Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/00IasE-o8chBNSoJdt3smuycCow.roa
File: 00IasE-o8chBNSoJdt3smuycCow.roa (raw, json)
Hash identifier: pV/5gFRP1JCOYIjBq4kIT8BYMxCvMc+8eXCSruPkrAc=
Subject key identifier: D3:42:1A:B0:4F:A8:F1:C8:41:35:2A:09:76:DD:EC:9A:EC:9C:0A:8C
Certificate issuer: /CN=a3787d2be6eac36c1d2780f786b87c9e153e81f1
Certificate serial: 019421B2013DDB057FEC6B90B75CD39EA1D1
Authority key identifier: A3:78:7D:2B:E6:EA:C3:6C:1D:27:80:F7:86:B8:7C:9E:15:3E:81:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/00IasE-o8chBNSoJdt3smuycCow.roa
Signing time: Wed 01 Jan 2025 11:48:21 +0000
ROA not before: Wed 01 Jan 2025 11:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61344
IP address blocks: 212.66.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:01:3d:db:05:7f:ec:6b:90:b7:5c:d3:9e:a1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3787d2be6eac36c1d2780f786b87c9e153e81f1
Validity
Not Before: Jan 1 11:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3421ab04fa8f1c841352a0976ddec9aec9c0a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f2:b4:2f:0b:b0:4a:cd:0e:f4:1b:ba:00:1b:
5c:75:cc:eb:f1:95:98:d2:8c:4f:ca:61:ff:71:80:
93:a6:8a:20:2e:36:39:0c:c3:90:50:0d:76:01:25:
4f:0d:27:37:2a:65:44:02:00:41:03:87:39:79:52:
40:20:91:3e:f9:df:1f:45:2a:14:26:8d:ab:29:82:
95:73:9f:a6:04:e1:5c:72:c9:b3:41:21:31:85:02:
be:26:fb:cd:41:47:ba:83:2f:b2:02:90:a8:13:ec:
28:b8:f5:ad:19:fb:9d:b3:16:1e:45:b1:14:d4:d1:
fe:c3:29:9c:ce:1d:f6:e3:1a:26:66:b8:ee:80:2c:
da:ec:47:70:12:fc:5b:26:83:86:f8:35:e6:39:95:
0d:44:d7:e3:7c:1b:f5:94:f0:ea:d3:ce:98:45:de:
19:4c:30:1a:b0:cd:44:29:f2:8c:4b:51:80:77:c2:
05:5d:93:d7:4a:2b:de:df:19:97:90:49:81:6e:b2:
e3:8f:ee:b0:f1:af:f6:ac:87:e2:54:66:7c:1f:ce:
7e:d3:e6:52:e2:00:08:45:02:90:6e:41:64:4c:2f:
99:b3:de:76:52:80:0b:06:b4:37:f3:71:20:66:40:
67:d3:a4:7a:60:1d:6a:c2:5a:e9:e2:52:d5:51:50:
59:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:42:1A:B0:4F:A8:F1:C8:41:35:2A:09:76:DD:EC:9A:EC:9C:0A:8C
X509v3 Authority Key Identifier:
keyid:A3:78:7D:2B:E6:EA:C3:6C:1D:27:80:F7:86:B8:7C:9E:15:3E:81:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/00IasE-o8chBNSoJdt3smuycCow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f565d7-32af-4be1-82ac-b602cedac36c/1/o3h9K-bqw2wdJ4D3hrh8nhU-gfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.66.61.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:1c:85:fc:f1:5c:e8:06:2f:f8:70:40:95:07:26:cb:d8:0e:
