Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/0d1172-4bb2-492c-b511-78dc7b2c3e88/1/yOFjl_Pxx0Rc441XIFCRbQAh0C8.roa
File: yOFjl_Pxx0Rc441XIFCRbQAh0C8.roa (raw, json)
Hash identifier: xKAfXgoPQJ/4slkyXjKOtsYsgtyUmgpiHM6n61mT42s=
Subject key identifier: C8:E1:63:97:F3:F1:C7:44:5C:E3:8D:57:20:50:91:6D:00:21:D0:2F
Certificate issuer: /CN=46153e8ac46db5ce574ba7e39e87e8af096c1a89
Certificate serial: 01941FFA2B6BB6B889439B99D136A47715A7
Authority key identifier: 46:15:3E:8A:C4:6D:B5:CE:57:4B:A7:E3:9E:87:E8:AF:09:6C:1A:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RhU-isRttc5XS6fjnoforwlsGok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/0d1172-4bb2-492c-b511-78dc7b2c3e88/1/yOFjl_Pxx0Rc441XIFCRbQAh0C8.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215031
IP address blocks: 195.8.36.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2b:6b:b6:b8:89:43:9b:99:d1:36:a4:77:15:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46153e8ac46db5ce574ba7e39e87e8af096c1a89
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8e16397f3f1c7445ce38d572050916d0021d02f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f4:e5:5d:c8:49:92:cc:3a:cc:8e:eb:67:19:
9f:50:3e:39:91:c3:fa:e3:36:01:8c:3d:58:8c:f6:
cc:69:a3:b9:93:31:0b:3f:f5:57:ad:27:27:d3:dd:
41:4b:80:b1:4b:ed:21:00:c6:57:84:ee:53:e7:54:
17:c5:f2:5d:1a:a8:a0:48:1c:00:5c:8d:f2:21:02:
b5:62:f2:94:a1:d0:6e:bb:9f:a3:cc:35:4b:d4:13:
f0:57:92:01:04:39:37:f7:59:34:51:ba:22:38:74:
7f:28:cb:82:0b:fb:8d:bc:b1:57:15:48:66:0e:c6:
ab:dc:e9:ed:83:f6:b4:a4:0e:fd:18:e7:2a:d5:5b:
39:71:d0:45:a8:f1:0c:b2:fb:23:81:11:36:c4:b9:
9e:c2:ab:a2:af:64:f2:db:8a:6d:52:24:95:ef:4c:
e4:20:16:a1:c8:36:6e:a7:b6:15:e1:0d:fd:33:c2:
3c:7f:b4:52:9f:29:7f:a1:48:4f:48:62:f3:81:a3:
a6:b0:05:9b:31:ec:e6:96:05:74:63:d4:cf:31:6f:
0a:ed:e5:24:4c:47:b8:e7:57:9b:c4:8f:41:88:39:
9f:ba:44:bd:df:1e:fb:5d:04:7a:1f:bd:7d:35:62:
65:cb:c5:94:71:f3:ae:13:ce:ac:5c:28:17:d7:86:
d4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E1:63:97:F3:F1:C7:44:5C:E3:8D:57:20:50:91:6D:00:21:D0:2F
X509v3 Authority Key Identifier:
keyid:46:15:3E:8A:C4:6D:B5:CE:57:4B:A7:E3:9E:87:E8:AF:09:6C:1A:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RhU-isRttc5XS6fjnoforwlsGok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/0d1172-4bb2-492c-b511-78dc7b2c3e88/1/yOFjl_Pxx0Rc441XIFCRbQAh0C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/0d1172-4bb2-492c-b511-78dc7b2c3e88/1/RhU-isRttc5XS6fjnoforwlsGok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.36.0/23
