Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/8BhJBrgJU6QTtBxUF9P-mg4e0FY.roa
File: 8BhJBrgJU6QTtBxUF9P-mg4e0FY.roa (raw, json)
Hash identifier: NHMGlFSWYU71U5CjbiwbYwVbjDXPm6NLwAYxgGFRzxI=
Subject key identifier: F0:18:49:06:B8:09:53:A4:13:B4:1C:54:17:D3:FE:9A:0E:1E:D0:56
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0194221FDD4BC88AB528D17A1D84E3D397DE
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/8BhJBrgJU6QTtBxUF9P-mg4e0FY.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212027
IP address blocks: 213.137.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:dd:4b:c8:8a:b5:28:d1:7a:1d:84:e3:d3:97:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0184906b80953a413b41c5417d3fe9a0e1ed056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c2:34:64:de:95:58:ec:7c:3d:6e:4f:6c:6a:
18:3c:2e:7e:2b:ef:6b:25:ae:eb:84:f4:98:08:60:
55:eb:f6:1c:b1:c6:2d:ec:b0:b9:a9:64:ef:21:5d:
a5:10:1b:2a:1e:02:b4:2c:d4:f5:9c:9f:89:4c:55:
5d:42:ff:86:e7:fa:32:f0:40:b4:68:e1:c5:12:5f:
2d:22:2d:51:6a:84:48:a7:30:8d:e0:7b:e5:8f:93:
cb:2c:75:26:1e:1d:ee:47:84:f3:3a:67:d8:ab:d9:
98:22:6e:f7:df:a1:66:78:3f:bc:aa:e2:a5:90:8c:
f0:5c:ad:c4:e7:8a:30:1a:fe:b8:ee:36:57:3a:64:
18:5c:89:b1:ef:57:63:d6:d7:68:fe:20:8b:d7:76:
18:24:72:d3:45:68:88:e3:b5:32:7d:51:c3:27:9b:
03:06:2f:bd:82:ab:4c:4a:12:e5:b5:41:51:09:d6:
1f:e4:3a:cf:40:40:bd:e8:71:b0:b6:5a:a7:e4:80:
4c:de:a6:54:07:fc:0e:f6:eb:42:39:5e:7c:96:4f:
4f:5d:c5:e6:e5:aa:b6:20:36:09:45:d1:a1:27:39:
6e:f9:2d:d3:6a:8f:84:0e:f8:ec:ea:83:c0:14:5b:
57:13:ac:80:d8:98:59:55:2a:b9:75:01:6d:53:45:
23:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:18:49:06:B8:09:53:A4:13:B4:1C:54:17:D3:FE:9A:0E:1E:D0:56
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/8BhJBrgJU6QTtBxUF9P-mg4e0FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.137.88.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:fe:9d:d8:da:83:c2:e5:50:01:17:0a:29:55:2e:69:4e:67:
a3:de:2f:ce:55:4a:40:92:a3:20:36:5b:88:ff:c6:dc:6c:fb:
76:70:50:11:99:72:45:d0:49:18:f4:08:74:31:ef:7f:33:fd:
f4:8a:e2:f5:9a:f0:b7:b4:7f:7b:e4:9e:c7:79:57:64:98:68:
83:9f:fa:15:09:7b:79:fa:07:40:ef:eb:1f:c5:2f:86:a9:9e:
50:af:06:28:c3:c0:ab:96:c1:bc:17:74:fe:b1:0d:b3:16:99:
43:73:db:38:2f:0a:45:df:5d:0b:68:f5:b8:82:2c:ca:8c:2f:
46:fa:43:5e:3d:2b:13:0c:5f:2a:2f:f6:f5:9b:20:b1:bd:9b:
5d:da:f8:e6:43:7e:69:e9:8b:ee:e3:eb:1f:87:c9:68:38:ae:
d7:62:5a:f2:a7:86:ba:43:5c:b3:83:4b:87:9a:c7:94:ea:6a:
fb:53:af:4e:99:76:d6:73:cf:56:5b:ee:f7:17:0d:5c:b5:e3:
1c:23:dc:30:ec:d0:0e:a7:18:6a:05:83:d0:4f:8d:f0:6c:df:
2d:df:ed:33:03:65:ba:29:24:b2:72:22:38:6e:7d:85:bf:6d:
5d:39:ba:40:a1:b0:93:d7:f4:91:03:c1:82:60:62:10:f2:66:
49:ef:47:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH91LyIq1KNF6HYTj05feMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDE4NDkwNmI4MDk1M2E0MTNiNDFjNTQxN2QzZmU5YTBlMWVkMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sI0ZN6VWOx8PW5PbGoYPC5+K+9r
Ja7rhPSYCGBV6/YcscYt7LC5qWTvIV2lEBsqHgK0LNT1nJ+JTFVdQv+G5/oy8EC0
aOHFEl8tIi1RaoRIpzCN4Hvlj5PLLHUmHh3uR4TzOmfYq9mYIm7336FmeD+8quKl
kIzwXK3E54owGv647jZXOmQYXImx71dj1tdo/iCL13YYJHLTRWiI47UyfVHDJ5sD
Bi+9gqtMShLltUFRCdYf5DrPQEC96HGwtlqn5IBM3qZUB/wO9utCOV58lk9PXcXm
5aq2IDYJRdGhJzlu+S3Tao+EDvjs6oPAFFtXE6yA2JhZVSq5dQFtU0UjfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAYSQa4CVOkE7QcVBfT/poOHtBWMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvOEJoSkJyZ0pVNlFUdEJ4VUY5UC1tZzRlMEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YlYMA0G
CSqGSIb3DQEBCwUAA4IBAQBO/p3Y2oPC5VABFwopVS5pTmej3i/OVUpAkqMgNluI
/8bcbPt2cFARmXJF0EkY9Ah0Me9/M/30iuL1mvC3tH975J7HeVdkmGiDn/oVCXt5
+gdA7+sfxS+GqZ5QrwYow8CrlsG8F3T+sQ2zFplDc9s4LwpF310LaPW4gizKjC9G
+kNePSsTDF8qL/b1myCxvZtd2vjmQ35p6Yvu4+sfh8loOK7XYlryp4a6Q1yzg0uH
mseU6mr7U69OmXbWc89WW+73Fw1cteMcI9ww7NAOpxhqBYPQT43wbN8t3+0zA2W6
KSSyciI4bn2Fv21dObpAobCT1/SRA8GCYGIQ8mZJ70dl
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:41 2025 by rpki-client