Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/i7jWP6E6hcB7Kvbk4mThF2buTs8.roa
File: i7jWP6E6hcB7Kvbk4mThF2buTs8.roa (raw, json)
Hash identifier: OqH0B+K5eYlDv/BpS97jLxNiwQggexBzkbjaho23mP4=
Subject key identifier: 8B:B8:D6:3F:A1:3A:85:C0:7B:2A:F6:E4:E2:64:E1:17:66:EE:4E:CF
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 019424B3BF5C80BA2F8652B54EF5CBC0DBE0
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/i7jWP6E6hcB7Kvbk4mThF2buTs8.roa
Signing time: Thu 02 Jan 2025 01:49:07 +0000
ROA not before: Thu 02 Jan 2025 01:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 88.218.204.0/24 maxlen: 24
2a09:b280:fe11::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:bf:5c:80:ba:2f:86:52:b5:4e:f5:cb:c0:db:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Jan 2 01:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bb8d63fa13a85c07b2af6e4e264e11766ee4ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4a:87:82:84:77:d8:3a:a6:3c:18:97:c2:c7:
40:09:8d:9e:07:f9:0a:3c:f1:24:5a:f6:0a:ef:d5:
af:bf:28:56:6f:67:0a:6a:de:ee:99:c4:87:52:87:
5e:63:64:e6:27:3d:b1:23:33:59:cc:bf:87:a0:94:
eb:4c:f3:d3:2e:84:7f:ba:7b:ae:95:ce:8d:50:6c:
eb:84:6c:85:a4:ce:c6:14:17:f1:94:fa:bb:c0:d6:
57:28:03:28:09:ed:5d:b1:75:19:93:aa:3a:b8:da:
03:c5:3a:b5:7c:6b:c5:a4:39:b9:04:01:fe:51:2e:
0e:cd:48:b5:4e:53:c2:ad:d1:45:ef:5d:40:10:24:
22:67:0e:a5:ea:8c:1e:86:9c:35:29:12:68:8a:0c:
9a:ac:bf:7a:db:f1:6e:fe:5f:99:82:3e:b2:af:12:
ad:e7:07:00:70:b8:c4:db:c6:0c:09:66:be:d3:49:
d8:d1:31:3c:e6:f4:28:e7:bc:64:23:9e:8f:bf:42:
8b:8f:cc:8a:03:89:4f:2e:5d:f5:60:76:7c:31:2d:
de:de:50:aa:bb:c0:5b:8f:25:ea:75:9d:6c:9b:fc:
80:c0:df:d4:6e:a6:e5:17:ad:87:dc:30:cc:12:b9:
ad:01:89:3f:8d:83:45:d7:aa:2e:8a:89:54:b7:9a:
73:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B8:D6:3F:A1:3A:85:C0:7B:2A:F6:E4:E2:64:E1:17:66:EE:4E:CF
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/i7jWP6E6hcB7Kvbk4mThF2buTs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.204.0/24
IPv6:
2a09:b280:fe11::/48
Signature Algorithm: sha256WithRSAEncryption
4c:f3:49:a2:9c:5c:59:4b:25:37:99:c3:d4:4c:b5:19:46:55:
9d:c5:57:be:92:5e:91:f3:80:cc:de:10:53:a6:bc:3d:9e:b8:
99:59:4e:db:1d:d5:61:3a:d8:49:d3:4e:bc:1e:42:5a:e1:f8:
49:ab:17:1a:f7:2e:2f:74:3d:48:2b:f9:78:08:9d:e6:d6:6a:
af:89:fb:a6:45:45:06:19:9f:41:9a:2e:51:ab:5a:d7:58:e0:
32:06:01:91:f2:4c:dc:fe:fd:51:b0:df:bd:7a:46:ed:94:3e:
49:1f:b7:26:2e:29:02:78:1f:47:18:4e:54:4c:d8:3c:f4:ce:
e4:f5:87:59:c7:f9:08:7a:85:06:15:c5:dc:16:a7:b7:66:85:
ea:ba:3f:b7:de:f9:51:25:e0:e3:f6:8d:25:00:59:b1:57:06:
88:68:9e:e4:09:da:e2:a1:b3:60:b1:ff:dd:a8:3d:ad:a8:9d:
e2:43:2b:4b:5d:70:fe:9c:0a:d0:e3:0a:17:80:20:fd:dc:72:
0e:78:89:59:11:d4:c5:5a:a6:7d:8e:3d:7c:6b:3c:f2:72:37:
79:72:f9:06:48:34:21:a0:19:99:f6:7c:c3:39:3f:c7:da:e9:
0d:fe:a5:9a:f8:bc:ff:0b:c9:21:e4:1b:a3:23:f5:17:8d:2b:
88:f7:ea:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQks79cgLovhlK1TvXLwNvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA4ZmI3ODFjYTZkYmQ4MjIxZjJjMmY5NTRhM2E3NDQ2
YjJiNDIwHhcNMjUwMTAyMDE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmI4ZDYzZmExM2E4NWMwN2IyYWY2ZTRlMjY0ZTExNzY2ZWU0ZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUqHgoR32DqmPBiXwsdACY2eB/kK
PPEkWvYK79WvvyhWb2cKat7umcSHUodeY2TmJz2xIzNZzL+HoJTrTPPTLoR/unuu
lc6NUGzrhGyFpM7GFBfxlPq7wNZXKAMoCe1dsXUZk6o6uNoDxTq1fGvFpDm5BAH+
US4OzUi1TlPCrdFF711AECQiZw6l6owehpw1KRJoigyarL962/Fu/l+Zgj6yrxKt
5wcAcLjE28YMCWa+00nY0TE85vQo57xkI56Pv0KLj8yKA4lPLl31YHZ8MS3e3lCq
u8BbjyXqdZ1sm/yAwN/UbqblF62H3DDMErmtAYk/jYNF16ouiolUt5pzCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIu41j+hOoXAeyr25OJk4Rdm7k7PMB8GA1UdIwQY
MBaAFDJQj7eBym29giHywvlUo6dEaytCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDkt
YzEyMjE4NzY1MTU0LzEvaTdqV1A2RTZoY0I3S3ZiazRtVGhGMmJ1VHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDktYzEyMjE4NzY1MTU0
LzEvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNrMMA8E
AgACMAkDBwAqCbKA/hEwDQYJKoZIhvcNAQELBQADggEBAEzzSaKcXFlLJTeZw9RM
tRlGVZ3FV76SXpHzgMzeEFOmvD2euJlZTtsd1WE62EnTTrweQlrh+EmrFxr3Li90
PUgr+XgInebWaq+J+6ZFRQYZn0GaLlGrWtdY4DIGAZHyTNz+/VGw3716Ru2UPkkf
tyYuKQJ4H0cYTlRM2Dz0zuT1h1nH+Qh6hQYVxdwWp7dmheq6P7fe+VEl4OP2jSUA
WbFXBohonuQJ2uKhs2Cx/92oPa2oneJDK0tdcP6cCtDjCheAIP3ccg54iVkR1MVa
pn2OPXxrPPJyN3ly+QZINCGgGZn2fMM5P8fa6Q3+pZr4vP8LySHkG6Mj9ReNK4j3
6o4=
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:30:14 2025 by rpki-client