Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bc8b3a-db3d-42d6-91c0-af8cda25566a/1/81AF1S3UpYNOqHVCpHzD3-eLXso.roa
File: 81AF1S3UpYNOqHVCpHzD3-eLXso.roa (raw, json)
Hash identifier: 8dkp1hQeQH4v5/6GzyUVvjnUf/bAxjzY0c4Ic5BOeSA=
Subject key identifier: F3:50:05:D5:2D:D4:A5:83:4E:A8:75:42:A4:7C:C3:DF:E7:8B:5E:CA
Certificate issuer: /CN=c96640eaef031cb24beb365ec0dabeb26173c421
Certificate serial: 018CC26D75A5180F738D3F91960C69453351
Authority key identifier: C9:66:40:EA:EF:03:1C:B2:4B:EB:36:5E:C0:DA:BE:B2:61:73:C4:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yWZA6u8DHLJL6zZewNq-smFzxCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bc8b3a-db3d-42d6-91c0-af8cda25566a/1/81AF1S3UpYNOqHVCpHzD3-eLXso.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51191
IP address blocks: 185.108.216.0/22 maxlen: 22
2a06:4b00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:75:a5:18:0f:73:8d:3f:91:96:0c:69:45:33:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c96640eaef031cb24beb365ec0dabeb26173c421
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f35005d52dd4a5834ea87542a47cc3dfe78b5eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8c:fb:85:70:a8:ed:dc:ce:f6:77:8c:b5:eb:
43:34:56:99:01:cf:0c:8b:6f:20:1e:ab:03:9e:8e:
0a:51:31:a1:b0:d5:fb:f7:37:23:b7:c4:a9:72:48:
13:c1:3f:56:25:31:93:fe:7a:ae:7e:67:0b:0e:72:
b3:bc:6b:26:f1:82:b2:52:57:49:17:a2:59:25:bb:
bb:28:70:89:9b:10:a1:54:63:2c:29:fc:2f:bf:29:
1e:22:d1:a6:09:e9:58:52:e8:03:c5:85:7e:d0:87:
59:dc:07:0b:88:f4:04:39:74:25:89:53:d4:6d:91:
b6:fb:f6:4a:f9:b3:5b:d7:e5:eb:98:dc:bf:37:8d:
90:0e:36:fc:bf:13:41:c3:65:d8:eb:c5:7a:56:11:
1c:5e:63:dd:33:83:28:dd:f8:63:e0:27:75:1c:07:
25:a0:13:ec:05:a8:66:19:ef:be:77:ce:6f:fd:65:
33:fc:16:b7:0a:a9:42:40:d4:14:dd:ce:68:f0:b6:
57:c9:5b:52:09:22:63:c0:56:c5:08:2c:a5:94:37:
bb:97:f8:ec:ce:9a:e1:d0:6a:9f:30:a3:29:3c:c5:
67:37:76:98:b5:f9:24:7d:e9:f0:cf:5b:7a:09:15:
9b:c5:c1:23:86:df:e2:bf:24:c4:aa:6b:a0:61:06:
cb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:50:05:D5:2D:D4:A5:83:4E:A8:75:42:A4:7C:C3:DF:E7:8B:5E:CA
X509v3 Authority Key Identifier:
keyid:C9:66:40:EA:EF:03:1C:B2:4B:EB:36:5E:C0:DA:BE:B2:61:73:C4:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yWZA6u8DHLJL6zZewNq-smFzxCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bc8b3a-db3d-42d6-91c0-af8cda25566a/1/81AF1S3UpYNOqHVCpHzD3-eLXso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bc8b3a-db3d-42d6-91c0-af8cda25566a/1/yWZA6u8DHLJL6zZewNq-smFzxCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.216.0/22
IPv6:
