Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/8OSq_me_piuY9aTEESBxQ_Nz1Zc.roa
File: 8OSq_me_piuY9aTEESBxQ_Nz1Zc.roa (raw, json)
Hash identifier: jli/f4rA8lzODNLo/sC1h2DAhvEwSPZMgYQGoXMtAvM=
Subject key identifier: F0:E4:AA:FE:67:BF:A6:2B:98:F5:A4:C4:11:20:71:43:F3:73:D5:97
Certificate issuer: /CN=b2db2bfcf59d99ca70833708fd30032f23fef485
Certificate serial: 01942068408CD9072EFA150FF2DCE909EAF5
Authority key identifier: B2:DB:2B:FC:F5:9D:99:CA:70:83:37:08:FD:30:03:2F:23:FE:F4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stsr_PWdmcpwgzcI_TADLyP-9IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/8OSq_me_piuY9aTEESBxQ_Nz1Zc.roa
Signing time: Wed 01 Jan 2025 05:48:10 +0000
ROA not before: Wed 01 Jan 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201910
IP address blocks: 79.170.144.0/23 maxlen: 23
79.170.146.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:40:8c:d9:07:2e:fa:15:0f:f2:dc:e9:09:ea:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2db2bfcf59d99ca70833708fd30032f23fef485
Validity
Not Before: Jan 1 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0e4aafe67bfa62b98f5a4c411207143f373d597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:12:10:7d:0c:24:8e:3c:c3:1b:e9:fb:89:a3:
ed:4e:86:f9:0a:8f:7a:ea:b6:d4:15:da:31:c9:cc:
de:ad:71:5a:f5:15:62:6a:c1:c3:fb:01:c2:3e:20:
ee:b5:bd:a9:76:cb:71:23:99:87:3a:45:49:e7:54:
55:06:ac:22:11:73:a5:42:dd:b5:df:26:e0:d0:5e:
59:42:fc:2f:18:83:07:f6:1b:64:a1:44:87:95:16:
f1:09:2e:97:d4:5e:bf:26:86:3d:f4:4a:49:f6:e9:
7e:04:f1:c4:db:d6:f3:c0:36:dd:b9:91:eb:31:2a:
5b:2c:4e:3b:ef:22:65:37:2a:65:63:e7:b0:5e:2f:
e9:ad:b9:80:5c:02:eb:78:4d:14:31:77:1c:ac:9f:
d4:53:94:68:d7:6e:d8:0e:be:be:46:5a:34:da:b1:
e6:2d:78:2b:8f:a1:4d:29:26:b6:f8:38:85:8b:d3:
83:41:99:76:67:16:b5:44:20:58:da:b9:39:7e:20:
da:c8:7c:5a:71:16:12:e9:e0:5f:0f:51:71:72:ae:
23:e7:be:a0:48:1c:ae:37:de:ad:6d:9d:22:ba:56:
7d:0e:7a:d4:cf:94:e9:6e:92:1b:99:f1:c0:1c:e4:
06:0a:53:83:b1:b9:02:cd:b2:5b:80:dc:86:e9:72:
ca:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E4:AA:FE:67:BF:A6:2B:98:F5:A4:C4:11:20:71:43:F3:73:D5:97
X509v3 Authority Key Identifier:
keyid:B2:DB:2B:FC:F5:9D:99:CA:70:83:37:08:FD:30:03:2F:23:FE:F4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stsr_PWdmcpwgzcI_TADLyP-9IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/8OSq_me_piuY9aTEESBxQ_Nz1Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/stsr_PWdmcpwgzcI_TADLyP-9IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.144.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:69:f8:25:b4:f4:28:0c:9f:1d:aa:4e:27:a3:35:9e:fc:d9:
