Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/lHGrQ5ab4Wwh-Q0oJszTsf0BUdA.roa
File: lHGrQ5ab4Wwh-Q0oJszTsf0BUdA.roa (raw, json)
Hash identifier: BJEIpPOdoxYjpK82/CR/sXoES/6zdTI5hZVWKdTDxHk=
Subject key identifier: 94:71:AB:43:96:9B:E1:6C:21:F9:0D:28:26:CC:D3:B1:FD:01:51:D0
Certificate issuer: /CN=8f0adba2604934738c7c9692a0b3ab7b30a82bb2
Certificate serial: 019422202BBC9554A4DD29EF160B7DAD916E
Authority key identifier: 8F:0A:DB:A2:60:49:34:73:8C:7C:96:92:A0:B3:AB:7B:30:A8:2B:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jwrbomBJNHOMfJaSoLOrezCoK7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/lHGrQ5ab4Wwh-Q0oJszTsf0BUdA.roa
Signing time: Wed 01 Jan 2025 13:48:41 +0000
ROA not before: Wed 01 Jan 2025 13:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201179
IP address blocks: 176.110.124.0/24 maxlen: 24
176.110.125.0/24 maxlen: 24
176.110.126.0/24 maxlen: 24
185.18.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2b:bc:95:54:a4:dd:29:ef:16:0b:7d:ad:91:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f0adba2604934738c7c9692a0b3ab7b30a82bb2
Validity
Not Before: Jan 1 13:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9471ab43969be16c21f90d2826ccd3b1fd0151d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8c:40:fb:6b:b2:0d:84:1b:11:b0:cb:c8:b1:
43:d0:b3:40:c0:86:d6:01:fd:da:a3:3e:c9:1c:3f:
d9:36:fb:0a:e7:31:f2:5f:7a:7f:48:c1:28:24:d9:
9d:aa:55:65:dd:cf:42:9d:35:a7:cb:be:bb:df:3b:
b6:94:3e:a9:39:70:54:0a:96:3f:39:0d:b1:87:3d:
f0:47:79:9e:9f:65:98:f2:cd:b9:72:9e:1b:d2:35:
e1:02:72:1b:bf:c5:03:7c:14:d3:43:a2:5c:49:85:
59:8c:4c:5e:6c:0b:88:6d:19:d2:40:31:63:65:34:
4f:e7:67:8c:1d:98:80:52:ac:12:ae:2b:58:fa:03:
13:22:46:f0:47:0d:b4:66:b6:70:ac:59:84:17:e9:
77:25:35:aa:13:f9:ab:f8:59:82:22:0d:eb:b1:6a:
dd:be:35:89:91:3b:19:0c:56:b3:0a:9b:11:c0:c6:
87:da:46:33:b4:8c:f3:d3:ee:5b:67:82:5c:4f:21:
cd:eb:88:b9:ed:31:7e:7a:d6:63:d2:f9:64:d1:13:
71:3e:4e:b2:9f:05:35:00:ff:cb:1f:67:f2:69:07:
fd:bc:ff:99:b3:ec:f0:e3:08:c6:b0:38:19:a4:09:
c8:78:e0:17:5c:a7:99:e0:89:5a:09:e8:e0:5d:00:
fa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:71:AB:43:96:9B:E1:6C:21:F9:0D:28:26:CC:D3:B1:FD:01:51:D0
X509v3 Authority Key Identifier:
keyid:8F:0A:DB:A2:60:49:34:73:8C:7C:96:92:A0:B3:AB:7B:30:A8:2B:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jwrbomBJNHOMfJaSoLOrezCoK7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/lHGrQ5ab4Wwh-Q0oJszTsf0BUdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/jwrbomBJNHOMfJaSoLOrezCoK7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.124.0-176.110.126.255
