Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8af518-1566-4a6b-804b-1ab5d6209f57/1/mB8BgJX73rlkXVf4rQjQxZFmQ74.roa
File: mB8BgJX73rlkXVf4rQjQxZFmQ74.roa (raw, json)
Hash identifier: QKAp2j6WZ6bfCIMjIxWmPLwb9wQaET9IBZN0Uj+49mM=
Subject key identifier: 98:1F:01:80:95:FB:DE:B9:64:5D:57:F8:AD:08:D0:C5:91:66:43:BE
Certificate issuer: /CN=e062bb92bbee9f6de7757d256d48f66e207f44af
Certificate serial: 0194258F5ADC18FD4089D49D7CCE410227C0
Authority key identifier: E0:62:BB:92:BB:EE:9F:6D:E7:75:7D:25:6D:48:F6:6E:20:7F:44:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4GK7krvun23ndX0lbUj2biB_RK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8af518-1566-4a6b-804b-1ab5d6209f57/1/mB8BgJX73rlkXVf4rQjQxZFmQ74.roa
Signing time: Thu 02 Jan 2025 05:48:59 +0000
ROA not before: Thu 02 Jan 2025 05:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202333
IP address blocks: 194.156.214.0/24 maxlen: 24
194.156.215.0/24 maxlen: 24
2a07:e880::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5a:dc:18:fd:40:89:d4:9d:7c:ce:41:02:27:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e062bb92bbee9f6de7757d256d48f66e207f44af
Validity
Not Before: Jan 2 05:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=981f018095fbdeb9645d57f8ad08d0c5916643be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6e:27:6a:0e:99:f9:ad:a2:e2:14:e8:50:43:
9e:47:68:f3:f4:a7:06:42:40:60:41:61:2b:77:af:
cf:28:86:2b:c6:c0:ea:b1:ad:8a:43:1d:db:a3:4f:
8c:5e:3f:b6:e2:78:5a:df:0a:56:7e:e3:a0:23:fa:
25:04:99:ed:4d:e1:26:75:e0:38:68:7e:c3:82:93:
d9:5c:0e:c9:0d:3b:46:3a:cc:dc:be:6f:1f:59:b4:
1b:f5:7e:59:69:49:66:06:3c:2b:0b:4d:e3:e5:2c:
92:67:42:74:f6:40:22:0d:ba:63:49:9a:da:91:b5:
cf:66:e2:be:6c:f2:aa:b5:96:4f:1d:6f:db:e6:0e:
ee:e0:1f:64:ab:f7:00:7c:a4:14:f1:7b:25:d7:39:
64:58:d5:d4:e5:3a:15:4d:7b:f6:e5:0f:60:4a:fb:
24:88:e7:63:b6:63:f8:35:9d:11:fb:4f:68:92:2c:
38:02:98:4e:40:e2:49:1c:15:0d:da:3c:1b:cd:52:
65:74:42:8c:91:17:17:01:da:fb:c8:c7:6a:40:ff:
ab:b6:af:93:0d:0a:36:b0:b2:50:3f:52:07:9b:8d:
c1:a1:9d:05:1d:77:df:c6:74:03:43:73:dd:f2:ba:
07:06:f6:cc:c6:bb:3b:9a:6b:26:d7:56:9b:35:92:
68:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1F:01:80:95:FB:DE:B9:64:5D:57:F8:AD:08:D0:C5:91:66:43:BE
X509v3 Authority Key Identifier:
keyid:E0:62:BB:92:BB:EE:9F:6D:E7:75:7D:25:6D:48:F6:6E:20:7F:44:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4GK7krvun23ndX0lbUj2biB_RK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8af518-1566-4a6b-804b-1ab5d6209f57/1/mB8BgJX73rlkXVf4rQjQxZFmQ74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8af518-1566-4a6b-804b-1ab5d6209f57/1/4GK7krvun23ndX0lbUj2biB_RK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.214.0/23
