Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/08MOvb96w4xsKgP9JS0zoI8sRTk.roa
File: 08MOvb96w4xsKgP9JS0zoI8sRTk.roa (raw, json)
Hash identifier: 8gdw/ohva2RMhv163mHOocjNP3BJgaz4YyRqUuNJ7fc=
Subject key identifier: D3:C3:0E:BD:BF:7A:C3:8C:6C:2A:03:FD:25:2D:33:A0:8F:2C:45:39
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 0194266C387523361D490C432D492CA240AE
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/08MOvb96w4xsKgP9JS0zoI8sRTk.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 46.21.250.0/24 maxlen: 24
212.8.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:38:75:23:36:1d:49:0c:43:2d:49:2c:a2:40:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3c30ebdbf7ac38c6c2a03fd252d33a08f2c4539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8a:35:d2:e2:b8:cc:65:27:58:cb:78:ae:c4:
e6:14:f4:6d:fc:b5:e6:13:13:91:94:b8:f1:87:90:
2d:0a:ef:fa:81:c1:51:0d:10:21:53:fa:41:df:f0:
48:52:58:98:f5:88:0f:47:f3:6c:58:3b:82:4f:f8:
24:0c:1d:12:e1:9f:e9:e5:e9:ee:b4:5d:e0:04:83:
71:34:82:46:9f:8d:30:84:3d:9a:ad:fe:3a:70:f0:
27:cb:39:4a:3a:af:9c:1b:6d:44:44:46:65:2a:41:
f8:89:ad:4f:2e:6e:8b:96:a0:b1:3a:13:a8:e6:35:
0c:ac:58:27:3c:a0:ae:16:92:a0:a3:0f:52:67:b3:
b2:21:70:74:0d:d9:21:9c:ca:95:1a:6c:1b:58:23:
67:38:c4:57:63:27:e1:ec:07:61:f6:8a:f4:dd:0e:
99:ef:92:62:19:b6:0f:45:40:2d:60:71:71:bb:1f:
6b:77:ea:c5:2d:50:33:b5:5e:5b:0a:81:78:7e:52:
72:dd:f9:34:68:db:e2:61:ca:31:1a:4c:30:fc:ef:
25:0c:f4:7e:25:cc:43:fa:87:bd:ce:50:f8:cf:21:
cd:91:ca:c9:fa:ab:57:81:f3:b7:f6:00:b0:6b:f0:
44:4e:cd:95:25:a0:f4:d9:b3:54:43:2b:1b:05:59:
e7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C3:0E:BD:BF:7A:C3:8C:6C:2A:03:FD:25:2D:33:A0:8F:2C:45:39
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/08MOvb96w4xsKgP9JS0zoI8sRTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.250.0/24
212.8.245.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:69:3b:58:a7:c4:9f:26:94:4b:b0:d1:79:9f:4d:5d:ca:5e:
95:1e:f6:16:5e:a6:d9:94:0d:1c:4b:16:98:62:eb:0b:5b:b4:
90:a7:ea:54:cf:19:84:e4:ee:2b:d1:3c:1c:de:9f:6a:5a:ec:
ac:89:8b:43:72:47:2d:7e:b1:90:ba:b6:26:b0:2b:43:ad:09:
80:b3:b7:99:4e:9a:90:02:58:aa:60:bf:a4:65:6d:01:ff:4b:
f7:7e:79:df:d1:00:3f:95:f6:65:3f:c2:ff:bb:43:78:78:cb:
d0:48:75:3e:70:04:62:d6:f1:6b:a6:21:72:fe:47:9c:df:a9:
82:7c:e2:32:da:7d:1f:a9:f1:2a:70:26:34:37:ee:8b:bb:9d:
46:d9:55:a0:b6:05:0c:b3:2f:2c:24:3c:de:ee:7a:ec:5a:08:
8c:e3:42:cb:7d:69:78:1e:84:70:eb:7e:d3:58:3a:a9:83:57:
e1:06:e5:d0:df:37:93:d8:e3:7a:91:af:a4:30:ba:2c:bd:7d:
ec:b2:5c:18:42:73:db:31:cd:62:a5:57:88:25:7e:c6:fc:25:
f4:af:c0:7f:16:12:3a:b3:f4:b1:02:6a:59:80:b4:48:d1:fd:
24:dd:71:00:0c:5c:53:df:ff:72:b3:2b:30:87:f8:92:e1:63:
6b:93:00:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmbDh1IzYdSQxDLUksokCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2MzMGViZGJmN2FjMzhjNmMyYTAzZmQyNTJkMzNhMDhmMmM0NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoo10uK4zGUnWMt4rsTmFPRt/LXm
ExORlLjxh5AtCu/6gcFRDRAhU/pB3/BIUliY9YgPR/NsWDuCT/gkDB0S4Z/p5enu
tF3gBINxNIJGn40whD2arf46cPAnyzlKOq+cG21EREZlKkH4ia1PLm6LlqCxOhOo
5jUMrFgnPKCuFpKgow9SZ7OyIXB0DdkhnMqVGmwbWCNnOMRXYyfh7Adh9or03Q6Z
75JiGbYPRUAtYHFxux9rd+rFLVAztV5bCoF4flJy3fk0aNviYcoxGkww/O8lDPR+
JcxD+oe9zlD4zyHNkcrJ+qtXgfO39gCwa/BETs2VJaD02bNUQysbBVnn+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNPDDr2/esOMbCoD/SUtM6CPLEU5MB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvMDhNT3ZiOTZ3NHhzS2dQOUpTMHpvSThzUlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhX6AwQA
1Aj1MA0GCSqGSIb3DQEBCwUAA4IBAQAuaTtYp8SfJpRLsNF5n01dyl6VHvYWXqbZ
lA0cSxaYYusLW7SQp+pUzxmE5O4r0Twc3p9qWuysiYtDckctfrGQurYmsCtDrQmA
s7eZTpqQAliqYL+kZW0B/0v3fnnf0QA/lfZlP8L/u0N4eMvQSHU+cARi1vFrpiFy
/kec36mCfOIy2n0fqfEqcCY0N+6Lu51G2VWgtgUMsy8sJDze7nrsWgiM40LLfWl4
HoRw637TWDqpg1fhBuXQ3zeT2ON6ka+kMLosvX3sslwYQnPbMc1ipVeIJX7G/CX0
r8B/FhI6s/SxAmpZgLRI0f0k3XEADFxT3/9ysyswh/iS4WNrkwAc
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:34 2025 by rpki-client