Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i2xjHboexoRTpg38Qi-okoPsUcQ.roa
File: i2xjHboexoRTpg38Qi-okoPsUcQ.roa (raw, json)
Hash identifier: x9dOoFm67St5fPryA+wWNLVDwzCG4EBSO5jTeQtPIqE=
Subject key identifier: 8B:6C:63:1D:BA:1E:C6:84:53:A6:0D:FC:42:2F:A8:92:83:EC:51:C4
Certificate issuer: /CN=8bb8b612721d4d4c2d07cbfe2e495e986a0f026d
Certificate serial: 019423D809156E4216D4DDBD9AEFF3AEA504
Authority key identifier: 8B:B8:B6:12:72:1D:4D:4C:2D:07:CB:FE:2E:49:5E:98:6A:0F:02:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7i2EnIdTUwtB8v-LklemGoPAm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i2xjHboexoRTpg38Qi-okoPsUcQ.roa
Signing time: Wed 01 Jan 2025 21:49:08 +0000
ROA not before: Wed 01 Jan 2025 21:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215586
IP address blocks: 185.118.116.0/24 maxlen: 24
2a14:6c80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:09:15:6e:42:16:d4:dd:bd:9a:ef:f3:ae:a5:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb8b612721d4d4c2d07cbfe2e495e986a0f026d
Validity
Not Before: Jan 1 21:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b6c631dba1ec68453a60dfc422fa89283ec51c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c5:02:c3:cb:b9:2a:88:02:3e:7d:36:26:27:
5a:08:05:7c:a6:a2:4f:bc:5e:93:74:c5:a0:68:01:
f3:c9:d2:47:5c:e6:a9:48:f0:5f:9e:68:63:f3:1c:
6e:27:24:e2:90:59:3c:c7:da:2f:d6:45:0b:b6:63:
97:e3:d7:03:13:66:10:da:fc:58:a4:29:74:4b:d1:
a1:06:72:3e:87:3d:b8:73:2a:9e:1b:0b:e3:78:4e:
bd:65:53:3c:f0:68:f7:1b:fb:e2:87:46:2d:9b:45:
0d:cc:89:57:8c:72:57:2c:ca:4d:31:53:53:a3:0a:
9c:c4:6c:f9:01:d7:91:9c:3b:5f:be:f9:08:85:7d:
93:0a:79:c3:49:88:13:6d:9e:fe:22:c8:90:ee:6e:
37:8d:eb:11:e7:91:75:57:93:bc:5d:ec:32:ad:2c:
cd:f9:d0:80:70:c3:bd:ca:8d:53:9c:ab:19:6c:f3:
b2:3f:78:e1:85:f3:7a:ca:a1:d9:c1:07:40:e6:28:
8b:89:fb:ab:42:ec:45:7c:d3:f6:89:c8:01:1f:da:
6f:8b:e5:3c:5b:cc:dd:58:36:3e:17:82:d2:4e:ee:
eb:dc:a2:8e:d2:40:a7:38:26:c9:07:67:14:db:26:
e6:9a:96:b2:92:fc:e6:a7:32:d9:9c:1a:97:2e:c3:
45:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6C:63:1D:BA:1E:C6:84:53:A6:0D:FC:42:2F:A8:92:83:EC:51:C4
X509v3 Authority Key Identifier:
keyid:8B:B8:B6:12:72:1D:4D:4C:2D:07:CB:FE:2E:49:5E:98:6A:0F:02:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7i2EnIdTUwtB8v-LklemGoPAm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i2xjHboexoRTpg38Qi-okoPsUcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7192c2-a788-4f56-be6b-bb493c46df3e/1/i7i2EnIdTUwtB8v-LklemGoPAm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.116.0/24
IPv6:
