Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8cOLnAejA23wcOIeS3mOO5t3SCE.roa
File: 8cOLnAejA23wcOIeS3mOO5t3SCE.roa (raw, json)
Hash identifier: Y/SVTgHsjEdv0hd62tDeElUSZ3kepKX/YlQ3gAkiqTE=
Subject key identifier: F1:C3:8B:9C:07:A3:03:6D:F0:70:E2:1E:4B:79:8E:3B:9B:77:48:21
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01953F7F00FE55F39B744282B1640B73BD5E
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8cOLnAejA23wcOIeS3mOO5t3SCE.roa
Signing time: Tue 25 Feb 2025 23:44:02 +0000
ROA not before: Tue 25 Feb 2025 23:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 64.43.94.0/24 maxlen: 24
64.43.95.0/24 maxlen: 24
176.96.88.0/24 maxlen: 24
176.96.90.0/24 maxlen: 24
176.96.91.0/24 maxlen: 24
193.36.208.0/24 maxlen: 24
193.36.209.0/24 maxlen: 24
193.36.210.0/24 maxlen: 24
193.36.211.0/24 maxlen: 24
193.36.212.0/24 maxlen: 24
193.36.213.0/24 maxlen: 24
193.36.214.0/24 maxlen: 24
193.36.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3f:7f:00:fe:55:f3:9b:74:42:82:b1:64:0b:73:bd:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 25 23:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1c38b9c07a3036df070e21e4b798e3b9b774821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:a0:cc:66:34:f7:da:57:99:18:00:5d:41:
e7:7f:44:de:80:6a:60:cd:1f:e2:9e:10:11:bc:25:
9e:56:db:60:a6:25:be:0c:73:32:bf:d7:18:d9:9e:
57:82:d5:07:51:7c:4f:16:41:bf:96:71:53:f1:d9:
88:76:83:80:b4:34:34:d0:3e:70:f5:76:66:30:f7:
74:e4:8a:ff:85:f4:42:d5:4d:e7:e9:b3:6b:b0:42:
0a:d7:16:6d:1b:89:52:eb:80:21:e4:7e:0c:85:ed:
b0:75:98:04:e3:9f:52:0c:31:14:d7:83:7a:b6:f9:
73:46:d6:aa:c3:03:eb:d8:7f:58:38:e3:66:05:ca:
8b:6f:22:7e:42:ac:ca:88:6a:88:04:d7:d4:e6:0c:
a6:46:49:e5:52:fe:23:5f:4e:7a:9d:eb:48:9a:92:
1b:68:16:b5:84:1a:99:6d:b9:c8:ea:4f:d1:b9:ab:
cc:e4:b8:54:cf:ae:e5:73:d4:40:0d:42:03:90:f0:
88:18:73:fa:4f:4f:75:f3:8f:a0:17:9d:f5:41:a3:
df:2c:5c:e4:34:f6:36:d7:1b:b0:f5:10:60:11:92:
fb:32:cf:54:74:bf:a9:ab:18:29:0b:14:78:92:94:
ff:a2:b9:61:2e:3e:42:f1:75:26:15:da:8a:ea:55:
40:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C3:8B:9C:07:A3:03:6D:F0:70:E2:1E:4B:79:8E:3B:9B:77:48:21
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8cOLnAejA23wcOIeS3mOO5t3SCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.94.0/23
176.96.88.0/24
176.96.90.0/23
193.36.208.0/21
Signature Algorithm: sha256WithRSAEncryption
41:6b:08:89:99:89:e2:f6:3a:20:6e:1a:ce:d9:50:e5:29:3f:
bb:f0:4a:84:2d:b5:4e:f3:0e:c4:f7:97:8e:97:69:66:8f:b1:
b7:c9:70:e4:a7:de:c6:b6:33:48:53:00:2c:47:82:bb:9f:1b:
84:d8:83:62:9e:e5:c9:f5:6f:54:c5:ba:27:50:b8:1b:bb:a3:
68:58:05:7b:06:d5:74:58:2c:cc:69:81:89:36:da:dd:d3:ba:
1e:54:d7:cd:c4:64:32:d3:29:d3:d5:4f:0c:9f:8e:a3:d6:13:
f5:25:9a:ca:a2:10:97:55:8a:04:f4:40:f4:ed:e4:7c:b6:7e:
e9:e2:d5:2e:70:f0:c6:f6:23:01:3f:2e:62:5c:31:55:9b:70:
68:fc:ed:b5:41:11:6b:d2:1b:71:39:06:58:50:83:c5:64:74:
b5:b8:c7:9c:94:59:77:8c:2e:13:e8:6a:fc:f8:48:2b:da:af:
e6:c2:8a:3e:90:e7:1d:f8:c8:35:51:b1:2d:57:83:e1:80:a7:
1e:4b:42:ef:fd:2f:05:3d:b7:85:f9:5e:73:ab:54:a1:1a:01:
53:46:79:f6:c4:18:99:cc:3c:7f:3b:7f:8a:6b:c6:19:20:79:
bf:76:11:6a:14:72:f0:31:ef:a8:4a:9a:3b:1b:52:18:35:17:
db:a6:69:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZU/fwD+VfObdEKCsWQLc71eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMjI1MjM0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWMzOGI5YzA3YTMwMzZkZjA3MGUyMWU0Yjc5OGUzYjliNzc0ODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg6gzGY099pXmRgAXUHnf0TegGpg
zR/inhARvCWeVttgpiW+DHMyv9cY2Z5XgtUHUXxPFkG/lnFT8dmIdoOAtDQ00D5w
9XZmMPd05Ir/hfRC1U3n6bNrsEIK1xZtG4lS64Ah5H4Mhe2wdZgE459SDDEU14N6
tvlzRtaqwwPr2H9YOONmBcqLbyJ+QqzKiGqIBNfU5gymRknlUv4jX056netImpIb
aBa1hBqZbbnI6k/RuavM5LhUz67lc9RADUIDkPCIGHP6T09184+gF531QaPfLFzk
NPY21xuw9RBgEZL7Ms9UdL+pqxgpCxR4kpT/orlhLj5C8XUmFdqK6lVAsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPHDi5wHowNt8HDiHkt5jjubd0ghMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvOGNPTG5BZWpBMjN3Y09JZVMzbU9PNXQzU0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBQCteAwQA
sGBYAwQBsGBaAwQDwSTQMA0GCSqGSIb3DQEBCwUAA4IBAQBBawiJmYni9jogbhrO
2VDlKT+78EqELbVO8w7E95eOl2lmj7G3yXDkp97GtjNIUwAsR4K7nxuE2INinuXJ
9W9UxbonULgbu6NoWAV7BtV0WCzMaYGJNtrd07oeVNfNxGQy0ynT1U8Mn46j1hP1
JZrKohCXVYoE9ED07eR8tn7p4tUucPDG9iMBPy5iXDFVm3Bo/O21QRFr0htxOQZY
UIPFZHS1uMeclFl3jC4T6Gr8+Egr2q/mwoo+kOcd+Mg1UbEtV4PhgKceS0Lv/S8F
PbeF+V5zq1ShGgFTRnn2xBiZzDx/O3+Ka8YZIHm/dhFqFHLwMe+oSpo7G1IYNRfb
pmlq
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:30:10 2025 by rpki-client