Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7642b9-caa0-43df-8205-2f18aa636bca/1/B8bAMNxxrjEgAheWJ73U3OS7H0c.roa
File: B8bAMNxxrjEgAheWJ73U3OS7H0c.roa (raw, json)
Hash identifier: eUJTPMgB7qHVCBsvmvUZqAZ3uS8/L3DtiLAehnzbAeU=
Subject key identifier: 07:C6:C0:30:DC:71:AE:31:20:02:17:96:27:BD:D4:DC:E4:BB:1F:47
Certificate issuer: /CN=e4b90db21816df01f70f296683fea2c0ac8161d9
Certificate serial: 018572BA3E2EA4CFB341E267BA738F49656F
Authority key identifier: E4:B9:0D:B2:18:16:DF:01:F7:0F:29:66:83:FE:A2:C0:AC:81:61:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5LkNshgW3wH3Dylmg_6iwKyBYdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7642b9-caa0-43df-8205-2f18aa636bca/1/B8bAMNxxrjEgAheWJ73U3OS7H0c.roa
Signing time: Mon 02 Jan 2023 13:44:46 +0000
ROA not before: Mon 02 Jan 2023 13:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 87.236.144.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:3e:2e:a4:cf:b3:41:e2:67:ba:73:8f:49:65:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4b90db21816df01f70f296683fea2c0ac8161d9
Validity
Not Before: Jan 2 13:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07c6c030dc71ae312002179627bdd4dce4bb1f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:aa:52:e5:40:40:c8:e8:6a:f9:0c:82:32:b5:
0f:4a:d7:e6:65:8e:bd:d3:03:39:38:67:2b:47:6f:
a1:b6:4c:33:64:60:1c:17:bc:86:80:c8:6b:de:37:
5f:22:a5:a1:b0:4e:4a:b4:1b:82:0a:44:9d:b8:13:
fd:24:1c:cb:62:66:04:f0:85:e4:4a:0d:fb:e9:4c:
0b:8f:eb:cb:d1:ad:02:bc:ac:fb:a9:60:67:9e:e1:
7e:d7:4f:4b:6f:86:7b:f6:5f:f7:df:4b:a1:19:58:
68:f3:60:b9:34:b6:98:80:09:ec:6a:12:af:63:5c:
86:a8:86:b0:e9:19:29:7d:e8:69:6a:1a:86:54:ec:
71:fa:63:3d:aa:c2:e4:52:53:ba:01:73:fb:87:fe:
3c:50:a5:9c:ef:4a:fe:38:13:06:70:7d:45:9a:0e:
1c:d8:41:4f:2f:13:6c:6e:5e:b7:4c:1e:eb:fc:e9:
da:7a:1d:5f:da:88:4f:0e:aa:79:ef:8e:93:8a:91:
6f:f2:c9:5e:c3:13:15:5e:13:04:c4:99:f7:c9:ed:
5a:f2:db:b3:ec:7e:65:ed:25:94:ab:b8:c4:9e:b3:
3a:50:57:b5:be:e4:28:53:89:67:50:66:45:10:3d:
c5:ed:0d:31:a4:db:68:69:e0:c9:94:34:24:e1:d4:
a9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C6:C0:30:DC:71:AE:31:20:02:17:96:27:BD:D4:DC:E4:BB:1F:47
X509v3 Authority Key Identifier:
keyid:E4:B9:0D:B2:18:16:DF:01:F7:0F:29:66:83:FE:A2:C0:AC:81:61:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LkNshgW3wH3Dylmg_6iwKyBYdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7642b9-caa0-43df-8205-2f18aa636bca/1/B8bAMNxxrjEgAheWJ73U3OS7H0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7642b9-caa0-43df-8205-2f18aa636bca/1/5LkNshgW3wH3Dylmg_6iwKyBYdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.144.0/24
