Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/8LrCpJVZw00cB6v7Jxmu5danMVM.roa
File: 8LrCpJVZw00cB6v7Jxmu5danMVM.roa (raw, json)
Hash identifier: LkYRg4fRX+WYVMtQ+HSrUSifp72hGXmKbB4Mx1yLYEo=
Subject key identifier: F0:BA:C2:A4:95:59:C3:4D:1C:07:AB:FB:27:19:AE:E5:D6:A7:31:53
Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial: 0195B95FFA82FE6F666813A4CD2FF707DB01
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/8LrCpJVZw00cB6v7Jxmu5danMVM.roa
Signing time: Fri 21 Mar 2025 15:43:49 +0000
ROA not before: Fri 21 Mar 2025 15:43:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30860
IP address blocks: 91.234.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:5f:fa:82:fe:6f:66:68:13:a4:cd:2f:f7:07:db:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Validity
Not Before: Mar 21 15:43:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0bac2a49559c34d1c07abfb2719aee5d6a73153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:87:f3:37:d3:43:8a:cc:fd:a2:07:1b:b6:02:
3b:74:66:fd:85:5a:09:f3:b0:f4:63:b4:34:43:65:
e2:a4:f7:17:20:6a:26:27:04:ab:31:1c:9b:5c:05:
98:bd:ec:2e:00:cb:74:af:40:c1:50:e7:c6:19:2a:
25:7d:e8:fc:d0:07:f5:fc:45:5c:bb:ab:f6:00:dd:
9a:24:4f:0d:cd:de:21:d1:2a:4e:fa:f1:f6:e6:37:
56:82:2a:2c:91:e2:0d:0a:4f:11:c1:c2:27:b2:a3:
d7:99:bb:24:59:17:95:93:82:08:42:dd:b3:9f:97:
8e:0e:80:cc:50:0d:0a:44:4b:cc:5e:38:b5:a0:b3:
a2:65:c9:7b:97:60:02:4d:27:05:31:19:e6:dc:65:
18:e4:f2:0f:9a:ad:75:c4:eb:e3:e0:27:af:88:ab:
ec:56:27:0f:ce:f6:b1:50:82:9d:f5:7c:e4:0d:67:
b4:4e:0f:df:99:52:56:34:6c:2d:82:a6:18:dc:3b:
79:6e:7b:7e:04:8a:38:85:f5:22:db:8b:c1:fb:c6:
95:43:21:5b:fe:1c:56:47:72:f4:c1:62:ad:37:5c:
5d:67:c3:a2:25:24:9f:6d:b7:74:29:2b:a7:00:c9:
e2:82:0c:7b:95:00:74:ac:07:e9:b9:94:1e:b2:ab:
b8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BA:C2:A4:95:59:C3:4D:1C:07:AB:FB:27:19:AE:E5:D6:A7:31:53
X509v3 Authority Key Identifier:
keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/8LrCpJVZw00cB6v7Jxmu5danMVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.4.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:2e:08:cd:f2:28:e8:68:43:1d:a6:ef:2a:dc:04:10:07:f8:
66:f2:cf:03:a1:79:41:c5:4a:66:9a:01:59:64:3a:94:59:fd:
0e:cd:c3:c8:8b:6e:fd:04:b8:6e:7d:2d:f4:a6:fd:bb:d2:0a:
4e:93:ba:e9:3e:58:c8:66:f5:d4:02:f1:88:56:f6:37:8c:21:
d1:2b:f6:29:1c:57:5a:ff:dc:b5:b5:dd:0c:1c:27:ac:c2:08:
eb:e9:3c:be:2c:6c:4e:3f:8f:18:3f:eb:d4:43:fb:96:c3:03:
0b:71:ce:a2:07:bd:bf:2c:0e:ea:75:0e:d6:b5:8b:e2:3b:33:
d6:2c:73:0a:f5:22:e0:e6:05:50:55:ac:74:10:03:a9:20:10:
84:6a:16:f2:ff:06:66:4a:9b:76:fb:c8:71:b4:7b:f5:db:a3:
a9:05:8d:07:10:8c:56:f0:04:77:5f:7f:0e:de:9a:71:0a:1b:
b1:ef:27:93:14:16:ba:6c:3f:e9:9c:65:2a:4d:7b:bd:a2:75:
3c:3d:d6:a1:cb:82:c9:e5:d6:3e:77:f7:06:36:1b:5e:65:8e:
f8:35:75:cd:5e:b6:8b:50:d7:ef:82:9a:f1:a9:43:fa:d3:61:
01:26:83:57:38:1d:3e:c6:b5:5f:0b:26:96:e9:35:ca:c0:a7:
40:b5:de:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW5X/qC/m9maBOkzS/3B9sBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjUwMzIxMTU0MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGJhYzJhNDk1NTljMzRkMWMwN2FiZmIyNzE5YWVlNWQ2YTczMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiofzN9NDisz9ogcbtgI7dGb9hVoJ
87D0Y7Q0Q2XipPcXIGomJwSrMRybXAWYvewuAMt0r0DBUOfGGSolfej80Af1/EVc
u6v2AN2aJE8Nzd4h0SpO+vH25jdWgioskeINCk8RwcInsqPXmbskWReVk4IIQt2z
n5eODoDMUA0KREvMXji1oLOiZcl7l2ACTScFMRnm3GUY5PIPmq11xOvj4CeviKvs
VicPzvaxUIKd9XzkDWe0Tg/fmVJWNGwtgqYY3Dt5bnt+BIo4hfUi24vB+8aVQyFb
/hxWR3L0wWKtN1xdZ8OiJSSfbbd0KSunAMniggx7lQB0rAfpuZQesqu4QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPC6wqSVWcNNHAer+ycZruXWpzFTMB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvOExyQ3BKVlp3MDBjQjZ2N0p4bXU1ZGFuTVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+oEMA0G
CSqGSIb3DQEBCwUAA4IBAQBKLgjN8ijoaEMdpu8q3AQQB/hm8s8DoXlBxUpmmgFZ
ZDqUWf0OzcPIi279BLhufS30pv270gpOk7rpPljIZvXUAvGIVvY3jCHRK/YpHFda
/9y1td0MHCeswgjr6Ty+LGxOP48YP+vUQ/uWwwMLcc6iB72/LA7qdQ7WtYviOzPW
LHMK9SLg5gVQVax0EAOpIBCEahby/wZmSpt2+8hxtHv126OpBY0HEIxW8AR3X38O
3ppxChux7yeTFBa6bD/pnGUqTXu9onU8Pdahy4LJ5dY+d/cGNhteZY74NXXNXraL
UNfvgprxqUP602EBJoNXOB0+xrVfCyaW6TXKwKdAtd6L
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:57:26 2025 by rpki-client