79:7a:5d:9a:8f:b6:4d:bb:1f:18:04:d4:36:2a:de:d0:53:ab:
b3:0f:ff:8a:58:3c:7d:10:ce:51:be:6e:f9:1c:ee:34:35:b8:
0f:9a:87:5c:a1:46:1f:48:85:03:93:f7:9c:c2:bd:8b:b7:f4:
53:16:fb:c9:35:9e:82:e4:ce:fd:50:2f:61:10:40:9c:4b:f4:
ae:9f:9e:47:26:49:a9:58:64:ff:f4:d4:38:36:45:2a:96:94:
b7:3e:68:dd:db:af:f3:81:6e:3d:c5:2d:9b:f4:e9:ca:c1:ff:
5e:98:e0:79:c4:84:3f:3f:f5:e4:cc:3e:b4:8b:9d:1d:7f:4e:
30:f0:63:fc:bb:dd:5a:d1:d9:29:e1:4c:34:c6:0f:9f:d6:0f:
f3:46:56:27:50:10:b3:4e:d2:b2:01:bd:86:5a:51:bb:bf:f2:
69:55:89:86:de:99:fb:4a:80:7c:ea:7d:14:61:34:2f:70:6e:
0a:cc:a9:53:86:0b:a5:c9:c6:2a:d2:27:83:64:86:38:31:7a:
a6:a8:f7:ed:b1:ab:93:fb:50:19:1e:b5:fb:67:ea:97:de:05:
f6:18:a6:86:55:35:df:bb:20:1f:67:ca:16:0c:8f:43:5a:7c:
1e:2d:e2:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaECM2Qcu+hUP8tzpCer1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGIyYmZjZjU5ZDk5Y2E3MDgzMzcwOGZkMzAwMzJmMjNm
ZWY0ODUwHhcNMjUwMTAxMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGU0YWFmZTY3YmZhNjJiOThmNWE0YzQxMTIwNzE0M2YzNzNkNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxIQfQwkjjzDG+n7iaPtTob5Co96
6rbUFdoxyczerXFa9RViasHD+wHCPiDutb2pdstxI5mHOkVJ51RVBqwiEXOlQt21
3ybg0F5ZQvwvGIMH9htkoUSHlRbxCS6X1F6/JoY99EpJ9ul+BPHE29bzwDbduZHr
MSpbLE477yJlNyplY+ewXi/prbmAXALreE0UMXccrJ/UU5Ro127YDr6+Rlo02rHm
LXgrj6FNKSa2+DiFi9ODQZl2Zxa1RCBY2rk5fiDayHxacRYS6eBfD1Fxcq4j576g
SByuN96tbZ0iulZ9DnrUz5TpbpIbmfHAHOQGClODsbkCzbJbgNyG6XLKKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDkqv5nv6YrmPWkxBEgcUPzc9WXMB8GA1UdIwQY
MBaAFLLbK/z1nZnKcIM3CP0wAy8j/vSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Rzcl9QV2RtY3B3Z3pjSV9UQURMeVAtOUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zOWRiNmMtZjIzYi00YzliLTlmNzkt
NzM0OTk0YzUyYzFmLzEvOE9TcV9tZV9waXVZOWFURUVTQnhRX056MVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zOWRiNmMtZjIzYi00YzliLTlmNzktNzM0OTk0YzUyYzFm
LzEvc3Rzcl9QV2RtY3B3Z3pjSV9UQURMeVAtOUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCT6qQMA0G
CSqGSIb3DQEBCwUAA4IBAQC1afgltPQoDJ8dqk4nozWe/Nl5el2aj7ZNux8YBNQ2
Kt7QU6uzD/+KWDx9EM5Rvm75HO40NbgPmodcoUYfSIUDk/ecwr2Lt/RTFvvJNZ6C
5M79UC9hEECcS/Sun55HJkmpWGT/9NQ4NkUqlpS3Pmjd26/zgW49xS2b9OnKwf9e
mOB5xIQ/P/XkzD60i50df04w8GP8u91a0dkp4Uw0xg+f1g/zRlYnUBCzTtKyAb2G
WlG7v/JpVYmG3pn7SoB86n0UYTQvcG4KzKlThgulycYq0ieDZIY4MXqmqPftsauT
+1AZHrX7Z+qX3gX2GKaGVTXfuyAfZ8oWDI9DWnweLeLy
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:48 2025 by rpki-client