185.18.220.0/24
Signature Algorithm: sha256WithRSAEncryption
21:c9:db:f7:ac:fa:d4:79:2a:08:c2:78:fd:58:87:20:10:98:
ee:81:9f:6f:cb:ea:36:46:5b:1b:44:90:d7:76:e1:a8:cd:40:
f5:6f:db:2c:bb:c0:06:65:c6:21:72:96:ca:1c:f8:85:1d:13:
6c:25:64:32:69:0b:b5:c4:76:6f:a7:02:33:a0:78:cf:63:91:
56:c2:55:df:aa:57:21:b0:40:3f:c6:36:dc:a4:6f:bf:73:19:
3d:c7:4a:58:c6:ab:fa:a7:21:7c:a8:5f:0d:9e:18:ee:80:39:
06:ee:d9:b6:d3:58:ec:20:f6:dc:76:21:0f:95:74:c6:6d:ca:
80:6d:c6:90:3f:69:97:4b:88:f5:ba:c1:a4:5a:61:35:90:de:
1b:a6:e8:0d:7e:e3:ba:b0:7f:b2:d7:a4:14:96:f1:93:73:81:
8c:4d:e6:d2:16:5f:53:da:e0:23:34:8f:96:c6:2b:07:91:03:
4f:9c:99:78:38:93:08:62:60:92:33:7b:a7:20:f4:d5:82:06:
dd:5e:92:ad:7f:9a:6d:b1:eb:dd:7e:19:8d:dc:37:d8:ba:b5:
cc:f9:d2:73:24:a3:b2:ce:38:e0:df:c3:46:f9:f1:fc:dd:65:
1b:7b:86:2f:4b:1c:33:5e:28:c0:87:d7:6e:fb:0f:d4:29:fe:
41:69:5d:56
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQiICu8lVSk3SnvFgt9rZFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMGFkYmEyNjA0OTM0NzM4YzdjOTY5MmEwYjNhYjdiMzBh
ODJiYjIwHhcNMjUwMTAxMTM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDcxYWI0Mzk2OWJlMTZjMjFmOTBkMjgyNmNjZDNiMWZkMDE1MWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIxA+2uyDYQbEbDLyLFD0LNAwIbW
Af3aoz7JHD/ZNvsK5zHyX3p/SMEoJNmdqlVl3c9CnTWny7673zu2lD6pOXBUCpY/
OQ2xhz3wR3men2WY8s25cp4b0jXhAnIbv8UDfBTTQ6JcSYVZjExebAuIbRnSQDFj
ZTRP52eMHZiAUqwSritY+gMTIkbwRw20ZrZwrFmEF+l3JTWqE/mr+FmCIg3rsWrd
vjWJkTsZDFazCpsRwMaH2kYztIzz0+5bZ4JcTyHN64i57TF+etZj0vlk0RNxPk6y
nwU1AP/LH2fyaQf9vP+Zs+zw4wjGsDgZpAnIeOAXXKeZ4IlaCejgXQD6aQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJRxq0OWm+FsIfkNKCbM07H9AVHQMB8GA1UdIwQY
MBaAFI8K26JgSTRzjHyWkqCzq3swqCuyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvandyYm9tQkpOSE9NZkphU29MT3JlekNvSzdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC83YTg1YzktYzU4YS00ZjhlLTgzYjEt
N2JhZmRlNGM0YjI0LzEvbEhHclE1YWI0V3doLVEwb0pzelRzZjBCVWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC83YTg1YzktYzU4YS00ZjhlLTgzYjEtN2JhZmRlNGM0YjI0
LzEvandyYm9tQkpOSE9NZkphU29MT3JlekNvSzdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKwbnwD
BACwbn4DBAC5EtwwDQYJKoZIhvcNAQELBQADggEBACHJ2/es+tR5KgjCeP1YhyAQ
mO6Bn2/L6jZGWxtEkNd24ajNQPVv2yy7wAZlxiFylsoc+IUdE2wlZDJpC7XEdm+n
AjOgeM9jkVbCVd+qVyGwQD/GNtykb79zGT3HSljGq/qnIXyoXw2eGO6AOQbu2bbT
WOwg9tx2IQ+VdMZtyoBtxpA/aZdLiPW6waRaYTWQ3hum6A1+47qwf7LXpBSW8ZNz
gYxN5tIWX1Pa4CM0j5bGKweRA0+cmXg4kwhiYJIze6cg9NWCBt1ekq1/mm2x691+
GY3cN9i6tcz50nMko7LOOODfw0b58fzdZRt7hi9LHDNeKMCH1277D9Qp/kFpXVY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:10 2025 by rpki-client