Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/8qU7PW-1jRTW26c9BxYT5_0Bc9U.roa
File: 8qU7PW-1jRTW26c9BxYT5_0Bc9U.roa (raw, json)
Hash identifier: HOmxtNFCl//oq/U3tRw6KwgqtgI+NdJR6gPDxjaAFLQ=
Subject key identifier: F2:A5:3B:3D:6F:B5:8D:14:D6:DB:A7:3D:07:16:13:E7:FD:01:73:D5
Certificate issuer: /CN=cbf23be1115f022aa269d9cea439bb8b492307e2
Certificate serial: 01942520CC048289E89AC50828D4601EC6C4
Authority key identifier: CB:F2:3B:E1:11:5F:02:2A:A2:69:D9:CE:A4:39:BB:8B:49:23:07:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_I74RFfAiqiadnOpDm7i0kjB-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/8qU7PW-1jRTW26c9BxYT5_0Bc9U.roa
Signing time: Thu 02 Jan 2025 03:48:13 +0000
ROA not before: Thu 02 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201755
IP address blocks: 185.64.252.0/22 maxlen: 24
2a03:17a0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:cc:04:82:89:e8:9a:c5:08:28:d4:60:1e:c6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf23be1115f022aa269d9cea439bb8b492307e2
Validity
Not Before: Jan 2 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2a53b3d6fb58d14d6dba73d071613e7fd0173d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:c7:9c:8a:9a:f8:a9:dc:52:8a:c0:4d:ba:
c9:0e:15:d5:fe:b4:c2:57:9b:bb:ac:b3:f7:7c:6e:
4a:31:8e:98:9b:d7:46:d5:b0:94:f4:2b:d5:1d:0d:
b1:29:c8:e4:c7:a5:4b:3b:ac:65:94:59:d7:9b:3d:
61:53:58:e8:7e:32:fb:a2:06:f9:cc:06:2b:1f:23:
6f:6d:6e:a1:c5:a0:0e:f4:9c:66:60:1e:d1:4a:94:
56:88:36:40:b5:d4:18:23:f5:07:4c:5e:be:d5:49:
2a:7b:2a:86:d4:c1:d6:14:dd:e3:28:4f:b2:9e:ae:
22:65:45:70:a1:3f:d7:bd:8c:80:28:c9:46:35:b4:
7f:2d:fc:8f:94:39:fe:d8:08:4a:fa:5c:72:4d:50:
c3:64:26:85:1d:83:8e:d5:93:e0:fc:bf:40:f6:32:
40:15:96:c5:29:9c:0c:5f:75:48:df:5b:b3:38:9d:
f5:e5:dc:1c:6c:08:08:3d:3b:65:63:0c:4e:fe:58:
f0:da:4f:d3:b5:fc:cc:49:17:3f:af:06:f6:18:b2:
b2:a6:5d:6e:ca:6d:34:c2:80:b4:c4:dd:e0:78:5c:
0c:d5:85:bc:e8:ac:bc:24:ca:0f:ac:65:c6:fa:7f:
dc:82:a9:8c:72:99:7b:28:1e:8a:93:1a:7d:0c:a8:
f7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A5:3B:3D:6F:B5:8D:14:D6:DB:A7:3D:07:16:13:E7:FD:01:73:D5
X509v3 Authority Key Identifier:
keyid:CB:F2:3B:E1:11:5F:02:2A:A2:69:D9:CE:A4:39:BB:8B:49:23:07:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_I74RFfAiqiadnOpDm7i0kjB-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/8qU7PW-1jRTW26c9BxYT5_0Bc9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/y_I74RFfAiqiadnOpDm7i0kjB-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.252.0/22
IPv6:
2a03:17a0::/32
