Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/K8XuD1NpxrW0TJB7qtrYsXkJRDA.roa
File: K8XuD1NpxrW0TJB7qtrYsXkJRDA.roa (raw, json)
Hash identifier: /CdBF5kIZ5ECcmHw5H6/OJaH4oIiEyJ+Vl+1/T4lKZc=
Subject key identifier: 2B:C5:EE:0F:53:69:C6:B5:B4:4C:90:7B:AA:DA:D8:B1:79:09:44:30
Certificate issuer: /CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Certificate serial: 0194252234D0F78D11F69D8D867D730AAEBD
Authority key identifier: F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/K8XuD1NpxrW0TJB7qtrYsXkJRDA.roa
Signing time: Thu 02 Jan 2025 03:49:46 +0000
ROA not before: Thu 02 Jan 2025 03:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60011
IP address blocks: 185.101.97.0/24 maxlen: 24
185.101.98.0/24 maxlen: 24
185.101.99.0/24 maxlen: 24
2a04:ad80:2::/48 maxlen: 48
2a06:1c80::/31 maxlen: 32
2a06:1c80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:34:d0:f7:8d:11:f6:9d:8d:86:7d:73:0a:ae:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Validity
Not Before: Jan 2 03:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bc5ee0f5369c6b5b44c907baadad8b179094430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:92:d3:0a:36:15:43:2a:81:96:e7:a1:02:24:
dd:74:8a:d0:ff:e1:c1:ef:b9:af:a1:db:be:ab:cc:
83:8c:ee:cc:2b:ac:2c:76:e6:56:f5:30:98:9b:84:
c6:ed:03:4a:7e:7d:7e:51:6d:e8:6d:1a:98:5a:d4:
60:a3:6e:f7:28:fe:e5:fa:9b:72:0c:75:2e:07:c2:
fd:17:4f:7a:b7:91:6b:00:8b:b9:0d:b1:1d:78:34:
db:b2:8a:0e:e2:05:17:5b:71:74:fa:c4:f6:25:39:
5a:fe:02:70:21:5e:0e:ee:53:d2:c3:18:6a:93:1a:
fd:c8:86:bb:af:71:73:ae:75:ae:d7:6e:d3:69:4d:
7b:90:0a:dc:d7:7f:ed:42:64:35:2e:d1:0d:aa:1b:
b5:9d:03:0d:ad:35:55:fa:4f:7f:3e:c5:a1:e4:ac:
03:d9:7c:68:2c:3a:bf:d8:65:37:fc:26:32:03:52:
c3:1e:c2:5e:a9:d8:f9:5a:54:55:3c:60:49:6f:30:
48:b2:b3:ae:ab:47:c7:3a:49:1f:17:c0:ce:18:eb:
56:11:75:9b:f6:08:cc:eb:db:24:54:76:72:8a:ae:
40:30:e6:f0:1a:64:b7:95:d9:72:d0:1a:e5:4c:07:
77:1b:0f:72:c1:75:3e:e9:f8:3b:17:c1:e8:c4:7a:
48:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C5:EE:0F:53:69:C6:B5:B4:4C:90:7B:AA:DA:D8:B1:79:09:44:30
X509v3 Authority Key Identifier:
keyid:F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/K8XuD1NpxrW0TJB7qtrYsXkJRDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.97.0-185.101.99.255
IPv6:
2a04:ad80:2::/48
2a06:1c80::/31
Signature Algorithm: sha256WithRSAEncryption
22:0a:31:a9:f8:fa:5a:0d:1a:75:ab:de:68:6e:fd:d5:15:c7:
71:71:d3:bf:e4:5f:92:83:12:f2:02:49:dc:42:07:c8:b9:ba:
