Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/jrWoUX2I08t96DUAzMXpfrjbImw.roa
File: jrWoUX2I08t96DUAzMXpfrjbImw.roa (raw, json)
Hash identifier: 5fZxekpC+R8XTkzuMqL1WK63VlO9GSurjZzzW/k5L60=
Subject key identifier: 8E:B5:A8:51:7D:88:D3:CB:7D:E8:35:00:CC:C5:E9:7E:B8:DB:22:6C
Certificate issuer: /CN=7f6bd1a6b04625c571d830f878b1c0238247408c
Certificate serial: 0194CD0A863CE1FB7E4487C0288E7F3266E3
Authority key identifier: 7F:6B:D1:A6:B0:46:25:C5:71:D8:30:F8:78:B1:C0:23:82:47:40:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/jrWoUX2I08t96DUAzMXpfrjbImw.roa
Signing time: Mon 03 Feb 2025 18:20:06 +0000
ROA not before: Mon 03 Feb 2025 18:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 86.54.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cd:0a:86:3c:e1:fb:7e:44:87:c0:28:8e:7f:32:66:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f6bd1a6b04625c571d830f878b1c0238247408c
Validity
Not Before: Feb 3 18:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8eb5a8517d88d3cb7de83500ccc5e97eb8db226c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2c:49:e8:b7:d5:97:ed:d3:01:21:66:7d:4f:
1b:de:e0:72:4c:f0:44:ad:ff:05:a9:87:99:da:37:
41:cb:e2:b0:ee:45:4c:7e:09:0b:9e:8a:a0:b5:db:
47:c0:76:17:df:a0:58:de:8b:d2:a5:c4:c2:42:6f:
e2:5c:2a:81:7f:33:d6:68:0e:7f:80:95:03:f8:fe:
42:04:81:c9:d0:46:8f:47:64:b5:26:e2:a9:b3:2c:
4a:c8:d9:67:a9:b2:4f:d7:93:8d:83:28:d7:ec:9f:
d9:39:a6:e7:ed:64:97:f1:aa:3c:bb:2b:92:13:93:
8c:03:90:58:7d:fa:0e:f1:0f:2f:06:64:a7:34:88:
e9:f7:90:a3:7f:5c:3c:0b:87:bf:41:d7:b0:d7:b6:
32:29:62:6e:35:05:50:5c:a6:f6:86:f0:f5:6e:65:
f0:88:db:eb:46:e1:4b:20:0e:39:a7:6a:52:76:0a:
4f:33:47:99:d7:22:ca:e9:9a:6b:9c:d2:86:03:ae:
1f:64:32:af:b8:20:29:4c:c0:75:a8:83:f9:09:43:
ce:8f:4e:a2:33:d8:f8:2e:06:ae:c9:14:7d:fa:fd:
be:b5:69:d3:83:84:35:ca:99:7d:0f:8b:07:0a:ff:
84:65:47:23:72:9f:89:7d:09:e9:41:91:33:e1:b7:
73:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B5:A8:51:7D:88:D3:CB:7D:E8:35:00:CC:C5:E9:7E:B8:DB:22:6C
X509v3 Authority Key Identifier:
keyid:7F:6B:D1:A6:B0:46:25:C5:71:D8:30:F8:78:B1:C0:23:82:47:40:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/jrWoUX2I08t96DUAzMXpfrjbImw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/f2vRprBGJcVx2DD4eLHAI4JHQIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.81.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:20:69:71:5a:a7:1a:75:c3:7e:af:96:a4:31:96:3c:a4:5c:
