Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/8MbyE-4OrL7P8GU_4WtJX7VzClw.roa
File: 8MbyE-4OrL7P8GU_4WtJX7VzClw.roa (raw, json)
Hash identifier: cDYZ/3RLn+g2X5kWz+rDkjwltlRFzxCy/CwS4ENAJnU=
Subject key identifier: F0:C6:F2:13:EE:0E:AC:BE:CF:F0:65:3F:E1:6B:49:5F:B5:73:0A:5C
Certificate issuer: /CN=58ffa14df2a89cb6709636f2b0b570abccf8b84b
Certificate serial: 018570797E580C78B4CC34D5C4E5260727D9
Authority key identifier: 58:FF:A1:4D:F2:A8:9C:B6:70:96:36:F2:B0:B5:70:AB:CC:F8:B8:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WP-hTfKonLZwljbysLVwq8z4uEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/8MbyE-4OrL7P8GU_4WtJX7VzClw.roa
Signing time: Mon 02 Jan 2023 03:14:48 +0000
ROA not before: Mon 02 Jan 2023 03:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213251
IP address blocks: 185.216.214.0/24 maxlen: 24
2a0b:bbc0:1c00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:7e:58:0c:78:b4:cc:34:d5:c4:e5:26:07:27:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ffa14df2a89cb6709636f2b0b570abccf8b84b
Validity
Not Before: Jan 2 03:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0c6f213ee0eacbecff0653fe16b495fb5730a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8e:c2:5b:56:5f:fb:d5:d9:8c:d7:1c:6c:f7:
b6:21:b6:ae:f6:a7:ff:3a:11:35:97:9f:f2:46:5a:
01:e6:de:42:aa:81:a2:8d:24:88:24:a3:15:f5:12:
b0:1e:ac:42:14:be:f0:90:7b:cd:14:22:00:c9:de:
fe:77:71:b1:ff:93:81:61:d8:92:c0:74:54:16:0a:
36:a4:e2:5c:f0:d0:6f:d5:5d:12:69:e2:86:d8:75:
cc:47:90:66:23:5a:37:ae:90:76:55:7c:71:61:c0:
06:30:db:f3:67:88:a6:c8:e1:ad:e1:e1:ff:22:dd:
63:7f:3c:e3:81:93:f6:e4:a7:44:ef:b9:78:af:d4:
7b:7a:45:5a:cb:26:3d:6e:59:d1:0b:38:79:61:bc:
e1:38:ac:c9:ff:76:72:7f:af:bc:87:93:e2:df:60:
b0:ac:e6:b4:42:12:0d:0e:4c:c2:26:5c:04:03:8f:
7a:8f:f7:9c:96:51:31:e3:f7:60:3c:81:88:5c:47:
b0:ba:bc:db:a7:95:77:51:a2:dd:6c:e5:39:17:cf:
bd:0a:ab:2f:4d:68:2e:ef:43:f0:bf:e8:8b:59:68:
be:b4:2b:8c:cc:f4:51:19:91:90:ea:fb:33:e7:e4:
42:31:11:f7:ba:dd:f7:b5:54:05:12:00:d3:5d:86:
3d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C6:F2:13:EE:0E:AC:BE:CF:F0:65:3F:E1:6B:49:5F:B5:73:0A:5C
X509v3 Authority Key Identifier:
keyid:58:FF:A1:4D:F2:A8:9C:B6:70:96:36:F2:B0:B5:70:AB:CC:F8:B8:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WP-hTfKonLZwljbysLVwq8z4uEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/8MbyE-4OrL7P8GU_4WtJX7VzClw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/0b06bc-b8c7-4f75-b29e-c107a7ac0488/1/WP-hTfKonLZwljbysLVwq8z4uEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.214.0/24
IPv6:
