Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/n8jEJc2lfop6kABCAsLy-KDmKG4.roa
File: n8jEJc2lfop6kABCAsLy-KDmKG4.roa (raw, json)
Hash identifier: wx4AHvCRtc7Q6KbA18J+BrDgkCnsew1knRaHObr8aUg=
Subject key identifier: 9F:C8:C4:25:CD:A5:7E:8A:7A:90:00:42:02:C2:F2:F8:A0:E6:28:6E
Certificate issuer: /CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Certificate serial: 0194228D2BE25907CD82F927DD5FB39F4CD0
Authority key identifier: 24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/n8jEJc2lfop6kABCAsLy-KDmKG4.roa
Signing time: Wed 01 Jan 2025 15:47:44 +0000
ROA not before: Wed 01 Jan 2025 15:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208226
IP address blocks: 37.153.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:2b:e2:59:07:cd:82:f9:27:dd:5f:b3:9f:4c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Validity
Not Before: Jan 1 15:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fc8c425cda57e8a7a90004202c2f2f8a0e6286e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6d:54:9f:ee:bc:8d:32:d0:2e:df:10:ec:dd:
57:e2:93:67:06:f4:92:95:a6:7e:f4:f7:aa:d1:36:
f1:8b:1a:18:1e:5f:8f:2f:7d:5c:a0:fd:f4:7a:c8:
28:eb:7f:24:ae:cb:e2:fb:8b:7f:b6:fe:91:b5:5d:
cd:6f:9e:45:4c:6b:43:e4:9f:39:89:59:96:2c:a8:
ae:7d:f0:b7:b9:e7:2e:5b:14:5f:7c:01:b0:a6:ac:
f9:50:be:0d:65:ee:13:9e:f5:47:b0:b9:da:8f:d7:
71:9e:1d:28:d8:ae:51:ed:d3:2b:4f:ff:7c:1d:07:
d3:eb:4e:d1:8a:05:f3:3a:38:68:ec:66:3a:91:f9:
94:90:27:4f:56:b3:16:fd:fe:79:68:ff:0d:93:4a:
9d:6f:bc:3a:68:98:8a:8c:49:fc:2e:95:c1:3b:23:
51:f2:0d:ad:d8:12:63:5f:a5:c8:c9:46:75:9e:9f:
d6:73:1f:c3:b9:29:a4:be:83:e5:53:53:94:d5:22:
95:90:83:e4:d6:1d:cf:62:9d:68:c1:6e:a8:a2:2c:
c9:fd:c6:2e:9a:e3:12:69:00:95:62:09:67:f4:97:
6b:ba:64:7f:7c:dd:27:af:eb:05:49:78:48:0d:25:
bc:53:30:f2:53:29:eb:fb:77:53:bb:a2:c2:67:12:
8a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C8:C4:25:CD:A5:7E:8A:7A:90:00:42:02:C2:F2:F8:A0:E6:28:6E
X509v3 Authority Key Identifier:
keyid:24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/n8jEJc2lfop6kABCAsLy-KDmKG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/JBW_nGHIXbfJmsTN95JX55l6t3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.152.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:09:ea:b5:03:f4:22:c7:ea:fb:03:d2:47:86:c6:d2:2d:bb:
0d:e2:d4:ec:87:e8:5e:a1:d1:28:1f:c8:af:5e:d8:e4:f7:7a:
26:93:65:c4:d8:e5:c4:a9:26:a6:b9:98:dc:1d:ee:87:8f:8f:
c1:3f:d7:bc:1f:43:55:27:e9:3f:b6:27:68:0f:75:c8:8e:7d:
d3:30:2c:f3:ee:f9:0c:31:ff:cd:51:d2:40:ba:6a:54:b3:2d:
0f:c1:d4:7d:a0:8e:f6:64:82:f6:16:ba:51:2e:ea:46:68:6c:
58:03:28:e8:a2:91:89:bb:4f:9d:f7:e8:fc:32:ff:a8:74:1d:
fa:70:a8:8f:ab:cf:16:4b:0c:2b:fc:f9:ff:ae:cc:41:a5:6c:
e2:c0:ba:93:24:1c:f4:84:ae:ec:d9:71:81:c4:dc:a4:e9:3d:
56:d4:7b:e2:ee:0d:2b:71:94:e1:e7:0c:15:d2:3e:8e:04:a7:
09:7d:9a:6e:47:4d:d2:0e:87:83:58:fc:7c:c4:65:8e:67:75:
87:85:6b:0c:44:24:df:54:ed:a5:ca:16:e5:15:c7:61:6e:87:
89:1b:05:cd:45:8b:ea:9d:08:a4:1a:7d:30:4e:61:0d:41:4f:
e5:bb:78:02:04:75:ee:3d:f2:da:74:9b:db:ad:77:44:93:09:
b8:e9:e3:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijSviWQfNgvkn3V+zn0zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTViZjljNjFjODVkYjdjOTlhYzRjZGY3OTI1N2U3OTk3
YWI3N2MwHhcNMjUwMTAxMTU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmM4YzQyNWNkYTU3ZThhN2E5MDAwNDIwMmMyZjJmOGEwZTYyODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG1Un+68jTLQLt8Q7N1X4pNnBvSS
laZ+9Peq0TbxixoYHl+PL31coP30esgo638krsvi+4t/tv6RtV3Nb55FTGtD5J85
iVmWLKiuffC3uecuWxRffAGwpqz5UL4NZe4TnvVHsLnaj9dxnh0o2K5R7dMrT/98
HQfT607RigXzOjho7GY6kfmUkCdPVrMW/f55aP8Nk0qdb7w6aJiKjEn8LpXBOyNR
8g2t2BJjX6XIyUZ1np/Wcx/DuSmkvoPlU1OU1SKVkIPk1h3PYp1owW6ooizJ/cYu
muMSaQCVYgln9JdrumR/fN0nr+sFSXhIDSW8UzDyUynr+3dTu6LCZxKKlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/IxCXNpX6KepAAQgLC8vig5ihuMB8GA1UdIwQY
MBaAFCQVv5xhyF23yZrEzfeSV+eZerd8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMt
NmExOGRjODgxNmRiLzEvbjhqRUpjMmxmb3A2a0FCQ0FzTHktS0RtS0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMtNmExOGRjODgxNmRi
LzEvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZmYMA0G
CSqGSIb3DQEBCwUAA4IBAQAMCeq1A/Qix+r7A9JHhsbSLbsN4tTsh+heodEoH8iv
Xtjk93omk2XE2OXEqSamuZjcHe6Hj4/BP9e8H0NVJ+k/tidoD3XIjn3TMCzz7vkM
Mf/NUdJAumpUsy0PwdR9oI72ZIL2FrpRLupGaGxYAyjoopGJu0+d9+j8Mv+odB36
cKiPq88WSwwr/Pn/rsxBpWziwLqTJBz0hK7s2XGBxNyk6T1W1Hvi7g0rcZTh5wwV
0j6OBKcJfZpuR03SDoeDWPx8xGWOZ3WHhWsMRCTfVO2lyhblFcdhboeJGwXNRYvq
nQikGn0wTmENQU/lu3gCBHXuPfLadJvbrXdEkwm46eOV
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:19 2025 by rpki-client