2a14:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
5f:e4:11:26:43:7b:b7:e6:98:70:c2:c2:c2:2a:82:b1:ae:8b:
dd:c7:db:8a:9f:e6:67:3e:70:24:6c:50:f8:e2:83:74:1c:6e:
7e:43:54:e3:5b:ac:17:36:80:e6:7f:11:e5:7e:c6:14:dc:a1:
66:52:4d:4a:e4:42:72:84:3d:d1:88:70:99:64:51:3b:9e:a5:
37:d5:a3:d4:4c:1b:87:b1:d4:9e:d0:d6:f8:18:e5:65:39:5d:
76:7a:d5:97:59:a1:af:4c:ff:11:9e:04:a1:ba:4c:8a:7f:30:
dd:44:ca:fa:ce:54:a6:d9:3d:e2:e6:29:b2:9f:67:3f:43:bf:
12:8b:dd:8e:99:29:0e:14:ed:b0:45:81:36:a7:0f:16:2f:16:
b1:70:4e:6f:fd:e9:e4:73:2f:60:7e:c0:a7:13:c1:99:64:e3:
d2:e6:2b:d6:30:10:98:86:70:13:8d:9d:61:cc:7f:86:c9:9c:
17:ae:cf:b4:65:ab:cb:a0:a0:eb:ec:e9:bf:c6:67:4e:71:12:
f8:39:06:e7:fa:40:e4:d7:2b:f2:60:44:54:ff:65:4e:ac:ad:
17:99:6f:28:13:74:78:59:65:dd:97:95:52:e7:b1:55:c7:dc:
71:ff:1f:96:a0:96:cf:77:8b:b5:42:fd:bc:d4:39:5e:0c:b9:
78:3b:c2:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj2AkVbkIW1N29mu/zrqUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjhiNjEyNzIxZDRkNGMyZDA3Y2JmZTJlNDk1ZTk4NmEw
ZjAyNmQwHhcNMjUwMTAxMjE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjZjNjMxZGJhMWVjNjg0NTNhNjBkZmM0MjJmYTg5MjgzZWM1MWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsUCw8u5KogCPn02JidaCAV8pqJP
vF6TdMWgaAHzydJHXOapSPBfnmhj8xxuJyTikFk8x9ov1kULtmOX49cDE2YQ2vxY
pCl0S9GhBnI+hz24cyqeGwvjeE69ZVM88Gj3G/vih0Ytm0UNzIlXjHJXLMpNMVNT
owqcxGz5AdeRnDtfvvkIhX2TCnnDSYgTbZ7+IsiQ7m43jesR55F1V5O8XewyrSzN
+dCAcMO9yo1TnKsZbPOyP3jhhfN6yqHZwQdA5iiLifurQuxFfNP2icgBH9pvi+U8
W8zdWDY+F4LSTu7r3KKO0kCnOCbJB2cU2ybmmpaykvzmpzLZnBqXLsNFIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFItsYx26HsaEU6YN/EIvqJKD7FHEMB8GA1UdIwQY
MBaAFIu4thJyHU1MLQfL/i5JXphqDwJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdpMkVuSWRUVXd0Qjh2LUxrbGVtR29QQW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83MTkyYzItYTc4OC00ZjU2LWJlNmIt
YmI0OTNjNDZkZjNlLzEvaTJ4akhib2V4b1JUcGczOFFpLW9rb1BzVWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83MTkyYzItYTc4OC00ZjU2LWJlNmItYmI0OTNjNDZkZjNl
LzEvaTdpMkVuSWRUVXd0Qjh2LUxrbGVtR29QQW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXZ0MA0E
AgACMAcDBQAqFGyAMA0GCSqGSIb3DQEBCwUAA4IBAQBf5BEmQ3u35phwwsLCKoKx
rovdx9uKn+ZnPnAkbFD44oN0HG5+Q1TjW6wXNoDmfxHlfsYU3KFmUk1K5EJyhD3R
iHCZZFE7nqU31aPUTBuHsdSe0Nb4GOVlOV12etWXWaGvTP8RngShukyKfzDdRMr6
zlSm2T3i5imyn2c/Q78Si92OmSkOFO2wRYE2pw8WLxaxcE5v/enkcy9gfsCnE8GZ
ZOPS5ivWMBCYhnATjZ1hzH+GyZwXrs+0ZavLoKDr7Om/xmdOcRL4OQbn+kDk1yvy
YERU/2VOrK0XmW8oE3R4WWXdl5VS57FVx9xx/x+WoJbPd4u1Qv281DleDLl4O8JX
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:45 2025 by rpki-client