Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/AF6uSBXXjV8m6D8T1L1tDnPI1pQ.roa
File: AF6uSBXXjV8m6D8T1L1tDnPI1pQ.roa (raw, json)
Hash identifier: 5ngifaMxS9mhHVtoSr7d4Aq0k4gtgdDqeUt6H7Q6K9U=
Subject key identifier: 00:5E:AE:48:15:D7:8D:5F:26:E8:3F:13:D4:BD:6D:0E:73:C8:D6:94
Certificate issuer: /CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48
Certificate serial: 01956FE602E7978BE8732917DDB1F7FEBB66
Authority key identifier: 3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/AF6uSBXXjV8m6D8T1L1tDnPI1pQ.roa
Signing time: Fri 07 Mar 2025 09:18:19 +0000
ROA not before: Fri 07 Mar 2025 09:18:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205225
IP address blocks: 185.117.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:e6:02:e7:97:8b:e8:73:29:17:dd:b1:f7:fe:bb:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48
Validity
Not Before: Mar 7 09:18:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=005eae4815d78d5f26e83f13d4bd6d0e73c8d694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:18:d8:72:31:3f:3d:c1:d3:64:66:49:21:20:
b1:86:61:fd:28:50:1d:52:4a:94:c4:f5:92:50:39:
8b:37:8c:73:1d:4b:26:2d:57:e8:48:e9:f1:b8:32:
67:1f:cf:4b:02:c6:89:6d:ad:83:a9:23:a5:70:fb:
23:1b:75:20:a1:74:04:2c:26:31:e9:b5:69:60:6c:
7b:8c:0f:c8:0a:bf:aa:1b:a5:ba:90:d9:d8:9d:5d:
0c:cf:d3:74:00:c6:b2:5c:5b:e2:44:11:72:b8:df:
f1:b9:6d:5f:1b:f7:03:0a:e7:ba:2e:d9:4b:31:96:
a0:54:1d:b8:2b:23:e2:88:39:43:31:f4:9e:db:b1:
1e:15:d8:d1:1a:42:06:df:b9:e9:e9:ac:bf:86:27:
7d:d9:3f:1c:ca:2a:8e:84:56:3b:eb:23:41:5b:9e:
7b:35:ae:25:5d:19:53:f7:31:b3:e9:8b:bc:5c:22:
43:60:d5:c1:fb:8e:88:db:e5:67:8b:39:df:a0:f6:
a0:ba:8a:cb:41:9a:f1:75:ea:11:a7:d2:ea:f5:46:
59:37:f4:71:86:e3:66:28:7e:86:f6:45:7a:91:81:
90:3a:86:1d:f4:08:56:cc:8f:6e:7f:84:e4:4c:f2:
be:b2:c4:69:0d:de:45:b8:a7:ac:f6:60:9b:9b:86:
a9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5E:AE:48:15:D7:8D:5F:26:E8:3F:13:D4:BD:6D:0E:73:C8:D6:94
X509v3 Authority Key Identifier:
keyid:3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/AF6uSBXXjV8m6D8T1L1tDnPI1pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:ea:fb:06:64:34:e0:98:a9:27:de:33:ee:bc:6a:3a:c8:ff:
40:8b:af:6f:8d:37:6a:16:35:b6:62:f9:b9:20:60:94:75:14:
2e:31:b6:e0:8c:f4:aa:0f:fb:6d:07:38:66:7c:c4:53:7f:2f:
34:a4:7d:cd:19:95:be:60:45:ab:58:00:d8:46:46:ce:b7:ca:
cd:0d:66:64:0c:74:c7:90:d9:d8:46:20:0d:a3:6c:e3:c8:a7:
03:c9:64:d5:4f:f0:e1:dc:3e:4f:4e:2a:8e:25:a1:ee:79:00:
35:c1:84:b0:80:88:15:67:11:3d:a1:40:1c:f2:78:12:da:75:
ad:7a:76:29:db:a9:bb:18:34:87:ec:b7:b9:53:9e:6e:19:1e:
0b:b3:76:8c:73:cc:d7:17:56:6d:56:bf:75:05:41:a2:38:7c:
96:37:df:b5:28:f4:e5:bb:7d:62:81:b5:61:03:00:ad:21:0f:
be:ad:63:43:e8:ca:af:ca:99:32:6d:d7:b8:0f:f5:fe:f6:ea:
66:35:15:8a:3c:21:37:b0:ed:b5:3b:e3:57:62:be:2c:3b:de:
3b:c8:b1:90:e5:e3:bb:56:ad:1d:fd:bd:08:e9:d3:d6:9c:59:
27:cc:bb:ac:33:e3:54:98:22:6c:3b:7e:01:63:d6:6f:17:92:
93:83:fb:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVv5gLnl4vocykX3bH3/rtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOGZlMjQ2NTg0MzAzMWI3NzhiYjhkOGI3YmQzNWEwOTRm
Y2NmNDgwHhcNMjUwMzA3MDkxODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVlYWU0ODE1ZDc4ZDVmMjZlODNmMTNkNGJkNmQwZTczYzhkNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BjYcjE/PcHTZGZJISCxhmH9KFAd
UkqUxPWSUDmLN4xzHUsmLVfoSOnxuDJnH89LAsaJba2DqSOlcPsjG3UgoXQELCYx
6bVpYGx7jA/ICr+qG6W6kNnYnV0Mz9N0AMayXFviRBFyuN/xuW1fG/cDCue6LtlL
MZagVB24KyPiiDlDMfSe27EeFdjRGkIG37np6ay/hid92T8cyiqOhFY76yNBW557
Na4lXRlT9zGz6Yu8XCJDYNXB+46I2+VniznfoPaguorLQZrxdeoRp9Lq9UZZN/Rx
huNmKH6G9kV6kYGQOoYd9AhWzI9uf4TkTPK+ssRpDd5FuKes9mCbm4apwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABerkgV141fJug/E9S9bQ5zyNaUMB8GA1UdIwQY
MBaAFDuP4kZYQwMbd4u42Le9NaCU/M9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2Mt
N2MzNTAwNmUwN2ExLzEvQUY2dVNCWFhqVjhtNkQ4VDFMMXREblBJMXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2MtN2MzNTAwNmUwN2Ex
LzEvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXU/MA0G
CSqGSIb3DQEBCwUAA4IBAQCx6vsGZDTgmKkn3jPuvGo6yP9Ai69vjTdqFjW2Yvm5
IGCUdRQuMbbgjPSqD/ttBzhmfMRTfy80pH3NGZW+YEWrWADYRkbOt8rNDWZkDHTH
kNnYRiANo2zjyKcDyWTVT/Dh3D5PTiqOJaHueQA1wYSwgIgVZxE9oUAc8ngS2nWt
enYp26m7GDSH7Le5U55uGR4Ls3aMc8zXF1ZtVr91BUGiOHyWN9+1KPTlu31igbVh
AwCtIQ++rWND6Mqvypkybde4D/X+9upmNRWKPCE3sO21O+NXYr4sO947yLGQ5eO7
Vq0d/b0I6dPWnFknzLusM+NUmCJsO34BY9ZvF5KTg/ua
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:41:59 2025 by rpki-client