Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/quZyu716dxS9mdBeGNCJZ1sGIZM.roa
File: quZyu716dxS9mdBeGNCJZ1sGIZM.roa (raw, json)
Hash identifier: MPvLxa0c+riXjzyelLJV18hBBvFNCarL2WtEM/bk6Os=
Subject key identifier: AA:E6:72:BB:BD:7A:77:14:BD:99:D0:5E:18:D0:89:67:5B:06:21:93
Certificate issuer: /CN=202f4c1a37e9313cdd2eea7750ae028d18cd5aae
Certificate serial: 019426D9B209BEF440763E48F62DF4A2EC6B
Authority key identifier: 20:2F:4C:1A:37:E9:31:3C:DD:2E:EA:77:50:AE:02:8D:18:CD:5A:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/quZyu716dxS9mdBeGNCJZ1sGIZM.roa
Signing time: Thu 02 Jan 2025 11:49:48 +0000
ROA not before: Thu 02 Jan 2025 11:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35179
IP address blocks: 212.127.78.0/24 maxlen: 24
212.127.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b2:09:be:f4:40:76:3e:48:f6:2d:f4:a2:ec:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=202f4c1a37e9313cdd2eea7750ae028d18cd5aae
Validity
Not Before: Jan 2 11:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aae672bbbd7a7714bd99d05e18d089675b062193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:eb:0f:56:1e:f0:30:81:13:ec:9b:df:da:5d:
fd:2e:d7:53:ed:49:54:63:01:82:90:70:60:27:7b:
99:c7:db:c4:fe:18:f4:10:f2:a8:bd:16:89:90:1f:
e0:64:f5:d9:51:0d:c5:23:84:0d:8f:a5:8e:70:83:
38:45:a7:96:e2:15:9c:2c:12:3b:a0:b2:9e:6b:e1:
26:e1:7b:0d:4e:85:79:4a:80:3e:8f:27:01:49:5a:
33:9b:9a:c1:73:2a:5d:7f:70:5c:bb:a2:e6:43:58:
d8:b1:64:b8:61:50:49:b5:98:88:04:7e:b6:e8:55:
6c:e8:94:0e:1e:31:42:16:0c:5d:12:d2:15:01:fe:
67:ab:33:b3:d6:c9:9b:39:59:01:81:6d:fb:8f:c0:
47:ee:b9:a3:dd:2b:f0:21:24:e9:d4:27:84:48:9d:
e0:d6:5b:24:67:89:64:53:fc:64:33:21:f4:6b:cd:
da:7e:c3:2a:a3:77:69:57:f8:57:3a:9f:9a:79:aa:
2a:96:66:f7:46:60:35:2b:dc:07:7f:93:03:77:be:
0d:33:37:51:45:3f:69:d4:99:15:ce:c4:76:14:94:
8d:7c:03:2a:e5:fd:40:ab:1e:78:8e:72:15:6f:c5:
da:4c:ee:63:8a:77:b7:e5:ae:7b:1b:a2:9c:00:c8:
c6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E6:72:BB:BD:7A:77:14:BD:99:D0:5E:18:D0:89:67:5B:06:21:93
X509v3 Authority Key Identifier:
keyid:20:2F:4C:1A:37:E9:31:3C:DD:2E:EA:77:50:AE:02:8D:18:CD:5A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/quZyu716dxS9mdBeGNCJZ1sGIZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/IC9MGjfpMTzdLup3UK4CjRjNWq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.127.78.0/24
212.127.88.0/21
Signature Algorithm: sha256WithRSAEncryption
24:c0:fc:43:db:0c:58:7b:63:7f:66:7c:1b:f4:ea:2d:7a:87:
