Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/68Pu2AXLofchUtNF6ILNmHe7aBA.roa
File: 68Pu2AXLofchUtNF6ILNmHe7aBA.roa (raw, json)
Hash identifier: m7+3wmVwNxhGm0oBgBqHOjSzz8B848/6o4g8DtXdHHE=
Subject key identifier: EB:C3:EE:D8:05:CB:A1:F7:21:52:D3:45:E8:82:CD:98:77:BB:68:10
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 0194266C227B305D929E8070C3DF8057307B
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/68Pu2AXLofchUtNF6ILNmHe7aBA.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15731
IP address blocks: 212.23.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:22:7b:30:5d:92:9e:80:70:c3:df:80:57:30:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebc3eed805cba1f72152d345e882cd9877bb6810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e8:83:bb:70:2d:d2:fa:ad:08:bf:fe:1b:71:
ff:20:4a:47:88:68:c0:89:bd:ca:2d:b3:de:53:9d:
d2:83:22:0d:e2:40:55:9e:ee:53:17:35:af:64:61:
55:de:0a:65:7b:ab:aa:36:66:0a:64:28:d9:53:14:
7c:95:a3:0b:b3:92:d0:1f:2c:01:01:43:70:54:13:
e7:cc:31:b8:6e:b4:a2:bc:75:e4:a7:1f:f5:28:50:
81:96:5c:93:37:e2:72:51:49:ea:b9:bf:68:70:d8:
8a:12:fe:e0:2c:a2:a2:1f:59:7c:26:d8:d4:ec:04:
80:f8:31:ae:52:2c:92:4a:4a:d7:9c:41:fc:56:47:
22:63:5f:10:9b:cb:55:ae:e2:7a:4f:99:2b:31:fe:
90:b3:c8:69:43:3b:11:96:98:5b:68:2c:41:be:7f:
83:e0:90:a9:22:e0:b8:d0:6a:44:35:0d:fa:c2:70:
46:16:21:b7:b4:9c:f8:99:8d:a1:eb:b8:5e:4f:dd:
5c:cf:5d:e2:28:3f:03:3a:a5:e7:9c:8c:b5:c5:d8:
26:37:3f:7a:6b:e2:d2:f5:d3:23:18:58:87:5d:08:
9e:ee:d0:98:f9:4f:68:88:05:5b:40:b4:3f:a9:79:
45:c7:85:e1:9f:0b:2c:61:4f:cb:e2:4d:e6:93:56:
33:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C3:EE:D8:05:CB:A1:F7:21:52:D3:45:E8:82:CD:98:77:BB:68:10
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/68Pu2AXLofchUtNF6ILNmHe7aBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.210.0/24
Signature Algorithm: sha256WithRSAEncryption
66:99:4c:78:cc:c5:ac:d3:74:b3:c4:cc:02:fd:ea:e8:86:c0:
bc:10:0a:b9:9c:5e:81:ca:11:a0:3b:be:7a:d1:35:4c:25:8d:
ce:59:7d:0b:5c:39:20:2b:cc:2f:5f:86:b6:45:ef:4c:b2:56:
a4:04:7b:d3:2e:11:e5:8e:29:51:70:ea:b7:c9:50:65:e3:70:
1d:a7:ad:1d:e6:61:68:c4:dd:c7:c8:46:c0:38:82:24:61:ff:
18:c6:89:c6:95:f8:75:da:e8:36:6e:13:8a:62:a3:77:63:f8:
f0:c3:b2:b3:1f:05:95:5f:cf:13:8c:91:a5:99:37:97:d7:42:
bd:8b:ba:80:eb:17:16:77:ab:53:b6:57:77:ce:38:5c:72:76:
9e:47:5e:cb:db:b4:e0:c0:07:15:0d:db:86:4b:1b:bf:32:39:
d2:8a:66:8b:7d:a2:27:71:11:4b:ef:42:d0:5a:59:fb:20:5a:
4b:5a:69:f8:0d:43:a2:b9:e0:e0:04:a8:bd:b6:3c:b7:48:8e:
50:1b:a0:fc:4a:80:75:89:29:f4:0a:61:0f:ac:b0:4d:72:47:
06:51:0e:8f:b8:05:25:79:7b:54:85:bb:50:de:55:3a:ef:ad:
eb:bb:dd:83:0a:b8:a2:af:d1:31:a1:c8:55:46:0d:69:59:27:
13:34:cf:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCJ7MF2SnoBww9+AVzB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMzZWVkODA1Y2JhMWY3MjE1MmQzNDVlODgyY2Q5ODc3YmI2ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeiDu3At0vqtCL/+G3H/IEpHiGjA
ib3KLbPeU53SgyIN4kBVnu5TFzWvZGFV3gple6uqNmYKZCjZUxR8laMLs5LQHywB
AUNwVBPnzDG4brSivHXkpx/1KFCBllyTN+JyUUnqub9ocNiKEv7gLKKiH1l8JtjU
7ASA+DGuUiySSkrXnEH8VkciY18Qm8tVruJ6T5krMf6Qs8hpQzsRlphbaCxBvn+D
4JCpIuC40GpENQ36wnBGFiG3tJz4mY2h67heT91cz13iKD8DOqXnnIy1xdgmNz96
a+LS9dMjGFiHXQie7tCY+U9oiAVbQLQ/qXlFx4XhnwssYU/L4k3mk1YzFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvD7tgFy6H3IVLTReiCzZh3u2gQMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvNjhQdTJBWExvZmNoVXRORjZJTE5tSGU3YUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfSMA0G
CSqGSIb3DQEBCwUAA4IBAQBmmUx4zMWs03SzxMwC/erohsC8EAq5nF6ByhGgO756
0TVMJY3OWX0LXDkgK8wvX4a2Re9MslakBHvTLhHljilRcOq3yVBl43Adp60d5mFo
xN3HyEbAOIIkYf8YxonGlfh12ug2bhOKYqN3Y/jww7KzHwWVX88TjJGlmTeX10K9
i7qA6xcWd6tTtld3zjhccnaeR17L27TgwAcVDduGSxu/MjnSimaLfaIncRFL70LQ
Wln7IFpLWmn4DUOiueDgBKi9tjy3SI5QG6D8SoB1iSn0CmEPrLBNckcGUQ6PuAUl
eXtUhbtQ3lU6763ru92DCriir9ExochVRg1pWScTNM/z
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:25:08 2025 by rpki-client