Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/p8shIi3yBf38Wuha5FjXdL-q2Cs.roa
File: p8shIi3yBf38Wuha5FjXdL-q2Cs.roa (raw, json)
Hash identifier: RVY0Ltw8XGdyNjknxGAWw++oaVgHwslwthSonPADGb8=
Subject key identifier: A7:CB:21:22:2D:F2:05:FD:FC:5A:E8:5A:E4:58:D7:74:BF:AA:D8:2B
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0192AC932437FE13C964B9E4A05F9CBD0B1D
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/p8shIi3yBf38Wuha5FjXdL-q2Cs.roa
Signing time: Mon 21 Oct 2024 00:56:17 +0000
ROA not before: Mon 21 Oct 2024 00:56:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60790
IP address blocks: 85.117.243.0/24 maxlen: 24
194.110.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ac:93:24:37:fe:13:c9:64:b9:e4:a0:5f:9c:bd:0b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Oct 21 00:56:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7cb21222df205fdfc5ae85ae458d774bfaad82b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b8:ef:df:07:40:77:c0:b2:65:e7:2a:30:a4:
2e:b3:3b:15:5e:60:0b:9e:df:ce:66:ce:fd:85:09:
b6:2f:0a:a3:d5:04:a2:d6:3c:6c:ed:61:2e:1d:cb:
de:d4:4a:18:f4:49:d2:b1:41:37:f9:26:87:be:43:
0f:1d:0e:af:c9:80:60:17:96:3d:53:5c:73:bb:84:
23:dc:f2:2d:9c:f8:64:60:61:cb:10:7e:cc:10:f6:
ee:41:d2:55:fc:87:13:26:a7:ce:cc:54:27:07:7d:
99:76:b6:78:ee:30:63:d7:7f:86:a0:21:71:34:81:
60:31:4d:3d:34:45:98:1a:82:1f:ee:16:48:62:0c:
15:91:0f:0f:80:d3:9a:dd:ff:09:79:cc:4e:c8:ca:
02:66:03:89:b7:66:b2:58:fb:ab:38:ff:29:65:30:
06:55:4c:f9:b1:bd:a1:76:82:75:34:df:57:88:3b:
1d:ef:98:85:3d:a8:f9:ba:b9:e2:51:b5:76:1e:87:
f3:81:bb:d7:5e:e5:fb:c8:b6:c2:04:e6:6b:2c:a0:
d5:55:4f:01:95:7f:12:8b:12:7a:7a:20:66:18:51:
b9:c8:76:3f:f2:09:82:bc:f0:24:c9:e6:db:18:2f:
ed:99:ae:e7:7f:f0:49:30:f1:1d:d8:00:70:73:e8:
7c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:CB:21:22:2D:F2:05:FD:FC:5A:E8:5A:E4:58:D7:74:BF:AA:D8:2B
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/p8shIi3yBf38Wuha5FjXdL-q2Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
194.110.172.0/24
Signature Algorithm: sha256WithRSAEncryption
33:1b:30:f8:16:32:ae:60:9d:6d:d0:f4:73:37:54:ed:21:3a:
56:65:9c:c8:5c:84:22:99:81:bb:8e:00:44:ac:79:43:1b:28:
12:57:76:c0:ec:02:42:9e:92:4e:c4:a3:7d:a0:c2:3f:5b:e4:
91:7a:5e:7c:37:ec:ea:b7:94:c2:af:ea:22:6f:1b:34:6d:13:
0c:dd:bd:3e:b7:70:b8:4c:2c:6d:6d:ed:7d:8a:86:95:d7:4e:
e8:0c:26:e0:a9:55:d3:91:1a:16:2b:16:42:4d:6b:3c:f8:18:
9e:d1:6e:40:0b:53:5b:07:7d:86:33:cd:df:ee:c7:1e:29:cf:
b8:42:67:2d:49:af:bc:ad:3b:bd:bd:f5:22:8d:e8:18:67:89:
28:15:f5:72:f7:bb:07:35:ce:05:aa:d1:39:9f:20:5e:9a:09:
4d:a8:67:31:1a:05:66:e5:3e:39:26:02:76:95:54:a1:53:88:
9b:ad:3b:c8:1e:9d:d4:fc:6c:20:28:d5:8b:29:dd:7a:ba:53:
1a:6b:0c:c8:cb:c9:2d:9e:89:1e:3d:76:c2:8e:30:3e:a6:ce:
c4:c0:0a:9b:49:7f:2f:5e:f7:3b:56:19:10:93:2c:82:e3:99:
f9:78:d4:3a:92:1d:5e:4e:9f:47:42:14:79:02:d7:1a:16:dd:
92:48:c5:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKskyQ3/hPJZLnkoF+cvQsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQxMDIxMDA1NjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2NiMjEyMjJkZjIwNWZkZmM1YWU4NWFlNDU4ZDc3NGJmYWFkODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrjv3wdAd8CyZecqMKQuszsVXmAL
nt/OZs79hQm2Lwqj1QSi1jxs7WEuHcve1EoY9EnSsUE3+SaHvkMPHQ6vyYBgF5Y9
U1xzu4Qj3PItnPhkYGHLEH7MEPbuQdJV/IcTJqfOzFQnB32ZdrZ47jBj13+GoCFx
NIFgMU09NEWYGoIf7hZIYgwVkQ8PgNOa3f8JecxOyMoCZgOJt2ayWPurOP8pZTAG
VUz5sb2hdoJ1NN9XiDsd75iFPaj5urniUbV2HofzgbvXXuX7yLbCBOZrLKDVVU8B
lX8SixJ6eiBmGFG5yHY/8gmCvPAkyebbGC/tma7nf/BJMPEd2ABwc+h8QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKfLISIt8gX9/FroWuRY13S/qtgrMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvcDhzaElpM3lCZjM4V3VoYTVGalhkTC1xMkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXXzAwQA
wm6sMA0GCSqGSIb3DQEBCwUAA4IBAQAzGzD4FjKuYJ1t0PRzN1TtITpWZZzIXIQi
mYG7jgBErHlDGygSV3bA7AJCnpJOxKN9oMI/W+SRel58N+zqt5TCr+oibxs0bRMM
3b0+t3C4TCxtbe19ioaV107oDCbgqVXTkRoWKxZCTWs8+Bie0W5AC1NbB32GM83f
7sceKc+4QmctSa+8rTu9vfUijegYZ4koFfVy97sHNc4FqtE5nyBemglNqGcxGgVm
5T45JgJ2lVShU4ibrTvIHp3U/GwgKNWLKd16ulMaawzIy8ktnokePXbCjjA+ps7E
wAqbSX8vXvc7VhkQkyyC45n5eNQ6kh1eTp9HQhR5AtcaFt2SSMUm
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:41:55 2025 by rpki-client