Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/s8h8m-rLu97VHYuOpsgtGe5QTvc.roa
File: s8h8m-rLu97VHYuOpsgtGe5QTvc.roa (raw, json)
Hash identifier: fgM9BUUhxhrJEB6G+RVcGhRkjOsuMr8x8IriDf+tUFM=
Subject key identifier: B3:C8:7C:9B:EA:CB:BB:DE:D5:1D:8B:8E:A6:C8:2D:19:EE:50:4E:F7
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 019425FCB1CEA10244678E861A25E9521592
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/s8h8m-rLu97VHYuOpsgtGe5QTvc.roa
Signing time: Thu 02 Jan 2025 07:48:25 +0000
ROA not before: Thu 02 Jan 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197431
IP address blocks: 85.232.225.0/24 maxlen: 24
85.232.246.0/24 maxlen: 24
213.189.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b1:ce:a1:02:44:67:8e:86:1a:25:e9:52:15:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3c87c9beacbbbded51d8b8ea6c82d19ee504ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ef:30:1e:f0:9c:74:97:ea:21:bc:f9:d3:16:
29:b4:53:10:d9:b2:77:e2:6f:22:f4:1f:fd:c5:43:
6d:70:74:f0:69:66:c2:42:46:2f:cc:8b:7a:5e:b0:
35:cb:09:7e:b2:cc:34:3a:18:d9:09:7f:b9:0f:c3:
03:44:77:9c:f8:1e:9d:21:ab:e3:2b:9b:ef:25:ec:
dd:95:6d:f2:ca:0c:48:b8:3c:ca:53:b8:78:16:0a:
a9:e3:b8:66:10:d1:cf:bb:21:6d:31:24:1e:5b:fd:
0a:e5:9f:39:8c:c7:9c:ee:2d:0e:3a:5e:75:79:67:
67:77:83:d7:8a:cc:e2:59:96:c0:a0:ea:02:58:7f:
1b:cd:1e:38:70:4f:85:41:e2:55:43:e6:05:56:44:
5c:26:05:58:ca:d7:d5:7b:f9:e5:44:27:3f:fc:52:
bd:ff:01:e7:bf:a2:72:c1:5b:16:89:c6:19:59:c0:
70:8f:37:09:0c:05:1a:25:ae:c5:11:87:75:1a:c7:
f4:b2:d2:27:f0:2a:d6:9c:07:f3:47:9c:7f:d5:34:
57:c5:0b:1e:14:fd:89:db:4f:87:1f:ef:18:f7:4f:
4d:25:cb:b2:61:3e:e0:01:da:70:32:fb:4b:4f:fd:
67:22:00:72:37:29:5f:df:a8:c9:0f:f8:c5:19:e8:
42:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C8:7C:9B:EA:CB:BB:DE:D5:1D:8B:8E:A6:C8:2D:19:EE:50:4E:F7
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/s8h8m-rLu97VHYuOpsgtGe5QTvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.232.225.0/24
85.232.246.0/24
213.189.48.0/24
Signature Algorithm: sha256WithRSAEncryption
57:dc:8d:60:8d:90:d6:e3:ce:d7:a7:6a:95:b2:37:d4:66:b9:
69:59:7c:49:39:d0:82:80:d1:95:62:24:b0:ea:cc:7c:7d:0b:
16:4a:1a:88:b4:04:93:be:fa:e5:fd:dc:82:15:10:f6:c3:ed:
62:cd:9a:e9:94:0e:11:bf:8e:14:73:e1:d2:41:1b:79:5e:2e:
d6:18:bd:30:fb:8f:ee:3e:b5:f3:c3:0d:72:28:ef:5e:5a:50:
d8:6d:4d:ac:f5:a9:0d:7b:e8:63:a6:1b:a6:09:fc:18:c5:99:
da:91:90:5e:10:ee:32:54:34:65:ba:4e:a6:5f:20:23:f7:21:
e7:85:56:53:93:70:4c:8f:f8:7f:92:93:86:df:8f:ae:4b:96:
69:62:9f:5e:7c:ac:37:84:ba:84:4c:49:8f:4a:a3:3a:d8:22:
fa:c5:8e:a5:89:3e:2b:4e:17:9c:f9:ac:67:d1:b9:27:ab:6d:
b4:09:b8:51:dc:ff:5f:04:6f:41:86:9b:bc:32:42:1f:66:8e:
44:72:2c:4e:21:61:58:68:75:18:8e:d1:c5:77:02:80:5b:28:
3a:15:c8:12:18:29:44:fa:26:0d:98:b3:81:0a:c3:ba:fa:d0:
42:c8:2e:00:8c:a1:c2:c1:44:3d:a0:7f:59:3c:80:2d:cd:1f:
46:6f:fc:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/LHOoQJEZ46GGiXpUhWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjUwMTAyMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M4N2M5YmVhY2JiYmRlZDUxZDhiOGVhNmM4MmQxOWVlNTA0ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O8wHvCcdJfqIbz50xYptFMQ2bJ3
4m8i9B/9xUNtcHTwaWbCQkYvzIt6XrA1ywl+ssw0OhjZCX+5D8MDRHec+B6dIavj
K5vvJezdlW3yygxIuDzKU7h4Fgqp47hmENHPuyFtMSQeW/0K5Z85jMec7i0OOl51
eWdnd4PXisziWZbAoOoCWH8bzR44cE+FQeJVQ+YFVkRcJgVYytfVe/nlRCc//FK9
/wHnv6JywVsWicYZWcBwjzcJDAUaJa7FEYd1Gsf0stIn8CrWnAfzR5x/1TRXxQse
FP2J20+HH+8Y909NJcuyYT7gAdpwMvtLT/1nIgByNylf36jJD/jFGehCVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLPIfJvqy7ve1R2LjqbILRnuUE73MB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvczhoOG0tckx1OTdWSFl1T3BzZ3RHZTVRVHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVejhAwQA
Vej2AwQA1b0wMA0GCSqGSIb3DQEBCwUAA4IBAQBX3I1gjZDW487Xp2qVsjfUZrlp
WXxJOdCCgNGVYiSw6sx8fQsWShqItASTvvrl/dyCFRD2w+1izZrplA4Rv44Uc+HS
QRt5Xi7WGL0w+4/uPrXzww1yKO9eWlDYbU2s9akNe+hjphumCfwYxZnakZBeEO4y
VDRluk6mXyAj9yHnhVZTk3BMj/h/kpOG34+uS5ZpYp9efKw3hLqETEmPSqM62CL6
xY6liT4rThec+axn0bknq220CbhR3P9fBG9Bhpu8MkIfZo5EcixOIWFYaHUYjtHF
dwKAWyg6FcgSGClE+iYNmLOBCsO6+tBCyC4AjKHCwUQ9oH9ZPIAtzR9Gb/zU
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:22 2025 by rpki-client