92:5b:9a:81:94:6d:25:5a:84:71:dd:d5:57:5f:e3:7b:4e:ee:
9c:59:0b:ab:7a:be:af:fc:d4:b3:03:b3:68:62:c9:6f:03:81:
05:fa:7d:65:06:c8:99:ee:ee:d1:4f:00:c1:02:c7:c1:a6:cc:
fc:30:3d:b5:47:c1:32:55:1c:af:01:78:71:59:b0:a1:9a:9a:
dc:da:9d:35:2d:87:a0:f2:f6:d0:96:55:50:1b:d6:35:03:73:
8d:b4:96:89:48:34:82:0b:5d:66:e9:bb:62:a0:74:5c:85:40:
ce:3f:22:9b:ea:c2:20:e1:50:3a:ea:3b:7f:3b:1c:d6:c9:d6:
cc:2c:bd:20:30:d7:b2:b6:39:d5:7e:38:51:3b:4e:ac:66:d2:
cb:0e:70:5a:e9:6c:70:9d:cd:a6:75:5b:82:b0:a0:41:34:31:
c7:58:f5:ec:34:1b:4f:e9:d3:5a:0b:dc:cd:4c:aa:1d:4c:04:
b9:6a:6a:21:0a:93:b5:6d:9a:f4:9c:fc:76:7e:55:52:f0:a6:
07:d4:41:66:a3:d8:3b:32:a1:4f:e1:bb:2d:5a:68:2b:71:7a:
b9:48:55:5e:93:b5:47:e3:c6:58:4b:4c:eb:7c:fe:05:37:44:
42:7e:b3:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2bIJvvRAdj5I9i30ouxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMmY0YzFhMzdlOTMxM2NkZDJlZWE3NzUwYWUwMjhkMThj
ZDVhYWUwHhcNMjUwMTAyMTE0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU2NzJiYmJkN2E3NzE0YmQ5OWQwNWUxOGQwODk2NzViMDYyMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOsPVh7wMIET7Jvf2l39LtdT7UlU
YwGCkHBgJ3uZx9vE/hj0EPKovRaJkB/gZPXZUQ3FI4QNj6WOcIM4RaeW4hWcLBI7
oLKea+Em4XsNToV5SoA+jycBSVozm5rBcypdf3Bcu6LmQ1jYsWS4YVBJtZiIBH62
6FVs6JQOHjFCFgxdEtIVAf5nqzOz1smbOVkBgW37j8BH7rmj3SvwISTp1CeESJ3g
1lskZ4lkU/xkMyH0a83afsMqo3dpV/hXOp+aeaoqlmb3RmA1K9wHf5MDd74NMzdR
RT9p1JkVzsR2FJSNfAMq5f1Aqx54jnIVb8XaTO5jine35a57G6KcAMjGGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKrmcru9encUvZnQXhjQiWdbBiGTMB8GA1UdIwQY
MBaAFCAvTBo36TE83S7qd1CuAo0YzVquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUM5TUdqZnBNVHpkTHVwM1VLNENqUmpOV3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZGI4Y2QtMDAzZC00ODNhLTkwNmEt
ZjZiNzhlMmIxN2ExLzEvcXVaeXU3MTZkeFM5bWRCZUdOQ0paMXNHSVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZGI4Y2QtMDAzZC00ODNhLTkwNmEtZjZiNzhlMmIxN2Ex
LzEvSUM5TUdqZnBNVHpkTHVwM1VLNENqUmpOV3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1H9OAwQD
1H9YMA0GCSqGSIb3DQEBCwUAA4IBAQAkwPxD2wxYe2N/Znwb9OoteoeSW5qBlG0l
WoRx3dVXX+N7Tu6cWQurer6v/NSzA7NoYslvA4EF+n1lBsiZ7u7RTwDBAsfBpsz8
MD21R8EyVRyvAXhxWbChmprc2p01LYeg8vbQllVQG9Y1A3ONtJaJSDSCC11m6bti
oHRchUDOPyKb6sIg4VA66jt/OxzWydbMLL0gMNeytjnVfjhRO06sZtLLDnBa6Wxw
nc2mdVuCsKBBNDHHWPXsNBtP6dNaC9zNTKodTAS5amohCpO1bZr0nPx2flVS8KYH
1EFmo9g7MqFP4bstWmgrcXq5SFVek7VH48ZYS0zrfP4FN0RCfrOY
-----END CERTIFICATE-----
Generated at Fri Apr 25 23:51:36 2025 by rpki-client