Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/L8iDtUib1lWzwOIyERcCBBIy5bU.roa
File: L8iDtUib1lWzwOIyERcCBBIy5bU.roa (raw, json)
Hash identifier: pW9LYiIhHR4KstGydbUcTmJTn8cpZ4m/nyaeIsOlD34=
Subject key identifier: 2F:C8:83:B5:48:9B:D6:55:B3:C0:E2:32:11:17:02:04:12:32:E5:B5
Certificate issuer: /CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48
Certificate serial: 0194B1E02DC30DDD9CACF35670C9FE56ADC0
Authority key identifier: 3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/L8iDtUib1lWzwOIyERcCBBIy5bU.roa
Signing time: Wed 29 Jan 2025 11:44:06 +0000
ROA not before: Wed 29 Jan 2025 11:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205225
IP address blocks: 185.117.62.0/24 maxlen: 24
185.117.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:e0:2d:c3:0d:dd:9c:ac:f3:56:70:c9:fe:56:ad:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48
Validity
Not Before: Jan 29 11:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fc883b5489bd655b3c0e232111702041232e5b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:32:83:9b:7d:38:44:ed:fe:62:96:7f:d9:b2:
e4:1d:2b:73:af:68:25:97:29:2e:08:4e:82:d9:8a:
53:6a:1a:37:3b:bd:a1:0c:a9:71:7f:32:16:5c:02:
83:7a:f4:8f:e6:15:a5:45:88:e0:27:5a:58:c4:4b:
19:81:c0:2f:14:c8:57:18:72:6d:f9:99:bc:78:25:
c7:5e:12:69:66:d7:9b:10:5f:15:8d:e6:be:b3:92:
e3:5c:09:c1:9a:38:83:7e:0e:e1:93:7f:f8:e1:a2:
94:56:da:4f:db:03:c0:cc:0c:d1:c6:10:a0:02:ee:
20:4e:d6:ca:9b:b9:38:77:de:e6:48:1c:db:ab:0d:
cf:0f:15:1f:b2:5f:9d:c3:97:cf:6f:2e:cf:d3:c2:
b5:08:d2:f9:61:a8:6f:9d:a1:7f:7e:55:06:42:58:
62:37:3f:34:02:58:1c:96:dc:88:1c:48:7a:4a:5c:
ff:72:cc:92:6f:c0:ee:da:80:26:ef:ad:c5:48:94:
94:4f:3a:36:b8:13:5b:74:6b:4d:ed:1a:f5:bc:15:
7a:49:34:2a:9d:8a:40:ae:a9:56:51:f1:7b:9b:80:
f8:b3:e5:1c:e9:3f:f9:0f:17:a9:6d:96:89:aa:97:
dd:9c:e6:c5:a3:da:15:62:d1:47:50:a3:eb:48:86:
ae:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C8:83:B5:48:9B:D6:55:B3:C0:E2:32:11:17:02:04:12:32:E5:B5
X509v3 Authority Key Identifier:
keyid:3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/L8iDtUib1lWzwOIyERcCBBIy5bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.62.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:6f:ff:be:8d:50:9e:a5:3a:f0:5b:e2:24:4c:3f:02:18:df:
d3:b0:35:57:4d:7a:91:c3:3a:9a:42:34:43:49:2f:57:83:f2:
68:49:7f:7c:d5:b3:4e:b2:ae:57:b9:c8:02:e3:9d:0c:9d:31:
56:f1:73:74:7d:f1:90:b2:ff:52:6b:42:2f:92:80:71:0f:d0:
16:5c:2f:58:99:3a:64:8f:cc:c7:0c:50:fe:73:42:a5:d7:d7:
3b:29:da:f2:a0:b8:fb:55:72:74:a4:93:bf:94:b8:db:91:33:
e9:a5:08:4c:33:c4:35:c5:da:2b:35:ce:89:5f:65:7a:3e:3f:
1f:9b:b7:23:ca:dd:03:1c:35:c6:dc:41:50:08:dc:8e:97:9e:
43:bd:76:eb:eb:b9:7a:85:b5:34:7b:19:45:ac:8e:1b:fb:d1:
d8:33:ae:80:b7:c4:4e:30:f8:08:66:48:89:66:39:e5:bc:4f:
75:f8:b7:fd:1a:80:44:4f:0e:64:63:e3:85:b9:ae:d5:1a:92:
86:52:db:71:6e:39:b5:47:cc:77:21:da:fd:99:fc:45:48:e5:
85:ca:29:13:5f:42:f3:cd:77:2f:28:0b:e3:35:71:6f:ee:79:
ee:93:0e:74:6f:8c:50:ff:51:8f:0e:9c:b6:ba:56:3a:e3:6f:
50:ea:95:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSx4C3DDd2crPNWcMn+Vq3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOGZlMjQ2NTg0MzAzMWI3NzhiYjhkOGI3YmQzNWEwOTRm
Y2NmNDgwHhcNMjUwMTI5MTE0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmM4ODNiNTQ4OWJkNjU1YjNjMGUyMzIxMTE3MDIwNDEyMzJlNWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszKDm304RO3+YpZ/2bLkHStzr2gl
lykuCE6C2YpTaho3O72hDKlxfzIWXAKDevSP5hWlRYjgJ1pYxEsZgcAvFMhXGHJt
+Zm8eCXHXhJpZtebEF8Vjea+s5LjXAnBmjiDfg7hk3/44aKUVtpP2wPAzAzRxhCg
Au4gTtbKm7k4d97mSBzbqw3PDxUfsl+dw5fPby7P08K1CNL5YahvnaF/flUGQlhi
Nz80AlgcltyIHEh6Slz/csySb8Du2oAm763FSJSUTzo2uBNbdGtN7Rr1vBV6STQq
nYpArqlWUfF7m4D4s+Uc6T/5DxepbZaJqpfdnObFo9oVYtFHUKPrSIauJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/Ig7VIm9ZVs8DiMhEXAgQSMuW1MB8GA1UdIwQY
MBaAFDuP4kZYQwMbd4u42Le9NaCU/M9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2Mt
N2MzNTAwNmUwN2ExLzEvTDhpRHRVaWIxbFd6d09JeUVSY0NCQkl5NWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2MtN2MzNTAwNmUwN2Ex
LzEvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXU+MA0G
CSqGSIb3DQEBCwUAA4IBAQCNb/++jVCepTrwW+IkTD8CGN/TsDVXTXqRwzqaQjRD
SS9Xg/JoSX981bNOsq5XucgC450MnTFW8XN0ffGQsv9Sa0IvkoBxD9AWXC9YmTpk
j8zHDFD+c0Kl19c7KdryoLj7VXJ0pJO/lLjbkTPppQhMM8Q1xdorNc6JX2V6Pj8f
m7cjyt0DHDXG3EFQCNyOl55DvXbr67l6hbU0exlFrI4b+9HYM66At8ROMPgIZkiJ
ZjnlvE91+Lf9GoBETw5kY+OFua7VGpKGUttxbjm1R8x3Idr9mfxFSOWFyikTX0Lz
zXcvKAvjNXFv7nnukw50b4xQ/1GPDpy2ulY6429Q6pWH
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:29:54 2025 by rpki-client