Signature Algorithm: sha256WithRSAEncryption
51:b3:14:38:b0:2e:05:b2:11:e1:b0:94:63:61:27:70:2c:d8:
8e:1b:2e:3e:68:d1:54:04:59:97:4f:d8:c1:42:b8:c0:e1:15:
e3:83:04:46:39:22:5c:ba:e0:01:c6:0a:8f:92:0c:1f:26:1d:
d0:77:f8:a3:bf:75:3b:3d:7a:76:fc:ef:0c:62:84:53:d0:fa:
d5:ef:cb:88:bc:f6:fa:b6:44:85:12:63:08:02:e3:6c:91:e4:
dd:f1:d1:f3:a6:9c:ce:b3:25:a0:c9:cc:a0:c3:f2:b1:98:c0:
fd:09:76:e9:dc:d9:56:30:c5:21:f3:de:27:c4:b2:59:d0:c3:
ca:13:ab:66:a5:ba:ed:01:1a:63:1a:16:c6:c5:bb:fd:e1:47:
a2:c2:ea:e1:31:98:c1:47:37:5d:62:33:f5:72:c7:19:eb:a6:
77:8b:38:92:61:5e:32:55:c9:06:51:c4:5f:95:b7:0d:fe:87:
e3:a1:28:c5:98:39:c3:13:13:ff:a2:11:34:a5:e3:dc:f4:99:
67:c2:11:ea:39:f8:d0:70:59:e7:2c:cb:ca:92:78:a3:c7:c4:
d9:9c:c2:19:1c:4c:e9:46:3c:cb:0c:5a:89:8f:44:5c:bc:cd:
12:8e:8b:7e:22:b8:7e:ab:60:68:8d:e9:7d:e1:21:23:ed:6b:
16:3e:d0:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyuj4upM+zQeJnunOPSWVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjkwZGIyMTgxNmRmMDFmNzBmMjk2NjgzZmVhMmMwYWM4
MTYxZDkwHhcNMjMwMTAyMTM0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2M2YzAzMGRjNzFhZTMxMjAwMjE3OTYyN2JkZDRkY2U0YmIxZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqpS5UBAyOhq+QyCMrUPStfmZY69
0wM5OGcrR2+htkwzZGAcF7yGgMhr3jdfIqWhsE5KtBuCCkSduBP9JBzLYmYE8IXk
Sg376UwLj+vL0a0CvKz7qWBnnuF+109Lb4Z79l/330uhGVho82C5NLaYgAnsahKv
Y1yGqIaw6RkpfehpahqGVOxx+mM9qsLkUlO6AXP7h/48UKWc70r+OBMGcH1Fmg4c
2EFPLxNsbl63TB7r/Onaeh1f2ohPDqp5746TipFv8slewxMVXhMExJn3ye1a8tuz
7H5l7SWUq7jEnrM6UFe1vuQoU4lnUGZFED3F7Q0xpNtoaeDJlDQk4dSp3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfGwDDcca4xIAIXlie91Nzkux9HMB8GA1UdIwQY
MBaAFOS5DbIYFt8B9w8pZoP+osCsgWHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxrTnNoZ1czd0gzRHlsbWdfNml3S3lCWWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83NjQyYjktY2FhMC00M2RmLTgyMDUt
MmYxOGFhNjM2YmNhLzEvQjhiQU1OeHhyakVnQWhlV0o3M1UzT1M3SDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83NjQyYjktY2FhMC00M2RmLTgyMDUtMmYxOGFhNjM2YmNh
LzEvNUxrTnNoZ1czd0gzRHlsbWdfNml3S3lCWWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+yQMA0G
CSqGSIb3DQEBCwUAA4IBAQBRsxQ4sC4FshHhsJRjYSdwLNiOGy4+aNFUBFmXT9jB
QrjA4RXjgwRGOSJcuuABxgqPkgwfJh3Qd/ijv3U7PXp2/O8MYoRT0PrV78uIvPb6
tkSFEmMIAuNskeTd8dHzppzOsyWgycygw/KxmMD9CXbp3NlWMMUh894nxLJZ0MPK
E6tmpbrtARpjGhbGxbv94UeiwurhMZjBRzddYjP1cscZ66Z3iziSYV4yVckGUcRf
lbcN/ofjoSjFmDnDExP/ohE0pePc9JlnwhHqOfjQcFnnLMvKknijx8TZnMIZHEzp
RjzLDFqJj0RcvM0Sjot+Irh+q2Bojel94SEj7WsWPtDm
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:22:43 2025 by rpki-client