Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/13288a-d928-462b-94ba-9e22561bca88/1/8e9yMUBhV5pWFMEqjn7QDU0rV4w.roa
File: 8e9yMUBhV5pWFMEqjn7QDU0rV4w.roa (raw, json)
Hash identifier: tt2zh46mpoVuZazOvN/fRvbx8uKFWJV3ms76YoVRCNQ=
Subject key identifier: F1:EF:72:31:40:61:57:9A:56:14:C1:2A:8E:7E:D0:0D:4D:2B:57:8C
Certificate issuer: /CN=2fd379353e3c948dfd98da0a59e9792353a4d0e3
Certificate serial: 018CC94E595ACE96407B540780D818BDF922
Authority key identifier: 2F:D3:79:35:3E:3C:94:8D:FD:98:DA:0A:59:E9:79:23:53:A4:D0:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L9N5NT48lI39mNoKWel5I1Ok0OM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/13288a-d928-462b-94ba-9e22561bca88/1/8e9yMUBhV5pWFMEqjn7QDU0rV4w.roa
Signing time: Tue 02 Jan 2024 08:33:24 +0000
ROA not before: Tue 02 Jan 2024 08:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210479
IP address blocks: 176.116.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:59:5a:ce:96:40:7b:54:07:80:d8:18:bd:f9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fd379353e3c948dfd98da0a59e9792353a4d0e3
Validity
Not Before: Jan 2 08:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1ef72314061579a5614c12a8e7ed00d4d2b578c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ef:10:ab:41:8e:c4:e7:6f:3d:ab:09:01:4d:
0a:d8:68:f9:fb:b1:9b:64:0a:3a:dc:22:7e:97:4c:
eb:b5:5c:b4:94:ba:6d:be:7f:0a:56:fc:c6:28:08:
42:9c:a0:5b:e4:81:e0:4b:d2:b7:f4:de:f8:28:79:
17:74:56:39:76:ae:2b:80:bf:be:27:97:77:13:a8:
5b:66:c3:87:c9:35:5c:8d:ff:3d:02:0c:2d:ba:0a:
9e:23:2d:07:ab:32:cc:00:36:0e:c8:5e:a7:68:65:
18:11:25:ab:81:7c:99:e7:43:f9:65:ae:b4:1f:63:
19:db:26:95:b4:a1:31:7c:9f:9d:78:16:2c:86:ee:
e4:e5:fe:82:3d:6c:58:83:0c:c6:4b:d4:6a:fd:d3:
77:59:3d:07:20:e2:a6:ca:0c:9e:d9:cc:ad:d4:78:
ee:2c:ef:42:88:e6:1f:01:61:80:e7:7f:68:23:82:
36:9b:09:86:47:80:ab:72:a8:ca:ea:4b:63:a2:9f:
de:53:aa:7c:ba:00:02:a4:57:b9:16:85:36:f8:03:
78:9b:d3:59:44:c8:66:7c:16:b5:ba:2b:ba:25:96:
c6:a9:9a:65:7a:99:e3:3a:0d:5c:b0:33:ec:9b:96:
11:45:60:e5:ae:26:f9:f9:3d:20:c8:cd:da:14:de:
8b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EF:72:31:40:61:57:9A:56:14:C1:2A:8E:7E:D0:0D:4D:2B:57:8C
X509v3 Authority Key Identifier:
keyid:2F:D3:79:35:3E:3C:94:8D:FD:98:DA:0A:59:E9:79:23:53:A4:D0:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L9N5NT48lI39mNoKWel5I1Ok0OM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/13288a-d928-462b-94ba-9e22561bca88/1/8e9yMUBhV5pWFMEqjn7QDU0rV4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/13288a-d928-462b-94ba-9e22561bca88/1/L9N5NT48lI39mNoKWel5I1Ok0OM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.16.0/24
