Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/ThUJ8aSmMtP4aHcJCzzypfLa8ic.roa
File: ThUJ8aSmMtP4aHcJCzzypfLa8ic.roa (raw, json)
Hash identifier: dNkVlGDZVTIktuBX7rmx/RdrVxwALHhLlc8K3va90zE=
Subject key identifier: 4E:15:09:F1:A4:A6:32:D3:F8:68:77:09:0B:3C:F2:A5:F2:DA:F2:27
Certificate issuer: /CN=881af85f81dd3f3b24ab14ed1f42c7cc466502f0
Certificate serial: 01941FFA84042F58F6178A9E392B33F48710
Authority key identifier: 88:1A:F8:5F:81:DD:3F:3B:24:AB:14:ED:1F:42:C7:CC:46:65:02:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBr4X4HdPzskqxTtH0LHzEZlAvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/ThUJ8aSmMtP4aHcJCzzypfLa8ic.roa
Signing time: Wed 01 Jan 2025 03:48:19 +0000
ROA not before: Wed 01 Jan 2025 03:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12808
IP address blocks: 212.125.32.0/19 maxlen: 24
212.125.52.0/22 maxlen: 24
212.125.56.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:84:04:2f:58:f6:17:8a:9e:39:2b:33:f4:87:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881af85f81dd3f3b24ab14ed1f42c7cc466502f0
Validity
Not Before: Jan 1 03:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e1509f1a4a632d3f86877090b3cf2a5f2daf227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1a:de:4d:f2:eb:13:86:8f:35:4e:7c:34:48:
9e:30:d0:7e:09:b5:18:38:b2:0d:1a:61:7d:42:27:
8c:7b:b4:1f:2c:99:97:f2:af:76:7e:4e:40:ea:aa:
95:35:9e:b2:bd:ae:93:52:61:14:48:a2:89:de:17:
1c:aa:00:de:9e:7c:79:e9:7b:dd:d3:33:5d:63:52:
f9:8b:3a:3a:80:72:7a:11:bd:fc:02:17:7a:1d:25:
e4:77:2f:ea:ab:20:10:9b:ce:b7:75:a9:48:99:a5:
be:e1:e0:68:6a:f5:bb:71:20:4e:c8:b3:e3:f1:89:
5b:72:d9:4a:07:e7:d8:b2:08:94:92:ca:54:a5:c1:
b8:75:7d:98:c8:6c:fa:63:2a:95:dc:4e:8c:05:6a:
fa:1a:5a:5f:9a:ab:61:8c:c7:a3:bd:35:f1:20:89:
55:93:08:ea:80:34:29:da:7f:2c:29:96:3d:f5:4f:
81:59:72:67:68:9b:6b:2c:bf:9c:d0:8d:83:9d:17:
5a:61:97:8e:63:9b:20:1b:57:86:0f:20:84:c5:e1:
14:87:b5:58:0b:9f:94:1f:be:eb:3c:f3:6e:5c:7b:
d3:7e:58:d3:66:65:88:3c:7d:83:81:ee:5f:f7:60:
40:5f:97:5f:a5:c4:eb:1f:88:05:ed:c1:ef:8e:c5:
27:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:15:09:F1:A4:A6:32:D3:F8:68:77:09:0B:3C:F2:A5:F2:DA:F2:27
X509v3 Authority Key Identifier:
keyid:88:1A:F8:5F:81:DD:3F:3B:24:AB:14:ED:1F:42:C7:CC:46:65:02:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBr4X4HdPzskqxTtH0LHzEZlAvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/ThUJ8aSmMtP4aHcJCzzypfLa8ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/iBr4X4HdPzskqxTtH0LHzEZlAvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:67:6e:9e:1e:ee:c1:b3:9c:ec:65:7d:8d:54:03:0b:5e:41:
