Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/H8YJLWnpWipMvgIr9ji5smf4Tfk.roa
File: H8YJLWnpWipMvgIr9ji5smf4Tfk.roa (raw, json)
Hash identifier: M3PeYVw02zCqgGsGWVEqY9NDqtJ4pOhlFV2aXiG2+JY=
Subject key identifier: 1F:C6:09:2D:69:E9:5A:2A:4C:BE:02:2B:F6:38:B9:B2:67:F8:4D:F9
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 019427B42598531C735CF82BC5A494D87559
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/H8YJLWnpWipMvgIr9ji5smf4Tfk.roa
Signing time: Thu 02 Jan 2025 15:48:24 +0000
ROA not before: Thu 02 Jan 2025 15:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16125
IP address blocks: 213.252.248.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:25:98:53:1c:73:5c:f8:2b:c5:a4:94:d8:75:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 15:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fc6092d69e95a2a4cbe022bf638b9b267f84df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ec:c9:b0:df:39:30:8d:74:e9:be:d0:29:42:
40:2f:04:47:ff:7a:fa:5e:78:f1:af:d4:a0:00:a1:
c2:6f:8f:23:e1:1f:09:f5:4b:66:f4:36:03:bc:65:
b3:d1:c0:8a:fb:28:1a:92:2c:d6:44:9c:0f:87:ee:
82:e9:95:11:3a:a2:21:49:c7:11:ab:a4:07:19:23:
97:bb:53:2f:01:32:c3:39:9b:2f:81:eb:16:76:5c:
82:68:57:95:7a:ae:ed:d7:6c:69:a0:63:df:87:d0:
84:ba:6a:fe:d8:e8:31:6c:c8:ab:0b:30:3d:69:29:
d6:4f:57:d0:4b:08:b8:c8:8c:92:f4:6d:24:3a:9c:
6d:c2:ca:53:ad:7a:54:b5:11:c1:65:fb:a0:4e:b5:
6f:13:8d:6d:4b:86:22:cd:50:36:10:9a:c6:77:af:
11:60:a1:72:4f:6f:41:c8:45:87:36:6e:04:7b:e7:
9f:d4:de:87:41:1b:6c:db:e3:cf:93:51:9b:4b:b3:
3e:81:aa:9c:ba:0d:30:e3:e9:37:cf:7d:28:e0:67:
ab:90:57:c9:be:c7:4f:2c:34:26:7e:d4:cb:53:3f:
77:2c:a2:61:bf:64:57:22:00:93:61:65:13:af:fd:
99:f4:f5:b3:9b:b1:43:15:37:39:d7:d1:d5:6d:1d:
36:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C6:09:2D:69:E9:5A:2A:4C:BE:02:2B:F6:38:B9:B2:67:F8:4D:F9
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/H8YJLWnpWipMvgIr9ji5smf4Tfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.252.248.0/23
Signature Algorithm: sha256WithRSAEncryption
20:5c:4d:b6:15:d3:75:54:28:b1:4b:7c:6b:60:ad:ba:e4:8e:
7e:e1:76:2d:54:05:06:5d:cd:5b:97:1f:55:9f:3d:5c:ed:0b:
5d:60:37:40:19:d0:e9:d6:5b:74:b5:e8:5e:dd:ec:bf:b7:f5:
e3:a7:e1:0a:03:8c:f0:11:cb:40:5c:28:fd:9a:23:11:48:ff:
ab:1a:86:99:20:bd:3b:63:9c:67:45:31:0d:26:e1:02:16:80:
06:1a:8d:e7:87:f0:c8:63:df:fc:41:5c:c3:6a:7b:33:40:06:
06:88:42:e2:53:11:c3:38:9d:c2:f5:37:14:8c:f1:e1:78:06:
c3:21:78:eb:c2:b0:79:5c:79:25:63:17:8a:08:17:7a:42:16:
ed:b6:f5:2f:a5:f9:5d:70:23:3d:f6:5e:c4:ea:e5:f2:8a:07:
e5:15:6d:cd:e4:c6:0b:fd:db:01:f4:8f:62:06:31:ae:10:55:
b9:0b:c2:8d:5c:18:a2:87:76:2b:87:c2:9d:d3:c5:6f:ab:bf:
66:7c:fa:c3:64:8b:5a:62:f6:8f:38:fc:9f:ec:28:be:9f:bc:
21:bc:7e:54:d8:6d:c8:ea:53:d5:f1:1f:94:a8:91:0c:e1:0a:
9c:9c:b7:f6:35:d0:5a:4b:21:9e:92:3c:e4:d4:c4:8f:fe:be:
5c:53:dc:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntCWYUxxzXPgrxaSU2HVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTAyMTU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM2MDkyZDY5ZTk1YTJhNGNiZTAyMmJmNjM4YjliMjY3Zjg0ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuzJsN85MI106b7QKUJALwRH/3r6
Xnjxr9SgAKHCb48j4R8J9Utm9DYDvGWz0cCK+ygakizWRJwPh+6C6ZUROqIhSccR
q6QHGSOXu1MvATLDOZsvgesWdlyCaFeVeq7t12xpoGPfh9CEumr+2OgxbMirCzA9
aSnWT1fQSwi4yIyS9G0kOpxtwspTrXpUtRHBZfugTrVvE41tS4YizVA2EJrGd68R
YKFyT29ByEWHNm4Ee+ef1N6HQRts2+PPk1GbS7M+gaqcug0w4+k3z30o4GerkFfJ
vsdPLDQmftTLUz93LKJhv2RXIgCTYWUTr/2Z9PWzm7FDFTc519HVbR02YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/GCS1p6VoqTL4CK/Y4ubJn+E35MB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvSDhZSkxXbnBXaXBNdmdJcjlqaTVzbWY0VGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1fz4MA0G
CSqGSIb3DQEBCwUAA4IBAQAgXE22FdN1VCixS3xrYK265I5+4XYtVAUGXc1blx9V
nz1c7QtdYDdAGdDp1lt0tehe3ey/t/Xjp+EKA4zwEctAXCj9miMRSP+rGoaZIL07
Y5xnRTENJuECFoAGGo3nh/DIY9/8QVzDanszQAYGiELiUxHDOJ3C9TcUjPHheAbD
IXjrwrB5XHklYxeKCBd6QhbttvUvpfldcCM99l7E6uXyigflFW3N5MYL/dsB9I9i
BjGuEFW5C8KNXBiih3Yrh8Kd08Vvq79mfPrDZItaYvaPOPyf7Ci+n7whvH5U2G3I
6lPV8R+UqJEM4QqcnLf2NdBaSyGekjzk1MSP/r5cU9xK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:26 2025 by rpki-client