Signature Algorithm: sha256WithRSAEncryption
23:3a:29:3a:71:ef:04:43:7a:5b:0e:52:2d:aa:ad:8a:be:45:
6b:83:b2:57:82:40:cb:ae:b8:f3:77:fa:da:fe:c4:74:45:6c:
74:6f:c6:d2:c1:73:cd:9b:0e:9f:e4:7b:ee:3e:43:ca:5b:aa:
c5:e5:6c:f6:7b:07:7b:52:e4:79:f8:df:23:f2:0c:6f:43:ba:
2e:42:eb:9d:49:e3:62:06:b6:ab:35:50:5f:5d:52:bc:2f:d2:
c9:98:23:e5:5a:e6:93:01:f7:bd:81:0d:65:07:36:e8:5b:34:
9e:41:a5:82:02:75:93:ba:8e:f0:31:a6:29:a5:09:39:49:5d:
0b:bf:2c:81:6f:17:5a:6b:0e:de:24:fb:19:ab:14:fa:52:5b:
02:cb:a6:3a:9f:e7:5f:cb:51:b6:58:3d:b2:7b:71:24:2b:4e:
4b:6c:b2:28:52:67:73:25:a6:18:67:51:25:8a:89:10:b1:af:
bd:07:ba:35:ac:29:be:76:3b:59:1d:3d:49:1f:ec:b2:37:6b:
4b:54:e9:00:bb:da:19:a2:cc:70:41:47:a7:56:53:3e:f1:61:
f9:42:0e:53:99:c0:0c:99:63:dd:8d:49:a3:4c:55:ad:2c:52:
9a:d4:aa:73:f0:69:1c:50:4a:35:30:06:51:7f:30:0b:00:29:
e1:38:db:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTllazpZAe1QHgNgYvfkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZDM3OTM1M2UzYzk0OGRmZDk4ZGEwYTU5ZTk3OTIzNTNh
NGQwZTMwHhcNMjQwMTAyMDgzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWVmNzIzMTQwNjE1NzlhNTYxNGMxMmE4ZTdlZDAwZDRkMmI1NzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+8Qq0GOxOdvPasJAU0K2Gj5+7Gb
ZAo63CJ+l0zrtVy0lLptvn8KVvzGKAhCnKBb5IHgS9K39N74KHkXdFY5dq4rgL++
J5d3E6hbZsOHyTVcjf89AgwtugqeIy0HqzLMADYOyF6naGUYESWrgXyZ50P5Za60
H2MZ2yaVtKExfJ+deBYshu7k5f6CPWxYgwzGS9Rq/dN3WT0HIOKmygye2cyt1Hju
LO9CiOYfAWGA539oI4I2mwmGR4CrcqjK6ktjop/eU6p8ugACpFe5FoU2+AN4m9NZ
RMhmfBa1uiu6JZbGqZplepnjOg1csDPsm5YRRWDlrib5+T0gyM3aFN6LNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHvcjFAYVeaVhTBKo5+0A1NK1eMMB8GA1UdIwQY
MBaAFC/TeTU+PJSN/ZjaClnpeSNTpNDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDlONU5UNDhsSTM5bU5vS1dlbDVJMU9rME9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8xMzI4OGEtZDkyOC00NjJiLTk0YmEt
OWUyMjU2MWJjYTg4LzEvOGU5eU1VQmhWNXBXRk1FcWpuN1FEVTByVjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8xMzI4OGEtZDkyOC00NjJiLTk0YmEtOWUyMjU2MWJjYTg4
LzEvTDlONU5UNDhsSTM5bU5vS1dlbDVJMU9rME9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQQMA0G
CSqGSIb3DQEBCwUAA4IBAQAjOik6ce8EQ3pbDlItqq2KvkVrg7JXgkDLrrjzd/ra
/sR0RWx0b8bSwXPNmw6f5HvuPkPKW6rF5Wz2ewd7UuR5+N8j8gxvQ7ouQuudSeNi
BrarNVBfXVK8L9LJmCPlWuaTAfe9gQ1lBzboWzSeQaWCAnWTuo7wMaYppQk5SV0L
vyyBbxdaaw7eJPsZqxT6UlsCy6Y6n+dfy1G2WD2ye3EkK05LbLIoUmdzJaYYZ1El
iokQsa+9B7o1rCm+djtZHT1JH+yyN2tLVOkAu9oZosxwQUenVlM+8WH5Qg5TmcAM
mWPdjUmjTFWtLFKa1Kpz8GkcUEo1MAZRfzALACnhONt6
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:05:07 2025 by rpki-client