Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/g8lsih9XQmRf3ftrsGBk-JcJZCE.roa
File: g8lsih9XQmRf3ftrsGBk-JcJZCE.roa (raw, json)
Hash identifier: JxP6lpI5sHf4GldovKtFp6XQeGNudArtu8qR1RTBZVs=
Subject key identifier: 83:C9:6C:8A:1F:57:42:64:5F:DD:FB:6B:B0:60:64:F8:97:09:64:21
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0195848F70DDB9A48F4DAB9CAB473FB501B3
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/g8lsih9XQmRf3ftrsGBk-JcJZCE.roa
Signing time: Tue 11 Mar 2025 09:35:47 +0000
ROA not before: Tue 11 Mar 2025 09:35:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 176.125.248.0/24 maxlen: 24
185.240.122.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:8f:70:dd:b9:a4:8f:4d:ab:9c:ab:47:3f:b5:01:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 11 09:35:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83c96c8a1f5742645fddfb6bb06064f897096421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:4f:7b:33:9f:49:56:a3:a8:76:13:b7:61:
b1:01:d7:ab:fc:7e:0b:1c:e2:4f:a3:41:d3:90:5f:
44:50:38:67:d2:24:2e:6e:66:8d:b3:ea:ba:b4:de:
f3:c4:a1:b2:50:d1:8a:6d:20:4e:3b:43:11:ef:a8:
9f:c9:44:03:16:c6:67:d2:ad:66:5b:fa:39:96:2d:
f4:ea:6b:6d:15:aa:1e:b8:5f:2d:3d:b5:44:d0:24:
c0:4c:ac:e1:98:26:5f:e9:46:0b:3e:a8:67:05:06:
2e:2b:5e:dd:b7:cf:ac:3e:0a:1c:c2:4b:ce:8d:ed:
ab:c9:e0:cf:33:9c:2d:9c:90:bd:23:ee:7a:2a:e5:
b2:e6:df:e4:6c:10:88:6e:0c:a5:9e:f5:36:0e:63:
ce:eb:a9:39:e0:eb:c2:67:fc:4b:ff:b8:bc:76:56:
04:62:1c:89:72:fd:16:ec:4f:3b:af:bd:00:5d:df:
d1:25:e5:43:2e:d3:26:83:ff:db:ec:18:e5:95:14:
13:56:39:0a:fe:d4:29:ff:d4:95:53:d1:0e:40:4e:
bf:0d:a6:71:32:09:84:c2:3c:be:11:95:d3:40:78:
22:c0:7d:ae:e2:c2:27:de:f4:27:bb:b7:7d:1d:2b:
10:4a:95:ba:15:56:3c:4b:3f:6b:ae:0c:9b:4e:df:
9f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C9:6C:8A:1F:57:42:64:5F:DD:FB:6B:B0:60:64:F8:97:09:64:21
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/g8lsih9XQmRf3ftrsGBk-JcJZCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.240.122.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:57:e0:af:5d:0b:14:23:5a:38:2d:59:88:2c:7f:b0:c4:77:
38:51:04:30:c6:83:4d:75:2c:3b:53:32:cf:82:1d:1a:e4:72:
4e:1c:cb:c0:0c:05:5e:b8:b3:ec:b7:9a:95:1d:4a:08:8f:aa:
ba:06:ae:7a:92:61:2c:2f:ac:0f:97:6b:2c:5b:8d:b6:a0:c9:
ec:cf:08:01:84:75:7a:df:d2:31:10:96:70:cb:eb:a0:0b:fc:
c5:c7:a2:b2:d9:9a:0a:50:a7:93:21:9b:ec:1f:df:56:99:96:
8e:d2:70:d0:69:fb:a9:95:03:5b:70:d6:0a:42:70:6d:42:0e:
f9:3b:7a:76:08:60:a3:10:b2:b5:8e:96:5a:47:b7:4a:4f:2a:
b7:d5:96:a5:e6:11:97:15:4e:86:09:eb:2b:59:34:63:f1:bb:
69:60:da:8a:7c:f0:de:e2:df:ab:12:23:63:5d:9c:e4:b5:83:
6a:a8:13:4f:17:de:d9:c0:8e:ab:79:68:c2:4d:75:ad:a4:43:
03:0b:5e:90:22:12:6e:a8:5b:7b:51:2f:67:81:cf:29:41:93:
e3:61:80:55:2e:b9:ac:cb:f8:d4:47:74:30:54:3d:14:ea:ce:
09:a3:a0:c7:1f:32:24:6f:66:72:4b:3e:25:44:3c:3f:ce:bb:
2f:f1:15:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWEj3DduaSPTaucq0c/tQGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzExMDkzNTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2M5NmM4YTFmNTc0MjY0NWZkZGZiNmJiMDYwNjRmODk3MDk2NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvRPezOfSVajqHYTt2GxAder/H4L
HOJPo0HTkF9EUDhn0iQubmaNs+q6tN7zxKGyUNGKbSBOO0MR76ifyUQDFsZn0q1m
W/o5li306mttFaoeuF8tPbVE0CTATKzhmCZf6UYLPqhnBQYuK17dt8+sPgocwkvO
je2ryeDPM5wtnJC9I+56KuWy5t/kbBCIbgylnvU2DmPO66k54OvCZ/xL/7i8dlYE
YhyJcv0W7E87r70AXd/RJeVDLtMmg//b7BjllRQTVjkK/tQp/9SVU9EOQE6/DaZx
MgmEwjy+EZXTQHgiwH2u4sIn3vQnu7d9HSsQSpW6FVY8Sz9rrgybTt+fewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIPJbIofV0JkX937a7BgZPiXCWQhMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZzhsc2loOVhRbVJmM2Z0cnNHQmstSmNKWkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH34AwQA
ufB6AwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQDAV+CvXQsUI1o4LVmILH+wxHc4
UQQwxoNNdSw7UzLPgh0a5HJOHMvADAVeuLPst5qVHUoIj6q6Bq56kmEsL6wPl2ss
W422oMnszwgBhHV639IxEJZwy+ugC/zFx6Ky2ZoKUKeTIZvsH99WmZaO0nDQafup
lQNbcNYKQnBtQg75O3p2CGCjELK1jpZaR7dKTyq31Zal5hGXFU6GCesrWTRj8btp
YNqKfPDe4t+rEiNjXZzktYNqqBNPF97ZwI6reWjCTXWtpEMDC16QIhJuqFt7US9n
gc8pQZPjYYBVLrmsy/jUR3QwVD0U6s4Jo6DHHzIkb2ZySz4lRDw/zrsv8RVo
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:59:39 2025 by rpki-client