Signature Algorithm: sha256WithRSAEncryption
24:b6:8a:da:20:9e:2d:12:5b:2e:a7:c4:06:a2:14:fd:c1:68:
89:2d:b2:21:2a:7a:7e:ec:38:b3:ba:20:02:c1:34:e7:f1:a1:
27:15:71:39:a9:f2:86:53:2a:90:ad:5a:1d:87:51:ff:bd:da:
bc:71:e1:4b:c4:4d:7e:34:ae:6a:83:82:14:1a:1a:2b:82:ae:
19:64:28:65:1b:99:7e:c0:eb:44:96:93:aa:76:1e:12:51:12:
9b:e2:0a:40:d8:ae:f9:c2:3b:21:69:80:6f:15:fe:b4:6a:1c:
e1:c5:1b:cf:ec:6c:46:fa:f3:9f:67:55:78:20:b7:08:c8:d1:
f2:a6:0e:54:04:7e:14:3b:31:c4:a8:6e:f7:57:f6:0d:d9:4c:
f8:c1:e6:3d:01:63:01:2f:3a:cd:2c:a0:60:d7:ba:83:ea:07:
e4:d2:ee:0e:1e:f5:42:5c:eb:fe:38:94:76:44:f9:e7:12:21:
d0:58:c0:00:f7:9a:94:8e:ca:9a:26:59:7e:c8:f8:d0:26:67:
bc:f9:a1:45:0e:24:98:8d:d0:b4:59:86:dd:4b:dd:d1:5a:4b:
37:f1:a3:0c:31:83:08:08:1d:c9:b4:82:11:33:b0:85:23:b6:
5f:21:0c:36:81:34:19:4f:20:3b:8b:07:21:2d:e6:b3:2b:60:
d3:42:4e:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+itrtriJQ5uZ0TakdxWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MTUzZThhYzQ2ZGI1Y2U1NzRiYTdlMzllODdlOGFmMDk2
YzFhODkwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGUxNjM5N2YzZjFjNzQ0NWNlMzhkNTcyMDUwOTE2ZDAwMjFkMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfTlXchJksw6zI7rZxmfUD45kcP6
4zYBjD1YjPbMaaO5kzELP/VXrScn091BS4CxS+0hAMZXhO5T51QXxfJdGqigSBwA
XI3yIQK1YvKUodBuu5+jzDVL1BPwV5IBBDk391k0UboiOHR/KMuCC/uNvLFXFUhm
Dsar3Ontg/a0pA79GOcq1Vs5cdBFqPEMsvsjgRE2xLmewquir2Ty24ptUiSV70zk
IBahyDZup7YV4Q39M8I8f7RSnyl/oUhPSGLzgaOmsAWbMezmlgV0Y9TPMW8K7eUk
TEe451ebxI9BiDmfukS93x77XQR6H719NWJly8WUcfOuE86sXCgX14bUoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjhY5fz8cdEXOONVyBQkW0AIdAvMB8GA1UdIwQY
MBaAFEYVPorEbbXOV0un456H6K8JbBqJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmhVLWlzUnR0YzVYUzZmam5vZm9yd2xzR29rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8wZDExNzItNGJiMi00OTJjLWI1MTEt
NzhkYzdiMmMzZTg4LzEveU9GamxfUHh4MFJjNDQxWElGQ1JiUUFoMEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8wZDExNzItNGJiMi00OTJjLWI1MTEtNzhkYzdiMmMzZTg4
LzEvUmhVLWlzUnR0YzVYUzZmam5vZm9yd2xzR29rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwgkMA0G
CSqGSIb3DQEBCwUAA4IBAQAktoraIJ4tElsup8QGohT9wWiJLbIhKnp+7DizuiAC
wTTn8aEnFXE5qfKGUyqQrVodh1H/vdq8ceFLxE1+NK5qg4IUGhorgq4ZZChlG5l+
wOtElpOqdh4SURKb4gpA2K75wjshaYBvFf60ahzhxRvP7GxG+vOfZ1V4ILcIyNHy
pg5UBH4UOzHEqG73V/YN2Uz4weY9AWMBLzrNLKBg17qD6gfk0u4OHvVCXOv+OJR2
RPnnEiHQWMAA95qUjsqaJll+yPjQJme8+aFFDiSYjdC0WYbdS93RWks38aMMMYMI
CB3JtIIRM7CFI7ZfIQw2gTQZTyA7iwchLeazK2DTQk6J
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:53:39 2025 by rpki-client