a2:93:cd:d2:55:f3:74:02:8f:9d:ba:a1:7c:22:af:44:75:28:
d3:56:1b:89:77:d5:51:7d:43:41:d8:63:11:cf:09:8c:63:c4:
fe:52:b8:30:3d:ad:ff:ab:a6:3f:fc:c1:cf:f4:2e:42:75:42:
4b:40:bc:f9:9f:70:13:06:68:90:a3:8f:10:17:bb:ce:fe:8e:
be:bb:8e:9a:05:22:16:25:e9:f1:84:ad:1e:c8:0f:4e:33:16:
7d:60:42:fe:83:ed:c4:21:c2:7a:3d:c8:0a:b3:c9:3c:cc:44:
89:0c:79:e5:ef:6d:4c:51:39:e9:9b:da:8e:f1:45:76:4b:89:
4f:6f:d9:e6:29:2b:c4:21:d9:2d:ea:73:cc:48:9e:b4:3c:15:
77:a2:2a:1d:8e:18:ac:14:57:98:7f:3b:67:41:78:81:12:3b:
11:cd:c3:4b:52:6a:08:f9:2d:b7:4f:db:73:6e:e8:ab:44:7d:
5d:b7:c2:5e:22:a2:ca:7a:12:3d:3c:b8:2f:30:ab:75:ae:ff:
58:29:2e:56:4a:4e:62:c6:6d:7d:52:8a:17:a9:c3:b4:d0:3d:
89:c8:87:a9:84:67:c5:78:53:69:84:53:d7:4c:0a:36:75:9c:
e4:db:90:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsgE92wV/7GuQt1zTnqHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzg3ZDJiZTZlYWMzNmMxZDI3ODBmNzg2Yjg3YzllMTUz
ZTgxZjEwHhcNMjUwMTAxMTE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQyMWFiMDRmYThmMWM4NDEzNTJhMDk3NmRkZWM5YWVjOWMwYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvK0LwuwSs0O9Bu6ABtcdczr8ZWY
0oxPymH/cYCTpoogLjY5DMOQUA12ASVPDSc3KmVEAgBBA4c5eVJAIJE++d8fRSoU
Jo2rKYKVc5+mBOFccsmzQSExhQK+JvvNQUe6gy+yApCoE+wouPWtGfudsxYeRbEU
1NH+wymczh324xomZrjugCza7EdwEvxbJoOG+DXmOZUNRNfjfBv1lPDq086YRd4Z
TDAasM1EKfKMS1GAd8IFXZPXSive3xmXkEmBbrLjj+6w8a/2rIfiVGZ8H85+0+ZS
4gAIRQKQbkFkTC+Zs952UoALBrQ383EgZkBn06R6YB1qwlrp4lLVUVBZvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNCGrBPqPHIQTUqCXbd7JrsnAqMMB8GA1UdIwQY
MBaAFKN4fSvm6sNsHSeA94a4fJ4VPoHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNoOUstYnF3MndkSjREM2hyaDhuaFUtZ2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mNTY1ZDctMzJhZi00YmUxLTgyYWMt
YjYwMmNlZGFjMzZjLzEvMDBJYXNFLW84Y2hCTlNvSmR0M3NtdXljQ293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9mNTY1ZDctMzJhZi00YmUxLTgyYWMtYjYwMmNlZGFjMzZj
LzEvbzNoOUstYnF3MndkSjREM2hyaDhuaFUtZ2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EI9MA0G
CSqGSIb3DQEBCwUAA4IBAQCNHIX88VzoBi/4cECVBybL2A6ik83SVfN0Ao+duqF8
Iq9EdSjTVhuJd9VRfUNB2GMRzwmMY8T+UrgwPa3/q6Y//MHP9C5CdUJLQLz5n3AT
BmiQo48QF7vO/o6+u46aBSIWJenxhK0eyA9OMxZ9YEL+g+3EIcJ6PcgKs8k8zESJ
DHnl721MUTnpm9qO8UV2S4lPb9nmKSvEIdkt6nPMSJ60PBV3oiodjhisFFeYfztn
QXiBEjsRzcNLUmoI+S23T9tzbuirRH1dt8JeIqLKehI9PLgvMKt1rv9YKS5WSk5i
xm19UooXqcO00D2JyIephGfFeFNphFPXTAo2dZzk25Ao
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:52:23 2025 by rpki-client