Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/IczkJXhr43WZT8v3yUWzEcJkBw0.roa
File: IczkJXhr43WZT8v3yUWzEcJkBw0.roa (raw, json)
Hash identifier: LTXwRLr/WDRhlKr3y2cS8nQZO+NDEwmFh5j+X2jc1m0=
Subject key identifier: 21:CC:E4:25:78:6B:E3:75:99:4F:CB:F7:C9:45:B3:11:C2:64:07:0D
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 019420685D264B1BED967E39ABE19CAFAAB3
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/IczkJXhr43WZT8v3yUWzEcJkBw0.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5593
IP address blocks: 212.110.128.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5d:26:4b:1b:ed:96:7e:39:ab:e1:9c:af:aa:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21cce425786be375994fcbf7c945b311c264070d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5f:c2:3b:e2:11:65:77:f1:0f:7d:8d:1a:90:
e4:bd:c3:ff:4a:fe:30:17:d3:c3:c6:a1:e0:c8:fb:
27:e6:a2:3a:6c:cc:9c:4f:68:ee:dd:6b:1d:c7:2e:
29:76:32:47:88:57:97:bb:21:9b:90:da:74:9e:26:
a9:89:36:ab:6e:7f:b5:e4:e1:51:25:13:c0:26:0f:
60:7b:4a:a5:18:d5:06:d1:6f:de:2a:d0:59:ed:b1:
b4:bf:fe:f6:63:8b:cd:13:fd:cf:d4:64:ef:46:f5:
03:12:ac:81:da:3b:6c:4d:7e:8c:51:24:7e:c9:34:
e9:44:02:66:d7:93:2e:c0:49:f0:32:8a:78:de:7a:
eb:a2:5f:62:35:10:0e:0b:71:8a:74:75:5b:32:01:
35:a0:c7:4c:82:3a:af:4b:10:9b:db:43:54:8b:b4:
46:f8:bc:24:c6:6e:90:39:87:2e:fd:14:72:4a:87:
a0:0c:86:13:4b:32:45:06:7a:56:6b:7f:d8:51:8a:
2f:82:f5:68:19:9f:f2:f5:c1:bc:95:76:02:33:61:
55:a6:a1:1a:d6:38:d1:b6:49:5f:c0:09:2f:48:f2:
39:d8:a6:81:bd:41:04:a8:60:7f:3b:28:4e:d9:17:
07:c2:bd:00:f1:95:ee:91:b5:c3:10:b2:c2:0b:0b:
c9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CC:E4:25:78:6B:E3:75:99:4F:CB:F7:C9:45:B3:11:C2:64:07:0D
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/IczkJXhr43WZT8v3yUWzEcJkBw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.110.128.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b7:59:ef:20:6f:0f:2c:59:12:5a:6f:77:51:c8:e9:e7:65:
f1:c4:3e:28:91:51:89:60:54:4c:c4:1a:7c:be:08:f2:7d:c1:
7f:81:31:0a:27:c2:74:51:35:9c:ed:38:7c:7f:74:74:01:b2:
9d:b2:be:97:df:82:e1:a7:59:bb:c7:b4:0b:92:c0:06:21:b2:
21:9e:c6:b0:35:ae:7f:31:0f:81:b0:43:b9:21:8d:03:a3:30:
21:48:34:41:c3:27:43:0f:6e:76:e9:bc:e8:dd:8e:58:52:6b:
c7:38:50:94:74:0c:99:3d:b1:0b:09:b4:25:43:52:d5:77:b4:
52:90:f1:d0:0f:c5:b9:a6:f3:67:26:ed:99:1a:c9:2f:1e:6a:
da:21:cf:6f:f0:7b:32:22:72:f0:91:ba:27:06:48:2d:e5:53:
53:b0:92:be:0b:d4:1a:c5:63:24:fa:df:7e:85:9f:a9:65:3c:
77:5d:da:1e:c5:3e:46:9e:ec:cf:52:d8:14:73:f1:65:fe:d0:
cb:2e:cb:7d:14:42:a6:3f:12:c7:2a:38:cb:04:f1:60:63:c2:
e8:3c:e5:95:48:1c:69:e2:db:14:ec:91:76:b4:42:d2:6d:64:
17:39:9f:e8:32:2c:16:99:32:21:a3:7a:9d:c4:04:90:90:34:
e9:a2:2a:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaF0mSxvtln45q+Gcr6qzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWNjZTQyNTc4NmJlMzc1OTk0ZmNiZjdjOTQ1YjMxMWMyNjQwNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1/CO+IRZXfxD32NGpDkvcP/Sv4w
F9PDxqHgyPsn5qI6bMycT2ju3Wsdxy4pdjJHiFeXuyGbkNp0niapiTarbn+15OFR
JRPAJg9ge0qlGNUG0W/eKtBZ7bG0v/72Y4vNE/3P1GTvRvUDEqyB2jtsTX6MUSR+
yTTpRAJm15MuwEnwMop43nrrol9iNRAOC3GKdHVbMgE1oMdMgjqvSxCb20NUi7RG
+Lwkxm6QOYcu/RRySoegDIYTSzJFBnpWa3/YUYovgvVoGZ/y9cG8lXYCM2FVpqEa
1jjRtklfwAkvSPI52KaBvUEEqGB/OyhO2RcHwr0A8ZXukbXDELLCCwvJgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHM5CV4a+N1mU/L98lFsxHCZAcNMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvSWN6a0pYaHI0M1daVDh2M3lVV3pFY0prQncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1G6AMA0G
CSqGSIb3DQEBCwUAA4IBAQBJt1nvIG8PLFkSWm93Ucjp52XxxD4okVGJYFRMxBp8
vgjyfcF/gTEKJ8J0UTWc7Th8f3R0AbKdsr6X34Lhp1m7x7QLksAGIbIhnsawNa5/
MQ+BsEO5IY0DozAhSDRBwydDD2526bzo3Y5YUmvHOFCUdAyZPbELCbQlQ1LVd7RS
kPHQD8W5pvNnJu2ZGskvHmraIc9v8HsyInLwkbonBkgt5VNTsJK+C9QaxWMk+t9+
hZ+pZTx3XdoexT5GnuzPUtgUc/Fl/tDLLst9FEKmPxLHKjjLBPFgY8LoPOWVSBxp
4tsU7JF2tELSbWQXOZ/oMiwWmTIho3qdxASQkDTpoioy
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:49:01 2025 by rpki-client