Signature Algorithm: sha256WithRSAEncryption
92:1a:cc:e3:e1:20:02:25:cb:18:b8:87:48:6a:92:46:02:8d:
50:88:c3:af:5d:f5:72:bb:00:de:b2:9b:5e:72:5d:4c:3e:82:
ca:7a:79:96:7e:1d:58:a5:7a:6e:34:93:05:56:4c:7e:d2:92:
d5:92:c9:4c:75:85:aa:43:a1:a9:3a:9e:00:47:87:4f:1e:84:
48:03:a6:e8:2e:df:5d:f2:5d:d2:fa:93:3f:44:2f:ef:99:a9:
0c:a4:0a:ae:24:55:62:75:cd:a2:29:4b:af:51:84:91:e4:64:
4f:ce:d9:9f:bb:1b:51:3e:2b:7f:a2:8c:cf:4d:b9:7d:da:56:
00:41:2a:9b:d2:a5:a9:5c:d7:64:f3:7b:6a:11:57:75:76:ec:
57:d5:15:4c:c2:5d:b8:3d:7e:60:f9:e8:02:83:8c:c7:40:bd:
a1:e6:f2:94:a7:ce:86:e3:d9:1c:5c:dd:11:32:0e:9d:03:fc:
6a:c4:a9:2d:33:2e:7e:28:ee:81:50:e0:cb:60:bc:c6:bd:1d:
82:d9:dc:6d:24:59:66:bd:0a:d9:34:a0:f5:33:92:6c:d2:a9:
59:f1:54:d8:fd:2d:87:83:f1:f4:db:f1:b7:bd:0e:bd:0a:97:
5c:2a:c5:38:ed:ef:4f:4b:cb:9c:79:28:6a:1d:21:cb:2b:67:
05:f0:24:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIMwEgonomsUIKNRgHsbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjIzYmUxMTE1ZjAyMmFhMjY5ZDljZWE0MzliYjhiNDky
MzA3ZTIwHhcNMjUwMTAyMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE1M2IzZDZmYjU4ZDE0ZDZkYmE3M2QwNzE2MTNlN2ZkMDE3M2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorXHnIqa+KncUorATbrJDhXV/rTC
V5u7rLP3fG5KMY6Ym9dG1bCU9CvVHQ2xKcjkx6VLO6xllFnXmz1hU1jofjL7ogb5
zAYrHyNvbW6hxaAO9JxmYB7RSpRWiDZAtdQYI/UHTF6+1UkqeyqG1MHWFN3jKE+y
nq4iZUVwoT/XvYyAKMlGNbR/LfyPlDn+2AhK+lxyTVDDZCaFHYOO1ZPg/L9A9jJA
FZbFKZwMX3VI31uzOJ315dwcbAgIPTtlYwxO/ljw2k/TtfzMSRc/rwb2GLKypl1u
ym00woC0xN3geFwM1YW86Ky8JMoPrGXG+n/cgqmMcpl7KB6Kkxp9DKj3+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPKlOz1vtY0U1tunPQcWE+f9AXPVMB8GA1UdIwQY
MBaAFMvyO+ERXwIqomnZzqQ5u4tJIwfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9JNzRSRmZBaXFpYWRuT3BEbTdpMGtqQi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81NjMxM2YtZWM0ZS00YzFjLWIzODgt
YmUzMjUyYWM0OTgwLzEvOHFVN1BXLTFqUlRXMjZjOUJ4WVQ1XzBCYzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81NjMxM2YtZWM0ZS00YzFjLWIzODgtYmUzMjUyYWM0OTgw
LzEveV9JNzRSRmZBaXFpYWRuT3BEbTdpMGtqQi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUD8MA0E
AgACMAcDBQAqAxegMA0GCSqGSIb3DQEBCwUAA4IBAQCSGszj4SACJcsYuIdIapJG
Ao1QiMOvXfVyuwDesptecl1MPoLKenmWfh1YpXpuNJMFVkx+0pLVkslMdYWqQ6Gp
Op4AR4dPHoRIA6boLt9d8l3S+pM/RC/vmakMpAquJFVidc2iKUuvUYSR5GRPztmf
uxtRPit/oozPTbl92lYAQSqb0qWpXNdk83tqEVd1duxX1RVMwl24PX5g+egCg4zH
QL2h5vKUp86G49kcXN0RMg6dA/xqxKktMy5+KO6BUODLYLzGvR2C2dxtJFlmvQrZ
NKD1M5Js0qlZ8VTY/S2Hg/H02/G3vQ69CpdcKsU47e9PS8uceShqHSHLK2cF8CRz
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:41:46 2025 by rpki-client