b0:37:71:ca:8d:ce:99:ce:48:f7:c8:e1:b5:23:4c:d8:2b:07:
5b:67:0b:45:0c:a6:82:0e:87:6a:e8:4e:68:d4:01:92:50:78:
5d:43:10:b7:08:1e:18:5a:1e:62:f3:af:7b:77:7f:cd:19:2b:
68:6d:56:8f:6f:f9:83:0e:8d:56:69:00:75:59:9b:ca:3a:8e:
5e:a3:53:41:06:83:9a:e3:91:aa:89:ab:fc:3c:1f:ca:cb:96:
fc:e7:46:38:d8:8d:15:03:27:12:09:6b:34:d1:75:6d:ff:ee:
bb:7d:1d:bf:ac:42:13:4f:e3:a2:f8:e6:76:a0:c0:ad:62:d0:
cb:aa:43:ea:ad:d5:70:91:bb:fd:47:6c:0d:d4:2b:bc:49:74:
0a:6e:5e:f2:9d:e5:47:26:8f:ba:2b:b6:3c:9c:72:0f:d3:6a:
85:15:c0:98:00:e9:0a:68:a1:35:fe:f8:d7:69:63:f1:d0:e9:
ae:e1:af:5b:3f:d1:47:ff:74:76:da:8a:ee:5b:57:7a:e7:ee:
f0:4d:73:6b:20:a1:21:cf:e9:fe:0d:e1:e5:85:df:98:68:86:
ea:d7:6f:64
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQlIjTQ940R9p2Nhn1zCq69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MWZjOGM4Mjk4NjMxMGM1ZjZhOWI1NmZiNzZiNmJkOTg3
N2ZjYzAwHhcNMjUwMTAyMDM0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM1ZWUwZjUzNjljNmI1YjQ0YzkwN2JhYWRhZDhiMTc5MDk0NDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZLTCjYVQyqBluehAiTddIrQ/+HB
77mvodu+q8yDjO7MK6wsduZW9TCYm4TG7QNKfn1+UW3obRqYWtRgo273KP7l+pty
DHUuB8L9F096t5FrAIu5DbEdeDTbsooO4gUXW3F0+sT2JTla/gJwIV4O7lPSwxhq
kxr9yIa7r3FzrnWu127TaU17kArc13/tQmQ1LtENqhu1nQMNrTVV+k9/PsWh5KwD
2XxoLDq/2GU3/CYyA1LDHsJeqdj5WlRVPGBJbzBIsrOuq0fHOkkfF8DOGOtWEXWb
9gjM69skVHZyiq5AMObwGmS3ldly0BrlTAd3Gw9ywXU+6fg7F8HoxHpIuQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCvF7g9Taca1tEyQe6ra2LF5CUQwMB8GA1UdIwQY
MBaAFPgfyMgphjEMX2qbVvt2tr2Yd/zAMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CX0l5Q21HTVF4ZmFwdFctM2EydlpoM19NQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFk
LTUxM2NhOGU2Y2VjZS8xL0s4WHVEMU5weHJXMFRKQjdxdHJZc1hrSlJEQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFkLTUxM2NhOGU2Y2Vj
ZS8xLzEtQl9JeUNtR01ReGZhcHRXLTNhMnZaaDNfTUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMBQEAgABMA4wDAMEALll
YQMEArllYDAWBAIAAjAQAwcAKgStgAACAwUBKgYcgDANBgkqhkiG9w0BAQsFAAOC
AQEAIgoxqfj6Wg0adaveaG791RXHcXHTv+RfkoMS8gJJ3EIHyLm6sDdxyo3Omc5I
98jhtSNM2CsHW2cLRQymgg6HauhOaNQBklB4XUMQtwgeGFoeYvOve3d/zRkraG1W
j2/5gw6NVmkAdVmbyjqOXqNTQQaDmuORqomr/DwfysuW/OdGONiNFQMnEglrNNF1
bf/uu30dv6xCE0/jovjmdqDArWLQy6pD6q3VcJG7/UdsDdQrvEl0Cm5e8p3lRyaP
uiu2PJxyD9NqhRXAmADpCmihNf7412lj8dDpruGvWz/RR/90dtqK7ltXeufu8E1z
ayChIc/p/g3h5YXfmGiG6tdvZA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:24:34 2025 by rpki-client