Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/p8XD3uB843_kFbgGRRNhpVbHNhc.roa
File: p8XD3uB843_kFbgGRRNhpVbHNhc.roa (raw, json)
Hash identifier: YnWFAt+QVG+IA0q0UmwSQrNZaQqeXRIAwaWQ9NfihN8=
Subject key identifier: A7:C5:C3:DE:E0:7C:E3:7F:E4:15:B8:06:45:13:61:A5:56:C7:36:17
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A5458322CA05A0765B02BB686FA1B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/p8XD3uB843_kFbgGRRNhpVbHNhc.roa
Signing time: Wed 01 Jan 2025 19:49:18 +0000
ROA not before: Wed 01 Jan 2025 19:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211194
IP address blocks: 128.0.116.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:54:58:32:2c:a0:5a:07:65:b0:2b:b6:86:fa:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7c5c3dee07ce37fe415b806451361a556c73617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fb:e7:2a:ec:69:f5:05:28:e1:81:18:69:75:
87:ca:0d:98:57:d0:77:a4:a4:f4:06:04:ce:2b:3d:
1d:64:26:65:22:b7:73:9f:c7:26:e0:63:5b:c4:5c:
f7:79:a0:bd:bc:4f:4b:5e:00:18:70:ac:b3:d5:76:
55:00:5e:9d:3d:7d:36:20:a9:96:69:77:53:33:14:
f4:1a:25:3e:9e:2f:9b:f4:95:2b:b5:60:bf:d9:e6:
a2:fa:3c:1a:d6:05:11:36:92:0b:2e:39:a0:48:e6:
7d:d6:5b:6f:e9:89:33:af:bc:d8:ba:33:6e:11:ac:
f5:b0:96:b8:30:13:91:43:79:a7:62:6e:1c:43:b4:
f4:77:b9:25:69:02:c4:ed:11:8c:26:f3:50:22:48:
71:ba:64:06:29:00:57:80:7f:df:f1:7d:c2:bf:6c:
b4:69:a4:5f:5e:60:bd:58:b1:32:01:4a:d3:a8:42:
9d:80:c8:7a:6a:e9:7c:0b:3d:0a:5b:44:d5:94:93:
ac:66:39:c3:92:d3:e0:25:10:da:25:b8:05:4e:90:
e9:3b:73:a8:f3:0c:a5:91:50:af:56:1d:1f:7b:34:
87:34:b4:8c:10:7f:78:2d:38:e9:ad:3f:a5:aa:01:
f4:75:c2:ca:a5:dc:41:4e:32:04:4b:34:ca:b9:6d:
c8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C5:C3:DE:E0:7C:E3:7F:E4:15:B8:06:45:13:61:A5:56:C7:36:17
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/p8XD3uB843_kFbgGRRNhpVbHNhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.116.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:98:a6:30:27:21:7c:06:60:2d:ab:e3:36:de:30:f6:68:e3:
8c:31:af:34:19:a3:56:d4:eb:8c:ea:6a:41:b0:04:8c:0c:d9:
01:22:f7:d7:7d:e3:d3:5c:5d:fd:cd:c4:e7:6e:8d:4a:e3:71:
41:46:b8:05:15:59:a0:a7:e2:c8:e8:d7:47:ae:12:31:99:6a:
a6:c7:37:e3:22:cc:fb:e7:c5:c8:bb:ed:fc:15:26:4e:75:ff:
90:8b:62:80:44:e5:fc:ed:17:2a:bb:92:42:86:41:08:df:95:
c6:6f:42:68:f5:f8:f5:54:d8:3e:ce:44:93:13:10:f7:f9:48:
43:22:be:73:b5:30:cc:e7:37:5d:1e:c2:92:0b:c5:95:2a:29:
28:fa:28:ed:58:e2:8e:a1:19:fe:73:a6:bb:48:e3:2f:04:eb:
24:34:b5:55:38:d1:9f:04:79:c2:1d:eb:74:60:19:73:ae:30:
5c:c1:1a:7a:4c:7b:a7:eb:8b:5f:f5:eb:8b:6e:a4:98:f5:07:
fc:44:b0:ef:28:72:a1:8f:84:91:4c:04:28:16:c8:3f:0a:cc:
4f:d4:42:77:70:a6:71:4f:43:22:aa:37:d6:34:2c:c2:a5:c5:
2f:3b:9e:b0:ac:1c:27:0e:25:e3:9b:c1:70:42:2d:14:d8:a4:
5d:43:5a:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjalRYMiygWgdlsCu2hvobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2M1YzNkZWUwN2NlMzdmZTQxNWI4MDY0NTEzNjFhNTU2YzczNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfvnKuxp9QUo4YEYaXWHyg2YV9B3
pKT0BgTOKz0dZCZlIrdzn8cm4GNbxFz3eaC9vE9LXgAYcKyz1XZVAF6dPX02IKmW
aXdTMxT0GiU+ni+b9JUrtWC/2eai+jwa1gURNpILLjmgSOZ91ltv6Ykzr7zYujNu
Eaz1sJa4MBORQ3mnYm4cQ7T0d7klaQLE7RGMJvNQIkhxumQGKQBXgH/f8X3Cv2y0
aaRfXmC9WLEyAUrTqEKdgMh6aul8Cz0KW0TVlJOsZjnDktPgJRDaJbgFTpDpO3Oo
8wylkVCvVh0fezSHNLSMEH94LTjprT+lqgH0dcLKpdxBTjIESzTKuW3IMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfFw97gfON/5BW4BkUTYaVWxzYXMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvcDhYRDN1Qjg0M19rRmJnR1JSTmhwVmJITmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgAB0MA0G
CSqGSIb3DQEBCwUAA4IBAQC0mKYwJyF8BmAtq+M23jD2aOOMMa80GaNW1OuM6mpB
sASMDNkBIvfXfePTXF39zcTnbo1K43FBRrgFFVmgp+LI6NdHrhIxmWqmxzfjIsz7
58XIu+38FSZOdf+Qi2KAROX87Rcqu5JChkEI35XGb0Jo9fj1VNg+zkSTExD3+UhD
Ir5ztTDM5zddHsKSC8WVKiko+ijtWOKOoRn+c6a7SOMvBOskNLVVONGfBHnCHet0
YBlzrjBcwRp6THun64tf9euLbqSY9Qf8RLDvKHKhj4SRTAQoFsg/CsxP1EJ3cKZx
T0MiqjfWNCzCpcUvO56wrBwnDiXjm8FwQi0U2KRdQ1rw
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:44:47 2025 by rpki-client