Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/8HcGv1F-uSJnAG-HErcneQYZ2c4.roa
File: 8HcGv1F-uSJnAG-HErcneQYZ2c4.roa (raw, json)
Hash identifier: 3nxcSbsUm3vndWVPCbFIrIOjhD23ZH0lAiTrv1VxRhI=
Subject key identifier: F0:77:06:BF:51:7E:B9:22:67:00:6F:87:12:B7:27:79:06:19:D9:CE
Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf
Certificate serial: 0185737ABC135C4A8DD729A24D70FE545DC2
Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/8HcGv1F-uSJnAG-HErcneQYZ2c4.roa
Signing time: Mon 02 Jan 2023 17:15:01 +0000
ROA not before: Mon 02 Jan 2023 17:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 195.50.128.0/18 maxlen: 18
85.238.224.0/19 maxlen: 19
195.158.128.0/19 maxlen: 19
2a00::/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:bc:13:5c:4a:8d:d7:29:a2:4d:70:fe:54:5d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf
Validity
Not Before: Jan 2 17:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f07706bf517eb92267006f8712b727790619d9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:48:5b:b9:55:d4:86:ee:fb:e8:75:b1:90:
06:0d:6a:ca:04:ce:b6:c6:96:00:2c:08:6f:78:f1:
bc:95:57:37:15:76:de:9f:63:ec:ae:7b:0e:c3:37:
b3:07:f7:f3:ad:04:d1:47:ed:a0:3e:7c:db:66:20:
d9:24:08:1b:8f:5e:45:d4:7a:5a:bc:e7:86:a2:ac:
9b:c6:bd:66:19:3d:c9:55:a4:b3:67:5d:d8:f7:16:
b5:f7:7c:c8:41:f0:eb:57:40:80:1d:3e:81:8e:32:
49:c3:fc:e7:c1:8e:db:78:39:f9:ee:6b:bc:53:e9:
ec:27:97:1f:6a:92:32:ec:b7:a4:4d:84:3e:40:8b:
be:86:f3:23:5a:f1:90:04:42:9b:16:1a:34:8c:d3:
74:29:7b:9d:a3:ac:76:16:f0:52:76:02:a6:ba:18:
c5:ea:26:de:35:da:48:3b:b9:0e:12:3e:41:4b:fd:
57:fd:11:29:b2:87:7b:63:6a:46:4c:29:18:a0:03:
bb:52:25:25:6f:92:76:c9:92:c5:bc:ae:7e:e2:a6:
9d:8a:87:3e:e2:33:74:dd:b6:69:18:cb:69:a3:b5:
df:5b:41:95:46:71:fa:65:9b:61:ad:77:cf:2c:2a:
81:e7:f2:bf:28:7d:01:75:e9:22:9d:05:1d:75:b6:
42:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:77:06:BF:51:7E:B9:22:67:00:6F:87:12:B7:27:79:06:19:D9:CE
X509v3 Authority Key Identifier:
keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/8HcGv1F-uSJnAG-HErcneQYZ2c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.238.224.0/19
195.50.128.0/18
195.158.128.0/19
IPv6:
2a00::/22
Signature Algorithm: sha256WithRSAEncryption
51:c8:24:c5:ba:7b:50:7d:98:7a:76:c0:5f:6d:d7:26:bd:fb:
9e:d0:b8:b8:6b:63:50:84:d7:60:45:13:d5:85:35:2a:94:e6:
46:51:85:7e:1f:2e:2a:88:15:8f:38:f8:e2:2a:a9:2f:0c:a9:
53:9c:00:f8:38:4b:26:00:cc:69:22:43:65:de:08:5f:4f:1d:
a1:25:ec:23:b2:a0:ae:f3:31:2e:aa:b4:4c:05:de:fb:65:a9:
9f:c2:81:e4:a4:9e:97:49:b6:79:54:53:7d:7b:7b:27:95:04:
4c:f1:9c:dc:5e:78:56:c9:4a:e6:81:51:e3:69:77:db:e8:65:
f5:b8:aa:5a:a7:34:ec:6a:c9:ba:e4:fc:d2:6a:cb:b0:00:f3:
df:0b:20:cd:5f:b6:4a:7f:a6:13:c2:74:ec:af:b2:45:95:93:
0f:92:2a:ff:a6:4e:94:e0:7c:47:a0:06:97:c3:3d:40:4b:5e:
f9:65:a5:34:f8:5b:bd:e4:97:ac:dd:04:0d:12:00:8d:5b:46:
dd:28:70:19:17:61:3f:37:5e:f8:5e:17:1a:08:f9:26:14:0a:
53:e7:13:e2:52:6e:0c:fc:75:47:c9:26:47:cd:7d:77:66:5c:
ed:13:96:79:57:02:df:2b:cd:d3:a4:a0:be:0e:c3:45:a7:70:
51:d4:a0:6d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVzerwTXEqN1ymiTXD+VF3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw
MzRhYmYwHhcNMjMwMTAyMTcxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDc3MDZiZjUxN2ViOTIyNjcwMDZmODcxMmI3Mjc3OTA2MTlkOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMlIW7lV1Ibu++h1sZAGDWrKBM62
xpYALAhvePG8lVc3FXben2PsrnsOwzezB/fzrQTRR+2gPnzbZiDZJAgbj15F1Hpa
vOeGoqybxr1mGT3JVaSzZ13Y9xa193zIQfDrV0CAHT6BjjJJw/znwY7beDn57mu8
U+nsJ5cfapIy7LekTYQ+QIu+hvMjWvGQBEKbFho0jNN0KXudo6x2FvBSdgKmuhjF
6ibeNdpIO7kOEj5BS/1X/REpsod7Y2pGTCkYoAO7UiUlb5J2yZLFvK5+4qadioc+
4jN03bZpGMtpo7XfW0GVRnH6ZZthrXfPLCqB5/K/KH0BdekinQUddbZChQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPB3Br9RfrkiZwBvhxK3J3kGGdnOMB8GA1UdIwQY
MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt
OTJiNjc5NmM3N2NjLzEvOEhjR3YxRi11U0puQUctSEVyY25lUVlaMmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj
LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAYBAIAATASAwQFVe7gAwQG
wzKAAwQFw56AMAwEAgACMAYDBAIqAAAwDQYJKoZIhvcNAQELBQADggEBAFHIJMW6
e1B9mHp2wF9t1ya9+57QuLhrY1CE12BFE9WFNSqU5kZRhX4fLiqIFY84+OIqqS8M
qVOcAPg4SyYAzGkiQ2XeCF9PHaEl7COyoK7zMS6qtEwF3vtlqZ/CgeSknpdJtnlU
U317eyeVBEzxnNxeeFbJSuaBUeNpd9voZfW4qlqnNOxqybrk/NJqy7AA898LIM1f
tkp/phPCdOyvskWVkw+SKv+mTpTgfEegBpfDPUBLXvllpTT4W73kl6zdBA0SAI1b
Rt0ocBkXYT83XvheFxoI+SYUClPnE+JSbgz8dUfJJkfNfXdmXO0TlnlXAt8rzdOk
oL4Ow0WncFHUoG0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:44:31 2025 by rpki-client