IPv6:
2a07:e880::/30
Signature Algorithm: sha256WithRSAEncryption
92:34:7d:82:bd:be:f3:4f:02:00:fb:6b:28:89:2d:f8:26:a5:
f3:7a:45:3c:d4:71:da:de:97:de:85:8b:d0:c1:a0:8e:14:8b:
81:72:64:18:5d:41:aa:c1:09:d8:87:0a:4b:ca:2d:14:b9:64:
29:00:a8:e4:03:b5:fd:30:09:a8:4c:d3:94:a7:f6:47:b1:6c:
13:5a:52:7d:ec:54:47:98:68:c5:98:9d:19:76:4c:c6:8f:c2:
48:66:fc:d7:04:70:da:12:9d:44:8e:21:5d:da:2d:f9:ca:08:
1e:c4:a0:59:05:ff:b3:01:00:a3:2c:c7:0d:bc:d1:3f:75:59:
11:d5:45:6f:f9:b0:26:5c:92:fd:22:9a:25:6a:d7:82:fd:7b:
35:4e:a7:35:28:9a:dd:7e:e1:33:82:fa:ac:33:dd:58:0c:96:
55:0d:6a:c5:08:82:13:dc:a0:f5:be:44:d9:69:84:40:11:71:
0c:7f:8c:3f:12:52:8d:96:78:14:fc:2d:43:ff:f3:0b:f7:20:
3e:21:ec:2f:c7:f1:f0:32:5e:c8:b5:42:60:e4:0b:4e:b9:99:
da:a5:4d:ac:fb:8d:61:b7:00:a7:c9:03:a1:39:ed:81:8d:24:
46:8b:02:e9:84:19:bb:73:2e:59:be:bb:3c:0b:57:94:35:a2:
87:b9:0c:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj1rcGP1AidSdfM5BAifAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjJiYjkyYmJlZTlmNmRlNzc1N2QyNTZkNDhmNjZlMjA3
ZjQ0YWYwHhcNMjUwMTAyMDU0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODFmMDE4MDk1ZmJkZWI5NjQ1ZDU3ZjhhZDA4ZDBjNTkxNjY0M2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx24nag6Z+a2i4hToUEOeR2jz9KcG
QkBgQWErd6/PKIYrxsDqsa2KQx3bo0+MXj+24nha3wpWfuOgI/olBJntTeEmdeA4
aH7DgpPZXA7JDTtGOszcvm8fWbQb9X5ZaUlmBjwrC03j5SySZ0J09kAiDbpjSZra
kbXPZuK+bPKqtZZPHW/b5g7u4B9kq/cAfKQU8Xsl1zlkWNXU5ToVTXv25Q9gSvsk
iOdjtmP4NZ0R+09okiw4AphOQOJJHBUN2jwbzVJldEKMkRcXAdr7yMdqQP+rtq+T
DQo2sLJQP1IHm43BoZ0FHXffxnQDQ3Pd8roHBvbMxrs7mmsm11abNZJoFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJgfAYCV+965ZF1X+K0I0MWRZkO+MB8GA1UdIwQY
MBaAFOBiu5K77p9t53V9JW1I9m4gf0SvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdLN2tydnVuMjNuZFgwbGJVajJiaUJfUks4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84YWY1MTgtMTU2Ni00YTZiLTgwNGIt
MWFiNWQ2MjA5ZjU3LzEvbUI4QmdKWDczcmxrWFZmNHJRalF4WkZtUTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi84YWY1MTgtMTU2Ni00YTZiLTgwNGItMWFiNWQ2MjA5ZjU3
LzEvNEdLN2tydnVuMjNuZFgwbGJVajJiaUJfUks4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwpzWMA0E
AgACMAcDBQIqB+iAMA0GCSqGSIb3DQEBCwUAA4IBAQCSNH2Cvb7zTwIA+2soiS34
JqXzekU81HHa3pfehYvQwaCOFIuBcmQYXUGqwQnYhwpLyi0UuWQpAKjkA7X9MAmo
TNOUp/ZHsWwTWlJ97FRHmGjFmJ0ZdkzGj8JIZvzXBHDaEp1EjiFd2i35yggexKBZ
Bf+zAQCjLMcNvNE/dVkR1UVv+bAmXJL9IpolateC/Xs1Tqc1KJrdfuEzgvqsM91Y
DJZVDWrFCIIT3KD1vkTZaYRAEXEMf4w/ElKNlngU/C1D//ML9yA+Iewvx/HwMl7I
tUJg5AtOuZnapU2s+41htwCnyQOhOe2BjSRGiwLphBm7cy5Zvrs8C1eUNaKHuQxq
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:45:19 2025 by rpki-client