Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8BbcZP3rUvDa9MNTjMlkDwZkYKE.roa
File: 8BbcZP3rUvDa9MNTjMlkDwZkYKE.roa (raw, json)
Hash identifier: gTEQ0GQS67JC69NKbvbCv+qNNjCezF9A5yNYPC211k4=
Subject key identifier: F0:16:DC:64:FD:EB:52:F0:DA:F4:C3:53:8C:C9:64:0F:06:64:60:A1
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7B1B0CC67F3D0F524D991E05AA2F1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8BbcZP3rUvDa9MNTjMlkDwZkYKE.roa
Signing time: Wed 01 Jan 2025 21:48:45 +0000
ROA not before: Wed 01 Jan 2025 21:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214083
IP address blocks: 37.202.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:b1:b0:cc:67:f3:d0:f5:24:d9:91:e0:5a:a2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f016dc64fdeb52f0daf4c3538cc9640f066460a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:56:df:1f:49:76:78:14:b8:0a:0b:bf:b3:87:
ae:dd:72:dc:e7:c1:64:90:d5:2b:6f:39:00:09:67:
3a:3d:f9:17:77:60:38:6f:5e:78:ba:ab:9e:e1:5b:
ec:64:f6:92:84:0e:7a:6c:a2:c0:7f:dc:c6:38:59:
70:75:80:f3:e9:0d:92:cf:1a:93:0c:f3:65:7d:f3:
95:0a:aa:d9:0b:0f:1c:f1:eb:9b:9c:7c:4d:22:50:
c8:94:90:b0:e9:08:c7:cc:3e:cf:17:0c:1f:c7:33:
bd:9a:28:e8:a5:ba:64:99:36:33:86:88:d1:2f:79:
b1:9e:12:4c:7c:51:76:81:73:63:2e:7a:52:4e:b1:
0f:e1:31:45:70:b0:a5:aa:9e:bf:83:6c:21:3b:68:
ba:ad:86:22:ee:67:2a:ad:80:dc:54:57:7e:08:55:
86:6d:b5:c1:6b:b4:d8:d2:b5:ed:55:8c:bc:bf:f3:
c4:05:d0:1a:da:e4:c0:6a:9b:3a:9c:09:fe:fe:46:
eb:68:44:d3:0f:ba:87:07:cf:2f:ab:56:61:6d:90:
6a:b0:6c:1b:16:8e:0a:d1:a9:f0:7e:25:e7:17:16:
cd:0f:e9:2f:36:c0:ba:ac:4e:ef:a4:47:68:75:19:
02:ff:61:1f:74:68:fe:59:80:f7:7a:54:d8:97:f4:
3b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:16:DC:64:FD:EB:52:F0:DA:F4:C3:53:8C:C9:64:0F:06:64:60:A1
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8BbcZP3rUvDa9MNTjMlkDwZkYKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.212.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:e3:fa:43:5a:80:89:c6:f1:ec:9a:69:40:03:1c:9e:8e:49:
87:b0:e4:b6:d8:62:2f:92:47:71:1d:51:72:eb:af:0a:b3:10:
1a:b9:48:c8:5d:05:1c:a1:02:d6:b4:84:37:33:e7:ea:c5:1d:
2e:84:f7:e8:bd:4d:a6:53:0d:ac:94:65:14:cc:7f:86:2f:9b:
7a:4d:d2:5d:7b:09:15:82:96:80:e2:5b:43:17:fd:c8:76:ad:
84:78:56:d8:30:bf:0b:5e:c6:e7:42:f0:71:a9:9a:94:2b:48:
1b:9e:0f:49:a9:e2:1c:57:df:16:73:b8:c8:69:ca:3d:78:3e:
0c:07:2c:ec:5e:3f:16:cb:1a:e0:10:25:ad:2f:b0:58:02:da:
01:97:85:62:a4:69:59:b8:67:c6:7f:b2:58:5a:8b:72:e7:f3:
0b:bd:94:f3:28:cd:e6:f6:45:7e:ee:4e:56:0c:44:7d:6f:16:
cd:95:f1:0c:8d:4a:9e:67:4e:43:d7:34:17:f7:0c:00:cc:c7:
bb:dd:39:3c:e5:17:09:5e:8d:4e:74:a4:b3:f3:09:03:87:ab:
ee:d2:dd:c6:6c:ea:66:12:e9:51:d9:a7:73:16:0c:e0:f8:2e:
78:4d:0d:18:53:e9:cf:f6:2e:9e:28:8a:1a:aa:db:39:a1:9f:
23:b0:0a:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj17GwzGfz0PUk2ZHgWqLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDE2ZGM2NGZkZWI1MmYwZGFmNGMzNTM4Y2M5NjQwZjA2NjQ2MGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVbfH0l2eBS4Cgu/s4eu3XLc58Fk
kNUrbzkACWc6PfkXd2A4b154uque4VvsZPaShA56bKLAf9zGOFlwdYDz6Q2SzxqT
DPNlffOVCqrZCw8c8eubnHxNIlDIlJCw6QjHzD7PFwwfxzO9mijopbpkmTYzhojR
L3mxnhJMfFF2gXNjLnpSTrEP4TFFcLClqp6/g2whO2i6rYYi7mcqrYDcVFd+CFWG
bbXBa7TY0rXtVYy8v/PEBdAa2uTAaps6nAn+/kbraETTD7qHB88vq1ZhbZBqsGwb
Fo4K0anwfiXnFxbND+kvNsC6rE7vpEdodRkC/2EfdGj+WYD3elTYl/Q7bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAW3GT961Lw2vTDU4zJZA8GZGChMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOEJiY1pQM3JVdkRhOU1OVGpNbGtEd1prWUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcrUMA0G
CSqGSIb3DQEBCwUAA4IBAQAf4/pDWoCJxvHsmmlAAxyejkmHsOS22GIvkkdxHVFy
668KsxAauUjIXQUcoQLWtIQ3M+fqxR0uhPfovU2mUw2slGUUzH+GL5t6TdJdewkV
gpaA4ltDF/3Idq2EeFbYML8LXsbnQvBxqZqUK0gbng9JqeIcV98Wc7jIaco9eD4M
ByzsXj8WyxrgECWtL7BYAtoBl4VipGlZuGfGf7JYWoty5/MLvZTzKM3m9kV+7k5W
DER9bxbNlfEMjUqeZ05D1zQX9wwAzMe73Tk85RcJXo1OdKSz8wkDh6vu0t3GbOpm
EulR2adzFgzg+C54TQ0YU+nP9i6eKIoaqts5oZ8jsAqW
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:28 2025 by rpki-client