9f:54:d5:34:c5:f0:db:97:58:35:e2:37:34:0b:71:a5:08:c6:
c3:68:b0:bf:7e:78:0b:a9:94:17:18:20:41:bd:b1:41:8c:58:
59:8c:f5:04:67:2a:84:e4:b6:a9:ce:09:c8:2a:30:2a:9d:17:
be:4d:be:16:39:05:fb:33:5c:31:c0:70:cc:52:7d:bc:e0:88:
dc:38:4a:93:b1:b7:c0:c5:f7:77:c8:00:e9:f5:c7:23:25:12:
bd:1e:0b:04:ae:01:eb:d8:e6:f0:53:8a:bf:dc:30:e9:c4:c6:
06:cc:4c:a3:d0:dd:7f:fe:b0:c7:d0:4f:d1:a5:6f:11:ae:f5:
2a:a7:07:39:0b:ee:29:87:00:e0:63:d9:f5:cc:c4:71:dd:30:
f3:ed:e1:83:9f:4e:3b:6e:47:3a:b5:e0:59:59:64:a2:fc:64:
6f:69:1a:8e:4f:19:fb:de:7e:45:de:a3:07:f6:1d:f2:df:1f:
3a:14:8f:42:d5:4f:73:6f:1b:8b:db:28:d7:c0:17:e1:9a:ab:
c7:ff:2a:77:29:5a:47:3e:74:3a:9e:e1:c5:0a:15:52:35:80:
9b:5c:85:eb:03:19:8b:30:91:b9:c8:01:cc:3d:0d:db:2a:ae:
f4:3f:cb:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTNCoY84ft+RIfAKI5/MmbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNmJkMWE2YjA0NjI1YzU3MWQ4MzBmODc4YjFjMDIzODI0
NzQwOGMwHhcNMjUwMjAzMTgyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWI1YTg1MTdkODhkM2NiN2RlODM1MDBjY2M1ZTk3ZWI4ZGIyMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSxJ6LfVl+3TASFmfU8b3uByTPBE
rf8FqYeZ2jdBy+Kw7kVMfgkLnoqgtdtHwHYX36BY3ovSpcTCQm/iXCqBfzPWaA5/
gJUD+P5CBIHJ0EaPR2S1JuKpsyxKyNlnqbJP15ONgyjX7J/ZOabn7WSX8ao8uyuS
E5OMA5BYffoO8Q8vBmSnNIjp95Cjf1w8C4e/Qdew17YyKWJuNQVQXKb2hvD1bmXw
iNvrRuFLIA45p2pSdgpPM0eZ1yLK6ZprnNKGA64fZDKvuCApTMB1qIP5CUPOj06i
M9j4LgauyRR9+v2+tWnTg4Q1ypl9D4sHCv+EZUcjcp+JfQnpQZEz4bdzuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI61qFF9iNPLfeg1AMzF6X642yJsMB8GA1UdIwQY
MBaAFH9r0aawRiXFcdgw+HixwCOCR0CMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjJ2UnByQkdKY1Z4MkRENGVMSEFJNEpIUUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9iYzY2ZDctNTdhYi00NzVkLTk2YmEt
ODliNmMzMjMxNWMyLzEvanJXb1VYMkkwOHQ5NkRVQXpNWHBmcmpiSW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9iYzY2ZDctNTdhYi00NzVkLTk2YmEtODliNmMzMjMxNWMy
LzEvZjJ2UnByQkdKY1Z4MkRENGVMSEFJNEpIUUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVjZRMA0G
CSqGSIb3DQEBCwUAA4IBAQCkIGlxWqcadcN+r5akMZY8pFyfVNU0xfDbl1g14jc0
C3GlCMbDaLC/fngLqZQXGCBBvbFBjFhZjPUEZyqE5LapzgnIKjAqnRe+Tb4WOQX7
M1wxwHDMUn284IjcOEqTsbfAxfd3yADp9ccjJRK9HgsErgHr2ObwU4q/3DDpxMYG
zEyj0N1//rDH0E/RpW8RrvUqpwc5C+4phwDgY9n1zMRx3TDz7eGDn047bkc6teBZ
WWSi/GRvaRqOTxn73n5F3qMH9h3y3x86FI9C1U9zbxuL2yjXwBfhmqvH/yp3KVpH
PnQ6nuHFChVSNYCbXIXrAxmLMJG5yAHMPQ3bKq70P8v/
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:47 2025 by rpki-client