8b:a8:1e:04:3d:f5:73:fb:a0:4d:80:44:43:df:3f:d5:f7:56:
6a:a6:0c:eb:24:ba:58:ff:30:5d:c2:5d:72:d8:46:9d:69:08:
7b:95:f9:2f:4c:39:0e:37:f3:49:10:3f:7b:47:46:95:8e:ab:
8f:32:09:e9:46:3f:7e:f7:a3:af:a6:62:5d:a2:1a:65:9a:81:
8a:c6:6e:c9:45:8b:84:4d:f7:9b:ef:6d:9f:0b:e0:eb:f6:d9:
50:11:b6:cc:c2:6f:63:c5:12:d9:96:44:65:3c:2c:7a:fb:4f:
13:e6:e9:9d:70:da:b6:66:71:ef:32:0b:9a:b4:a4:47:ef:a9:
2a:67:b3:d9:92:c9:3c:e9:7e:7c:d9:c8:b0:8c:bb:8f:fc:67:
e6:ae:64:db:a7:52:d7:0c:a9:88:7d:6c:90:c0:ac:7b:cb:e5:
d6:96:2c:2c:0e:a7:3d:20:05:54:4d:84:76:b9:08:30:fe:6a:
21:fc:0d:09:7a:02:6f:89:03:c1:30:74:31:68:d6:6a:82:53:
4d:98:dc:2e:d0:32:95:ee:da:a0:43:81:fc:9e:c8:2b:73:8d:
71:b4:44:69:bf:43:73:f5:3e:e9:82:11:e9:2b:d1:43:d6:9f:
b0:cf:cd:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+oQEL1j2F4qeOSsz9IcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWFmODVmODFkZDNmM2IyNGFiMTRlZDFmNDJjN2NjNDY2
NTAyZjAwHhcNMjUwMTAxMDM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTE1MDlmMWE0YTYzMmQzZjg2ODc3MDkwYjNjZjJhNWYyZGFmMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRreTfLrE4aPNU58NEieMNB+CbUY
OLINGmF9QieMe7QfLJmX8q92fk5A6qqVNZ6yva6TUmEUSKKJ3hccqgDennx56Xvd
0zNdY1L5izo6gHJ6Eb38Ahd6HSXkdy/qqyAQm863dalImaW+4eBoavW7cSBOyLPj
8YlbctlKB+fYsgiUkspUpcG4dX2YyGz6YyqV3E6MBWr6GlpfmqthjMejvTXxIIlV
kwjqgDQp2n8sKZY99U+BWXJnaJtrLL+c0I2DnRdaYZeOY5sgG1eGDyCExeEUh7VY
C5+UH77rPPNuXHvTfljTZmWIPH2Dge5f92BAX5dfpcTrH4gF7cHvjsUn6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE4VCfGkpjLT+Gh3CQs88qXy2vInMB8GA1UdIwQY
MBaAFIga+F+B3T87JKsU7R9Cx8xGZQLwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJyNFg0SGRQenNrcXhUdEgwTEh6RVpsQXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kNDQyYTctNzRlNi00NzZhLTg3NTUt
ZjI1NTY1OGJiODgxLzEvVGhVSjhhU21NdFA0YUhjSkN6enlwZkxhOGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kNDQyYTctNzRlNi00NzZhLTg3NTUtZjI1NTY1OGJiODgx
LzEvaUJyNFg0SGRQenNrcXhUdEgwTEh6RVpsQXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1H0gMA0G
CSqGSIb3DQEBCwUAA4IBAQCOZ26eHu7Bs5zsZX2NVAMLXkGLqB4EPfVz+6BNgERD
3z/V91ZqpgzrJLpY/zBdwl1y2EadaQh7lfkvTDkON/NJED97R0aVjquPMgnpRj9+
96OvpmJdohplmoGKxm7JRYuETfeb722fC+Dr9tlQEbbMwm9jxRLZlkRlPCx6+08T
5umdcNq2ZnHvMguatKRH76kqZ7PZksk86X582ciwjLuP/GfmrmTbp1LXDKmIfWyQ
wKx7y+XWliwsDqc9IAVUTYR2uQgw/moh/A0JegJviQPBMHQxaNZqglNNmNwu0DKV
7tqgQ4H8nsgrc41xtERpv0Nz9T7pghHpK9FD1p+wz82U
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:10 2025 by rpki-client