Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/f3d2f4-9263-4ece-9db3-e081a5b41432/1/8iSreq9sFy4jQpPohIGSY5mGVho.roa
File: 8iSreq9sFy4jQpPohIGSY5mGVho.roa (raw, json)
Hash identifier: JWocgKBNIhnSVWHkP0cAfvpMZaqkdklTc5KStlxqdMY=
Subject key identifier: F2:24:AB:7A:AF:6C:17:2E:23:42:93:E8:84:81:92:63:99:86:56:1A
Certificate issuer: /CN=398f7106bed10fe7ffc65bbd64adbedc9dbd525e
Certificate serial: 01941F8C0A16E895597B17709C0DECF396B3
Authority key identifier: 39:8F:71:06:BE:D1:0F:E7:FF:C6:5B:BD:64:AD:BE:DC:9D:BD:52:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OY9xBr7RD-f_xlu9ZK2-3J29Ul4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/f3d2f4-9263-4ece-9db3-e081a5b41432/1/8iSreq9sFy4jQpPohIGSY5mGVho.roa
Signing time: Wed 01 Jan 2025 01:47:38 +0000
ROA not before: Wed 01 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57715
IP address blocks: 194.31.48.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0a:16:e8:95:59:7b:17:70:9c:0d:ec:f3:96:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=398f7106bed10fe7ffc65bbd64adbedc9dbd525e
Validity
Not Before: Jan 1 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f224ab7aaf6c172e234293e8848192639986561a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:81:92:c4:25:fc:f0:5f:e3:fd:30:0f:1f:28:
ac:d7:03:9f:e7:30:f9:95:84:0c:fa:56:9b:ed:df:
3d:c5:b8:f7:04:0f:fc:f8:e6:d2:82:36:26:ca:93:
fc:0d:d8:a2:56:f8:04:c9:61:af:71:a0:b6:96:b4:
cc:a3:b6:eb:90:b6:8d:45:fc:e8:7d:89:0b:1e:01:
21:64:94:43:01:13:2a:43:ae:ba:da:4c:48:8a:9e:
84:42:15:42:f3:d5:46:e7:1d:6c:de:fa:5a:5e:0c:
4d:82:38:60:41:ab:53:05:48:fb:8f:09:37:89:04:
97:fb:e6:60:ed:47:af:fd:b3:2e:b9:05:d0:0c:61:
f3:b8:b0:25:34:ba:18:80:10:ab:bc:9f:aa:ea:85:
01:08:dc:32:ec:e2:b1:6d:35:54:9c:a0:4b:3a:bd:
0f:38:c9:dd:a9:14:e5:d2:a3:87:92:c6:ed:e2:64:
75:10:eb:6c:9a:32:51:cc:ef:42:65:1c:32:91:5b:
d8:be:6a:8c:aa:ea:63:8c:66:8c:4f:8a:30:df:3e:
3b:e8:a1:75:64:f9:75:5b:94:f9:92:b5:ea:4b:23:
e8:60:01:cb:f6:7e:c5:ce:65:78:48:6d:a8:d3:2f:
1f:48:0a:7b:4c:9f:8a:0d:ae:7a:1c:bf:b5:5a:3a:
55:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:24:AB:7A:AF:6C:17:2E:23:42:93:E8:84:81:92:63:99:86:56:1A
X509v3 Authority Key Identifier:
keyid:39:8F:71:06:BE:D1:0F:E7:FF:C6:5B:BD:64:AD:BE:DC:9D:BD:52:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OY9xBr7RD-f_xlu9ZK2-3J29Ul4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/f3d2f4-9263-4ece-9db3-e081a5b41432/1/8iSreq9sFy4jQpPohIGSY5mGVho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/f3d2f4-9263-4ece-9db3-e081a5b41432/1/OY9xBr7RD-f_xlu9ZK2-3J29Ul4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.48.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:54:53:87:aa:40:15:62:3f:fc:59:dd:f2:9d:3a:94:1a:db:
