:1f:53:ee:9e:50:99:49:bf:7f:21:ad:
f3:1b:86:2c:89:eb:82:68:40:b1:b1:5c:d2:6b:9e:
f0:c1:4b:93:8a:23:56:a6:3d:1d:7c:d7:f2:39:20:
b2:1c:f3:8b:5c:fe:f0:ed:f9:95:ba:b1:d9:67:14:
58:5b:1a:47:07:52:d7:77:d9:a9:33:25:c1:04:a6:
b0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:DE:53:90:FF:64:12:06:6B:DD:40:2A:54:39:37:9F:D4:F6:76:20
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/p95TkP9kEgZr3UAqVDk3n9T2diA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.12.0.0/19
212.35.160.0/19
Signature Algorithm: sha256WithRSAEncryption
45:39:26:41:ee:9b:26:eb:9d:7a:a9:27:45:f9:b2:70:14:2f:
19:84:fd:e2:ea:f2:a4:90:7f:26:bd:77:28:5e:cb:62:17:c3:
5c:40:57:b0:2d:6c:bd:2e:72:89:06:ca:05:ca:4d:76:29:df:
26:c9:7c:bc:ab:85:f4:4e:70:dc:1b:0e:b8:d6:a9:83:9c:8e:
7a:23:46:75:36:72:b2:dc:f8:35:c9:8c:70:1d:2c:93:0a:55:
1e:a1:bd:9d:3b:1e:ee:95:30:7e:17:b0:ab:ae:6f:28:52:3f:
44:01:43:92:75:99:fb:6b:2c:cd:86:b0:9b:38:1d:14:a2:fd:
fa:08:d8:38:dc:bb:cc:f1:61:be:1b:05:42:80:ff:56:87:25:
3c:4e:fc:52:cd:ff:f9:e0:3d:1b:1f:bb:cf:c4:26:f8:a3:00:
26:4e:9f:44:e6:95:9d:7c:d3:9c:74:70:55:d1:50:65:06:8d:
9e:ff:d8:9e:2b:81:f1:75:ee:d4:4a:38:e7:f5:61:3a:b8:5c:
85:37:92:94:1d:3b:32:06:c5:bb:08:f6:ea:88:10:68:5d:e3:
fa:e7:15:b4:b5:21:72:73:cf:69:44:8f:d5:31:2a:ae:d8:dc:
99:a1:73:fd:ee:8e:3a:68:6a:4b:c4:2b:e7:a0:ec:e3:1d:1b:
49:a7:0b:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmbFVOEZkADISp/eZSu7inMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2RlNTM5MGZmNjQxMjA2NmJkZDQwMmE1NDM5Mzc5ZmQ0ZjY3NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QxuZHYz8RVXOWQvrkP2oLRiPoEw
Im+Nwdk63uiE53+7whxN88v11hsOHun96o61JbTUvO1NG/uk50zmnGgEbzXIYrpa
Ho6XaigirdO5zWIJGlqM/f/MWc8kTfv7v0Ga9wdOwu84zipCjNrmKLOdgUWIKBS1
3DWj3DTDQR1s0ERJ1JVN2aRU9F9SD1I7zKo0KlSFc4AtrRzytFZJq+bJI5NOuFfZ
bWNy+W8+q9/o8dnk7EEZ3+bZH1PunlCZSb9/Ia3zG4YsieuCaECxsVzSa57wwUuT
iiNWpj0dfNfyOSCyHPOLXP7w7fmVurHZZxRYWxpHB1LXd9mpMyXBBKawGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKfeU5D/ZBIGa91AKlQ5N5/U9nYgMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcDk1VGtQOWtFZ1pyM1VBcVZEazNuOVQyZGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQF1AwAAwQF
1COgMA0GCSqGSIb3DQEBCwUAA4IBAQBFOSZB7psm6516qSdF+bJwFC8ZhP3i6vKk
kH8mvXcoXstiF8NcQFewLWy9LnKJBsoFyk12Kd8myXy8q4X0TnDcGw641qmDnI56
I0Z1NnKy3Pg1yYxwHSyTClUeob2dOx7ulTB+F7Crrm8oUj9EAUOSdZn7ayzNhrCb
OB0Uov36CNg43LvM8WG+GwVCgP9WhyU8TvxSzf/54D0bH7vPxCb4owAmTp9E5pWd
fNOcdHBV0VBlBo2e/9ieK4Hxde7USjjn9WE6uFyFN5KUHTsyBsW7CPbqiBBoXeP6
5xW0tSFyc89pRI/VMSqu2NyZoXP97o46aGpLxCvnoOzjHRtJpwtr
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net