Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/f8kI2b59PBZRb_sckjtBe463HL0.roa
File: f8kI2b59PBZRb_sckjtBe463HL0.roa (raw, json)
Hash identifier: f8FR8GkiNDWi6iflclZKzM3152IDL3F7lGZsDidin1k=
Subject key identifier: 7F:C9:08:D9:BE:7D:3C:16:51:6F:FB:1C:92:3B:41:7B:8E:B7:1C:BD
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0194252222F16F0473338D90D3087D7EED86
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/f8kI2b59PBZRb_sckjtBe463HL0.roa
Signing time: Thu 02 Jan 2025 03:49:41 +0000
ROA not before: Thu 02 Jan 2025 03:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31486
IP address blocks: 185.96.170.0/24 maxlen: 24
2a06:9140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:22:f1:6f:04:73:33:8d:90:d3:08:7d:7e:ed:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 03:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fc908d9be7d3c16516ffb1c923b417b8eb71cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:02:83:7a:b7:2e:67:cb:ad:84:c0:e3:56:39:
0f:02:48:b0:17:f0:41:3a:5e:ce:c0:63:c0:89:60:
0f:ca:a9:df:4f:ef:e6:7f:ab:3a:8e:ce:74:ce:bd:
5d:50:58:7e:f1:cf:cf:ed:8f:c7:7c:f4:39:88:08:
63:1d:ae:12:76:54:59:63:ee:94:7f:25:00:ac:fe:
08:48:f3:2a:fd:2b:3b:27:2e:12:59:36:83:19:65:
1b:a7:0f:70:d6:b3:3d:ca:b1:57:0c:5b:18:dc:d0:
45:2e:cf:be:0f:09:3a:1a:d9:ee:22:c1:da:96:c9:
a1:e3:1b:c9:43:bc:3c:a0:7d:98:f3:b4:c5:94:f3:
29:a7:06:a8:42:d2:09:e6:05:f0:d3:b6:ca:31:be:
1d:e9:b4:0a:dc:88:a1:41:08:a4:0d:cf:61:6c:a8:
0b:5b:5e:96:cb:07:ea:21:da:bd:c9:7f:fc:a0:f4:
e2:9f:c0:1b:32:b3:fc:c1:01:a1:60:16:89:8f:4d:
b8:13:42:d9:1d:34:65:71:6c:7d:21:8d:01:2c:0e:
81:2a:5e:8b:04:45:bf:96:aa:c4:04:22:ff:38:bc:
ca:db:92:d7:6d:f3:9e:4a:40:5e:c5:0d:13:f5:87:
18:67:f5:59:43:1c:4f:36:d8:52:1e:3a:3b:1d:9a:
a3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C9:08:D9:BE:7D:3C:16:51:6F:FB:1C:92:3B:41:7B:8E:B7:1C:BD
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/f8kI2b59PBZRb_sckjtBe463HL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.170.0/24
IPv6:
2a06:9140::/29
Signature Algorithm: sha256WithRSAEncryption
6b:cd:0d:fa:cf:29:7b:98:34:b9:a8:a9:62:81:15:d6:7a:2f:
fd:38:28:a5:48:2d:fb:92:f4:4f:65:7e:07:b3:7c:1f:01:05:
73:70:dd:50:ac:2f:d9:79:8d:3f:4e:ee:f7:ca:d7:ba:45:4e:
ca:84:10:58:cc:4d:ff:18:c1:74:e7:85:70:ec:50:ae:d7:e8:
7c:e2:26:da:10:39:17:52:a9:12:48:3a:30:fe:30:99:81:55:
5e:12:08:64:ec:bd:62:47:44:e0:49:2b:62:88:3d:a0:ca:d5:
69:3f:70:47:d1:86:b5:79:4c:10:12:05:84:60:fa:95:c0:f6:
14:fd:32:1b:f4:9d:74:e2:b2:f5:0b:d6:f8:cd:8a:07:b1:f2:
00:59:59:32:43:13:8c:51:a2:11:30:34:48:5b:bd:57:bb:7b:
d8:65:28:73:4d:ff:f1:9a:f2:f9:90:25:68:34:74:c6:3f:21:
e5:60:b0:9e:15:6f:26:97:c8:1c:19:bd:1e:96:80:74:31:29:
e4:cf:c3:85:00:d3:c4:bc:54:86:6c:19:8a:b9:73:ed:91:f9:
2f:b3:15:10:4b:1d:cb:10:f8:99:7b:4d:2a:c7:e2:b3:be:50:
72:46:02:3b:9f:db:0a:67:c6:e3:05:db:d8:1a:81:7a:b4:c9:
50:27:10:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIiLxbwRzM42Q0wh9fu2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjUwMTAyMDM0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmM5MDhkOWJlN2QzYzE2NTE2ZmZiMWM5MjNiNDE3YjhlYjcxY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAKDercuZ8uthMDjVjkPAkiwF/BB
Ol7OwGPAiWAPyqnfT+/mf6s6js50zr1dUFh+8c/P7Y/HfPQ5iAhjHa4SdlRZY+6U
fyUArP4ISPMq/Ss7Jy4SWTaDGWUbpw9w1rM9yrFXDFsY3NBFLs++Dwk6GtnuIsHa
lsmh4xvJQ7w8oH2Y87TFlPMppwaoQtIJ5gXw07bKMb4d6bQK3IihQQikDc9hbKgL
W16WywfqIdq9yX/8oPTin8AbMrP8wQGhYBaJj024E0LZHTRlcWx9IY0BLA6BKl6L
BEW/lqrEBCL/OLzK25LXbfOeSkBexQ0T9YcYZ/VZQxxPNthSHjo7HZqjBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH/JCNm+fTwWUW/7HJI7QXuOtxy9MB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvZjhrSTJiNTlQQlpSYl9zY2tqdEJlNDYzSEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWCqMA0E
AgACMAcDBQMqBpFAMA0GCSqGSIb3DQEBCwUAA4IBAQBrzQ36zyl7mDS5qKligRXW
ei/9OCilSC37kvRPZX4Hs3wfAQVzcN1QrC/ZeY0/Tu73yte6RU7KhBBYzE3/GMF0
54Vw7FCu1+h84ibaEDkXUqkSSDow/jCZgVVeEghk7L1iR0TgSStiiD2gytVpP3BH
0Ya1eUwQEgWEYPqVwPYU/TIb9J104rL1C9b4zYoHsfIAWVkyQxOMUaIRMDRIW71X
u3vYZShzTf/xmvL5kCVoNHTGPyHlYLCeFW8ml8gcGb0eloB0MSnkz8OFANPEvFSG
bBmKuXPtkfkvsxUQSx3LEPiZe00qx+KzvlByRgI7n9sKZ8bjBdvYGoF6tMlQJxDn
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:27:24 2025 by rpki-client