Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/8pzPAWcu8xlhDFcQP8p7N2vEjmc.roa
File: 8pzPAWcu8xlhDFcQP8p7N2vEjmc.roa (raw, json)
Hash identifier: m14VUG7Njuh+/c52BTu3u+XeIkFAWAMtBfuOmdD4GjA=
Subject key identifier: F2:9C:CF:01:67:2E:F3:19:61:0C:57:10:3F:CA:7B:37:6B:C4:8E:67
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0194222016BEB497D92804AE8A3591BE9B24
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/8pzPAWcu8xlhDFcQP8p7N2vEjmc.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138997
IP address blocks: 14.102.226.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:16:be:b4:97:d9:28:04:ae:8a:35:91:be:9b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f29ccf01672ef319610c57103fca7b376bc48e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:11:74:e9:22:fa:b3:e4:02:79:85:c0:fb:2c:
3f:4d:af:bf:0b:cc:82:01:a0:86:7b:b0:10:2b:e9:
c5:23:3c:29:db:9a:78:c8:6b:90:03:a2:b9:56:27:
1b:4b:89:d1:55:10:19:e3:af:31:fc:a9:30:e7:1b:
04:a8:6a:74:56:1f:f0:19:7d:87:11:c8:56:97:9b:
fa:75:97:a8:b5:df:d7:fb:1b:79:f7:04:be:21:22:
90:73:0c:5f:5d:61:d8:b7:f9:8d:bc:9b:02:74:65:
a3:34:0b:c0:95:a8:13:f2:4c:f4:cc:be:82:9d:da:
ad:fe:38:5c:bd:b0:2e:ac:e8:72:1e:7b:cd:ba:fa:
8e:6f:ad:a6:06:ad:70:2e:b6:d2:87:2c:9e:ca:14:
76:95:cf:01:e7:39:bc:ce:40:47:ee:f2:f2:3a:ad:
e1:3a:d9:99:c5:a2:59:ec:ce:33:f4:70:96:51:7b:
68:48:0a:4b:38:27:54:f3:45:f1:52:22:0a:37:63:
89:12:33:9f:26:fa:fc:1f:be:27:e0:e6:a3:b9:59:
b5:b2:51:78:2b:9e:20:cf:e8:5e:46:48:bc:94:3c:
b7:8f:48:8d:8f:c6:8c:19:29:7d:fc:27:b3:2b:84:
d5:91:14:b3:b0:0d:80:56:4a:6b:c9:10:7a:db:2f:
98:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9C:CF:01:67:2E:F3:19:61:0C:57:10:3F:CA:7B:37:6B:C4:8E:67
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/8pzPAWcu8xlhDFcQP8p7N2vEjmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:66:2b:c6:fc:57:a4:9d:d9:2d:7a:dd:8b:73:d6:84:9d:07:
8b:98:a2:87:19:8e:0c:de:fa:89:9a:23:bf:2d:5f:df:3c:39:
00:96:a9:b3:6e:7f:44:4f:55:4b:4b:b5:2a:c0:cc:2d:24:fa:
6a:04:56:fb:7e:b6:31:f6:15:72:5b:4f:20:4b:c7:3f:fe:1a:
43:00:c1:0b:6c:58:e1:b7:65:90:d1:97:08:43:5e:a0:9b:85:
7c:ad:86:b7:f6:24:93:dd:ae:3f:84:96:12:47:7e:81:75:89:
86:a8:a1:5c:ec:5d:cf:a9:dc:61:c5:c3:a3:c2:3d:25:d8:36:
42:33:f0:db:c6:94:cd:05:a7:32:34:db:7d:d7:a3:0f:55:65:
d7:37:32:a0:e0:01:7b:54:95:c7:0f:d4:d9:14:73:87:2f:83:
d9:10:b5:68:05:50:7e:bd:ca:9f:16:f3:f8:e3:89:23:28:78:
38:0a:76:75:32:3a:95:11:30:96:93:7a:d6:37:9e:71:b4:15:
1e:c0:7e:83:1b:86:a3:64:14:78:3e:2d:97:03:84:c5:9c:42:
7a:cf:92:2f:44:77:1e:0f:da:5e:84:ff:92:a0:0a:65:0e:a3:
b7:e5:ae:ff:bb:f2:7b:0a:f9:53:d8:49:d0:ba:c0:73:9a:d5:
2b:73:a9:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBa+tJfZKASuijWRvpskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjljY2YwMTY3MmVmMzE5NjEwYzU3MTAzZmNhN2IzNzZiYzQ4ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RF06SL6s+QCeYXA+yw/Ta+/C8yC
AaCGe7AQK+nFIzwp25p4yGuQA6K5VicbS4nRVRAZ468x/Kkw5xsEqGp0Vh/wGX2H
EchWl5v6dZeotd/X+xt59wS+ISKQcwxfXWHYt/mNvJsCdGWjNAvAlagT8kz0zL6C
ndqt/jhcvbAurOhyHnvNuvqOb62mBq1wLrbShyyeyhR2lc8B5zm8zkBH7vLyOq3h
OtmZxaJZ7M4z9HCWUXtoSApLOCdU80XxUiIKN2OJEjOfJvr8H74n4OajuVm1slF4
K54gz+heRki8lDy3j0iNj8aMGSl9/CezK4TVkRSzsA2AVkpryRB62y+YzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKczwFnLvMZYQxXED/KezdrxI5nMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvOHB6UEFXY3U4eGxoREZjUVA4cDdOMnZFam1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBDmbiMA0G
CSqGSIb3DQEBCwUAA4IBAQArZivG/Fekndktet2Lc9aEnQeLmKKHGY4M3vqJmiO/
LV/fPDkAlqmzbn9ET1VLS7UqwMwtJPpqBFb7frYx9hVyW08gS8c//hpDAMELbFjh
t2WQ0ZcIQ16gm4V8rYa39iST3a4/hJYSR36BdYmGqKFc7F3PqdxhxcOjwj0l2DZC
M/DbxpTNBacyNNt916MPVWXXNzKg4AF7VJXHD9TZFHOHL4PZELVoBVB+vcqfFvP4
44kjKHg4CnZ1MjqVETCWk3rWN55xtBUewH6DG4ajZBR4Pi2XA4TFnEJ6z5IvRHce
D9pehP+SoAplDqO35a7/u/J7CvlT2EnQusBzmtUrc6k2
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:16 2025 by rpki-client