e7:4f:18:56:c7:4a:80:c6:ac:22:0b:69:7f:db:68:2e:43:5b:
60:82:6b:83:f6:c4:35:82:77:d0:f0:99:ec:8b:a7:a6:62:13:
25:3f:b4:e8:81:e5:56:36:db:43:82:2f:84:c5:0c:dc:e0:5b:
fe:8d:8b:9a:23:3c:83:01:39:48:70:0a:bf:af:3d:91:05:b1:
cf:b8:fc:67:d5:5f:cc:01:2a:12:05:98:b7:e0:5c:ee:d0:b4:
d8:6d:30:b0:4b:f1:89:0f:e9:18:2a:55:5c:98:df:63:81:79:
80:78:d3:97:61:e1:48:33:0b:80:90:07:a4:24:55:ea:0e:89:
b9:23:83:54:ce:3e:2b:0a:fb:7f:73:78:d8:2b:75:d8:2e:28:
12:11:ad:19:f8:88:fd:06:25:42:dd:af:94:c4:c1:e4:5d:d1:
12:c7:50:7b:e7:ca:68:8d:37:1d:3f:8a:55:0a:4b:3d:ed:f3:
b4:92:39:8d:a6:85:8b:29:cc:cb:b6:03:fe:5c:54:eb:ec:da:
d8:b1:fb:e8:9f:77:f6:33:99:ef:27:e8:dd:d7:e0:18:74:83:
60:27:4e:e2:a1:98:2d:1f:75:44:ad:10:88:8c:30:28:ff:e9:
bb:16:5a:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjAoW6JVZexdwnA3s85azMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OGY3MTA2YmVkMTBmZTdmZmM2NWJiZDY0YWRiZWRjOWRi
ZDUyNWUwHhcNMjUwMTAxMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjI0YWI3YWFmNmMxNzJlMjM0MjkzZTg4NDgxOTI2Mzk5ODY1NjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoGSxCX88F/j/TAPHyis1wOf5zD5
lYQM+lab7d89xbj3BA/8+ObSgjYmypP8DdiiVvgEyWGvcaC2lrTMo7brkLaNRfzo
fYkLHgEhZJRDARMqQ6662kxIip6EQhVC89VG5x1s3vpaXgxNgjhgQatTBUj7jwk3
iQSX++Zg7Uev/bMuuQXQDGHzuLAlNLoYgBCrvJ+q6oUBCNwy7OKxbTVUnKBLOr0P
OMndqRTl0qOHksbt4mR1EOtsmjJRzO9CZRwykVvYvmqMqupjjGaMT4ow3z476KF1
ZPl1W5T5krXqSyPoYAHL9n7FzmV4SG2o0y8fSAp7TJ+KDa56HL+1WjpVeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIkq3qvbBcuI0KT6ISBkmOZhlYaMB8GA1UdIwQY
MBaAFDmPcQa+0Q/n/8ZbvWStvtydvVJeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1k5eEJyN1JELWZfeGx1OVpLMi0zSjI5VWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9mM2QyZjQtOTI2My00ZWNlLTlkYjMt
ZTA4MWE1YjQxNDMyLzEvOGlTcmVxOXNGeTRqUXBQb2hJR1NZNW1HVmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9mM2QyZjQtOTI2My00ZWNlLTlkYjMtZTA4MWE1YjQxNDMy
LzEvT1k5eEJyN1JELWZfeGx1OVpLMi0zSjI5VWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwh8wMA0G
CSqGSIb3DQEBCwUAA4IBAQA6VFOHqkAVYj/8Wd3ynTqUGtvnTxhWx0qAxqwiC2l/
22guQ1tggmuD9sQ1gnfQ8Jnsi6emYhMlP7TogeVWNttDgi+ExQzc4Fv+jYuaIzyD
ATlIcAq/rz2RBbHPuPxn1V/MASoSBZi34Fzu0LTYbTCwS/GJD+kYKlVcmN9jgXmA
eNOXYeFIMwuAkAekJFXqDom5I4NUzj4rCvt/c3jYK3XYLigSEa0Z+Ij9BiVC3a+U
xMHkXdESx1B758pojTcdP4pVCks97fO0kjmNpoWLKczLtgP+XFTr7NrYsfvon3f2
M5nvJ+jd1+AYdINgJ07ioZgtH3VErRCIjDAo/+m7FlpN
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:28 2025 by rpki-client