2a06:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
47:1b:78:6c:2e:5e:90:88:35:7d:5e:93:4c:01:52:ae:b3:9e:
4a:9a:93:6d:1e:d6:c6:a6:07:95:01:31:d0:ea:b4:28:64:cf:
67:d2:e8:29:a8:3f:9c:80:74:34:ff:44:98:26:31:a4:b6:66:
23:0c:52:7d:c5:82:66:23:33:64:6e:ac:54:4c:01:8e:f8:5e:
eb:35:04:28:9e:28:be:a5:df:aa:9d:24:cf:9d:7d:64:85:11:
df:44:b7:92:61:bb:68:c1:84:eb:b8:d2:68:0f:1c:b7:c1:88:
15:28:2d:64:d1:bb:d6:72:4f:3f:59:6e:91:f9:bb:20:a6:4c:
84:77:e7:3c:e2:dd:ae:81:c1:5b:dd:23:38:79:7a:3b:3d:a5:
57:25:2f:73:5f:b8:de:ad:9c:ec:4a:f9:ae:0c:09:e1:14:8d:
81:8c:e3:c3:45:42:5f:98:0a:41:8c:1d:32:d3:26:2e:3c:fe:
5f:9a:67:ec:51:4e:21:22:bd:76:77:32:6b:b6:1e:63:40:13:
ac:a0:e3:40:24:bc:50:57:f7:f8:5b:8b:44:fb:d9:fa:9e:a2:
59:d9:66:2c:eb:18:8d:35:40:08:cf:fb:36:76:ea:14:d5:b7:
d3:fb:e3:08:ab:42:40:e9:70:fd:ed:3c:30:89:dc:bc:7b:cd:
46:8a:c9:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbXWlGA9zjT+RlgxpRTNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NjY0MGVhZWYwMzFjYjI0YmViMzY1ZWMwZGFiZWIyNjE3
M2M0MjEwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzUwMDVkNTJkZDRhNTgzNGVhODc1NDJhNDdjYzNkZmU3OGI1ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoz7hXCo7dzO9neMtetDNFaZAc8M
i28gHqsDno4KUTGhsNX79zcjt8SpckgTwT9WJTGT/nqufmcLDnKzvGsm8YKyUldJ
F6JZJbu7KHCJmxChVGMsKfwvvykeItGmCelYUugDxYV+0IdZ3AcLiPQEOXQliVPU
bZG2+/ZK+bNb1+XrmNy/N42QDjb8vxNBw2XY68V6VhEcXmPdM4Mo3fhj4Cd1HAcl
oBPsBahmGe++d85v/WUz/Ba3CqlCQNQU3c5o8LZXyVtSCSJjwFbFCCyllDe7l/js
zprh0GqfMKMpPMVnN3aYtfkkfenwz1t6CRWbxcEjht/ivyTEqmugYQbLDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPNQBdUt1KWDTqh1QqR8w9/ni17KMB8GA1UdIwQY
MBaAFMlmQOrvAxyyS+s2XsDavrJhc8QhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVdaQTZ1OERITEpMNnpaZXdOcS1zbUZ6eENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYzhiM2EtZGIzZC00MmQ2LTkxYzAt
YWY4Y2RhMjU1NjZhLzEvODFBRjFTM1VwWU5PcUhWQ3BIekQzLWVMWHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYzhiM2EtZGIzZC00MmQ2LTkxYzAtYWY4Y2RhMjU1NjZh
LzEveVdaQTZ1OERITEpMNnpaZXdOcS1zbUZ6eENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWzYMA0E
AgACMAcDBQMqBksAMA0GCSqGSIb3DQEBCwUAA4IBAQBHG3hsLl6QiDV9XpNMAVKu
s55KmpNtHtbGpgeVATHQ6rQoZM9n0ugpqD+cgHQ0/0SYJjGktmYjDFJ9xYJmIzNk
bqxUTAGO+F7rNQQonii+pd+qnSTPnX1khRHfRLeSYbtowYTruNJoDxy3wYgVKC1k
0bvWck8/WW6R+bsgpkyEd+c84t2ugcFb3SM4eXo7PaVXJS9zX7jerZzsSvmuDAnh
FI2BjOPDRUJfmApBjB0y0yYuPP5fmmfsUU4hIr12dzJrth5jQBOsoONAJLxQV/f4
W4tE+9n6nqJZ2WYs6xiNNUAIz/s2duoU1bfT++MIq0JA6XD97Twwidy8e81Giskq
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:43:53 2025 by rpki-client