2a0b:bbc0:1c00::/40
Signature Algorithm: sha256WithRSAEncryption
27:40:e8:99:3c:37:a5:8e:51:c9:26:5c:da:5e:c5:1c:46:bd:
4b:eb:42:6c:0d:a3:4f:3e:8f:4b:10:ba:72:75:31:37:34:10:
71:f7:31:ec:35:c1:45:c1:ad:05:e2:a8:8e:f9:0a:03:f1:62:
cf:cb:92:77:b5:6a:ac:81:cd:44:44:3b:7e:d7:77:09:3e:b1:
f5:83:8d:80:6b:6f:79:72:3c:f0:60:a1:68:e2:dc:35:cd:d2:
34:0f:69:65:9f:0e:cc:d4:fb:a4:dc:1c:57:1c:30:02:3b:26:
32:75:f7:7d:07:1c:04:d8:0a:cb:b6:12:38:d6:6a:f5:04:d8:
3d:39:2b:01:51:db:89:31:35:cc:6b:6d:7c:ea:99:13:1c:05:
2f:03:ff:7f:8c:b3:59:98:64:ee:50:3b:ff:a8:75:7b:26:08:
c5:dc:a8:a2:d8:67:db:61:51:c4:b4:3b:e3:13:11:4a:63:2e:
2b:6f:3f:bc:38:6c:e4:d6:79:6e:7e:cf:2f:6e:00:c0:fa:ed:
ac:b5:17:b0:fd:69:fe:53:b6:4c:7e:d8:87:0a:07:ff:48:d3:
18:36:00:a2:35:12:ac:b0:ba:df:0f:e3:b1:fb:e4:ed:ff:c3:
37:8a:93:63:4c:d1:31:ac:08:d1:ea:68:61:6f:83:dd:44:d0:
bd:52:a6:d8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVweX5YDHi0zDTVxOUmByfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZmZhMTRkZjJhODljYjY3MDk2MzZmMmIwYjU3MGFiY2Nm
OGI4NGIwHhcNMjMwMTAyMDMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM2ZjIxM2VlMGVhY2JlY2ZmMDY1M2ZlMTZiNDk1ZmI1NzMwYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY7CW1Zf+9XZjNccbPe2Ibau9qf/
OhE1l5/yRloB5t5CqoGijSSIJKMV9RKwHqxCFL7wkHvNFCIAyd7+d3Gx/5OBYdiS
wHRUFgo2pOJc8NBv1V0SaeKG2HXMR5BmI1o3rpB2VXxxYcAGMNvzZ4imyOGt4eH/
It1jfzzjgZP25KdE77l4r9R7ekVayyY9blnRCzh5YbzhOKzJ/3Zyf6+8h5Pi32Cw
rOa0QhINDkzCJlwEA496j/ecllEx4/dgPIGIXEewurzbp5V3UaLdbOU5F8+9Cqsv
TWgu70Pwv+iLWWi+tCuMzPRRGZGQ6vsz5+RCMRH3ut33tVQFEgDTXYY90QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPDG8hPuDqy+z/BlP+FrSV+1cwpcMB8GA1UdIwQY
MBaAFFj/oU3yqJy2cJY28rC1cKvM+LhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1AtaFRmS29uTFp3bGpieXNMVndxOHo0dUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wYjA2YmMtYjhjNy00Zjc1LWIyOWUt
YzEwN2E3YWMwNDg4LzEvOE1ieUUtNE9yTDdQOEdVXzRXdEpYN1Z6Q2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wYjA2YmMtYjhjNy00Zjc1LWIyOWUtYzEwN2E3YWMwNDg4
LzEvV1AtaFRmS29uTFp3bGpieXNMVndxOHo0dUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAudjWMA4E
AgACMAgDBgAqC7vAHDANBgkqhkiG9w0BAQsFAAOCAQEAJ0DomTw3pY5RySZc2l7F
HEa9S+tCbA2jTz6PSxC6cnUxNzQQcfcx7DXBRcGtBeKojvkKA/Fiz8uSd7VqrIHN
REQ7ftd3CT6x9YONgGtveXI88GChaOLcNc3SNA9pZZ8OzNT7pNwcVxwwAjsmMnX3
fQccBNgKy7YSONZq9QTYPTkrAVHbiTE1zGttfOqZExwFLwP/f4yzWZhk7lA7/6h1
eyYIxdyoothn22FRxLQ74xMRSmMuK28/vDhs5NZ5bn7PL24AwPrtrLUXsP1p/lO2
TH7YhwoH/0jTGDYAojUSrLC63w/jsfvk7f/DN4qTY0zRMawI0epoYW+D3UTQvVKm
2A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:55:53 2025 by rpki-client