Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/AItoBBXTr3JSVEunHoKYVScHBBA.roa
File: AItoBBXTr3JSVEunHoKYVScHBBA.roa (raw, json)
Hash identifier: bQ8pPRnSjhK+OHhk4/Jjzl0/46sUTmdeipylWtU4pOg=
Subject key identifier: 00:8B:68:04:15:D3:AF:72:52:54:4B:A7:1E:82:98:55:27:07:04:10
Certificate issuer: /CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Certificate serial: 019423D7D1EE267C1A1B67676EFC67C8D59C
Authority key identifier: A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/AItoBBXTr3JSVEunHoKYVScHBBA.roa
Signing time: Wed 01 Jan 2025 21:48:54 +0000
ROA not before: Wed 01 Jan 2025 21:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.200.208.0/24 maxlen: 24
185.200.209.0/24 maxlen: 24
185.200.210.0/24 maxlen: 24
185.200.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d1:ee:26:7c:1a:1b:67:67:6e:fc:67:c8:d5:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Validity
Not Before: Jan 1 21:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=008b680415d3af7252544ba71e82985527070410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dd:56:53:81:45:d2:6f:58:c0:11:94:b7:49:
91:cf:9c:58:60:b4:cc:0c:85:97:50:93:ea:c0:a8:
c3:7b:6b:a3:6c:6b:39:c4:d1:29:64:5c:c2:5c:f5:
a9:7c:3c:09:80:98:28:6b:84:f3:62:c8:87:ba:48:
c3:7d:ae:c5:b5:18:df:ef:90:f9:42:09:cf:95:81:
6d:d0:94:d7:93:17:b5:6e:88:16:02:7e:ab:bb:06:
96:86:17:0c:2a:40:ba:2f:1a:c7:d3:b1:76:af:a9:
bf:fc:52:b9:ff:1a:96:3c:c5:12:11:30:78:19:fa:
ca:d0:4f:cf:5f:93:00:67:38:82:95:10:66:53:76:
7c:15:bf:56:e1:03:26:cb:e2:7e:4f:b2:e2:75:97:
29:86:0a:72:81:e8:26:6d:2f:1a:25:c8:38:c4:87:
a1:f3:09:42:4d:d7:5b:80:a1:f1:a5:f9:bb:8e:94:
d0:43:74:f9:b6:fc:84:97:06:e0:42:db:cc:21:5e:
4c:80:0f:d3:9c:39:f0:db:ab:34:be:17:ed:ec:ee:
c9:e2:9a:f4:83:40:6f:4d:e8:40:91:f9:8c:ab:bb:
e5:40:f8:5a:fc:93:d8:1a:c6:d0:34:d7:f6:84:cf:
f2:81:52:23:6f:11:55:5f:0d:40:7f:13:06:70:d7:
48:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8B:68:04:15:D3:AF:72:52:54:4B:A7:1E:82:98:55:27:07:04:10
X509v3 Authority Key Identifier:
keyid:A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/AItoBBXTr3JSVEunHoKYVScHBBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.208.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:53:cd:f8:29:60:64:37:12:2b:bc:a0:e0:08:14:26:e0:17:
ea:89:c8:df:bb:06:5e:3b:a1:12:00:f5:77:83:3a:91:26:49:
f8:66:05:45:4d:d6:f1:4c:a8:a0:43:c0:0b:da:06:ef:ae:9d:
4b:25:2f:d8:b0:55:aa:5f:2f:03:04:36:64:a5:ba:21:01:86:
d1:ee:c5:ec:3c:9e:1b:af:dd:73:b8:59:be:34:1d:e1:bc:69:
46:76:30:3d:e9:ff:8a:43:a9:13:0d:1c:c0:ee:1e:d5:2f:ac:
7f:1b:04:45:d0:cf:72:30:37:88:04:00:63:b0:28:78:eb:d2:
04:8b:7d:d3:52:3e:33:27:7e:15:7e:e3:7b:6d:36:73:1a:10:
e3:5c:63:da:9a:50:9e:0c:0d:b3:96:83:c8:98:35:15:f0:fd:
2a:73:af:47:f7:00:03:a6:52:79:c5:dc:58:c9:f5:a2:a9:5d:
e5:a7:13:e2:10:6d:69:31:bf:5c:8f:e7:3f:d5:34:08:dd:5a:
2a:54:b2:a1:91:9f:ca:21:d9:8f:60:5d:e2:cb:3c:23:bb:65:
21:24:2d:81:12:08:09:1d:eb:a9:f6:c4:fc:50:1c:6d:8f:80:
07:40:ed:f2:20:ec:58:2f:1f:5c:de:53:27:79:90:18:21:89:
f0:37:b4:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj19HuJnwaG2dnbvxnyNWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGJkNWQxZjg2ZGQ5ZGQ2NjYwNmExNGQzMWQ2NGNiMGVh
YWM4M2IwHhcNMjUwMTAxMjE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDhiNjgwNDE1ZDNhZjcyNTI1NDRiYTcxZTgyOTg1NTI3MDcwNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd1WU4FF0m9YwBGUt0mRz5xYYLTM
DIWXUJPqwKjDe2ujbGs5xNEpZFzCXPWpfDwJgJgoa4TzYsiHukjDfa7FtRjf75D5
QgnPlYFt0JTXkxe1bogWAn6ruwaWhhcMKkC6LxrH07F2r6m//FK5/xqWPMUSETB4
GfrK0E/PX5MAZziClRBmU3Z8Fb9W4QMmy+J+T7LidZcphgpygegmbS8aJcg4xIeh
8wlCTddbgKHxpfm7jpTQQ3T5tvyElwbgQtvMIV5MgA/TnDnw26s0vhft7O7J4pr0
g0BvTehAkfmMq7vlQPha/JPYGsbQNNf2hM/ygVIjbxFVXw1AfxMGcNdIewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACLaAQV069yUlRLpx6CmFUnBwQQMB8GA1UdIwQY
MBaAFKDb1dH4bdndZmBqFNMdZMsOqsg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAt
MTM1YzkxZWMxOTllLzEvQUl0b0JCWFRyM0pTVkV1bkhvS1lWU2NIQkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAtMTM1YzkxZWMxOTll
LzEvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjQMA0G
CSqGSIb3DQEBCwUAA4IBAQBbU834KWBkNxIrvKDgCBQm4BfqicjfuwZeO6ESAPV3
gzqRJkn4ZgVFTdbxTKigQ8AL2gbvrp1LJS/YsFWqXy8DBDZkpbohAYbR7sXsPJ4b
r91zuFm+NB3hvGlGdjA96f+KQ6kTDRzA7h7VL6x/GwRF0M9yMDeIBABjsCh469IE
i33TUj4zJ34VfuN7bTZzGhDjXGPamlCeDA2zloPImDUV8P0qc69H9wADplJ5xdxY
yfWiqV3lpxPiEG1pMb9cj+c/1TQI3VoqVLKhkZ/KIdmPYF3iyzwju2UhJC2BEggJ
Heup9sT8UBxtj4AHQO3yIOxYLx9c3lMneZAYIYnwN7Sj
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:33 2025 by rpki-client