Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/8EfEozKqpY8nxCV4dZXUuFzfoow.roa
File: 8EfEozKqpY8nxCV4dZXUuFzfoow.roa (raw, json)
Hash identifier: bwxpPe2HJWBsUFjWRtljBQTPJIWrn11kpNRYlpt6r2A=
Subject key identifier: F0:47:C4:A3:32:AA:A5:8F:27:C4:25:78:75:95:D4:B8:5C:DF:A2:8C
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019426D9BC69FCD1092F2F813BC39B692FA3
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/8EfEozKqpY8nxCV4dZXUuFzfoow.roa
Signing time: Thu 02 Jan 2025 11:49:50 +0000
ROA not before: Thu 02 Jan 2025 11:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209024
IP address blocks: 176.109.64.0/24 maxlen: 24
176.109.65.0/24 maxlen: 24
176.109.66.0/24 maxlen: 24
176.109.68.0/24 maxlen: 24
176.109.69.0/24 maxlen: 24
2a02:28:d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:bc:69:fc:d1:09:2f:2f:81:3b:c3:9b:69:2f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 11:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f047c4a332aaa58f27c425787595d4b85cdfa28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:76:39:e0:11:fd:88:22:71:4e:4c:e0:f1:87:
bb:73:37:55:2d:e5:79:53:67:28:fd:11:56:a5:6b:
b5:17:33:4c:c0:4c:d1:2f:89:41:bf:dc:58:15:38:
39:ba:31:e8:3b:37:cc:3f:c6:d6:10:a0:a1:40:a8:
29:8e:41:f8:99:67:f1:7b:4a:53:df:b7:4f:b0:16:
c0:35:af:a6:38:d8:47:29:a8:c2:ee:d5:9a:51:ac:
fe:86:a3:73:03:24:00:8f:8a:ed:ae:b5:51:f0:39:
d6:dd:b3:e2:d5:7a:e9:74:f9:5a:50:b5:4e:e5:ed:
2d:d8:0a:a3:0e:fc:eb:4a:4e:c2:c3:39:ef:93:21:
94:3b:75:b9:98:fd:f4:1e:51:2e:9d:cc:88:e8:b7:
fe:19:53:15:4f:04:f9:6b:6c:18:cb:96:5c:66:50:
73:a5:68:47:48:c6:2c:df:57:97:62:08:8e:d7:4a:
30:af:c4:9f:cd:69:62:a2:f6:4c:36:fd:36:20:d0:
7e:45:72:fa:bd:25:cc:b1:5c:c7:72:4b:47:ef:60:
69:4a:ff:51:38:bb:d9:df:5b:87:9d:30:8f:2c:cc:
bb:32:42:a3:80:ed:75:83:96:ce:48:33:7e:5c:05:
b3:e7:97:37:16:37:d7:bf:02:69:79:69:16:bb:52:
99:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:47:C4:A3:32:AA:A5:8F:27:C4:25:78:75:95:D4:B8:5C:DF:A2:8C
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/8EfEozKqpY8nxCV4dZXUuFzfoow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.109.64.0-176.109.66.255
176.109.68.0/23
IPv6:
2a02:28:d::/48
Signature Algorithm: sha256WithRSAEncryption
27:21:d5:4f:0a:68:05:d7:57:0d:0f:88:1a:42:36:2a:cf:c3:
df:e8:ee:fe:93:ee:64:ba:79:45:b8:82:ad:55:c1:79:c5:f0:
39:4a:aa:c4:18:56:51:91:fc:f2:ff:c3:91:2d:a6:bc:4b:9b:
14:a3:9d:75:ea:82:2a:d7:96:04:e8:74:8e:88:bf:7f:d6:52:
76:c2:a1:22:38:82:af:72:75:e8:28:e0:13:f0:b9:88:88:16:
cc:bd:34:0d:8f:29:b7:00:52:56:3f:ad:bc:30:bb:05:6c:bb:
ea:45:85:3d:11:7b:36:a4:7a:a1:b7:ba:46:65:c6:77:61:13:
0f:b9:fe:43:e7:0a:78:b3:61:dd:a4:79:58:90:35:f7:dc:d6:
a3:a2:54:97:3e:95:a6:3e:2b:09:84:45:53:be:d6:45:17:ee:
a4:75:2f:ac:14:e7:26:09:bb:1d:8e:ed:58:99:b0:1f:27:d0:
b6:22:c1:a1:17:a0:32:62:03:33:f1:96:b0:01:72:91:55:be:
46:75:7c:70:3e:55:f1:7d:65:52:8c:01:61:51:15:22:98:59:
28:53:b1:ac:43:bb:14:ad:18:24:54:73:f3:67:2c:7a:eb:b9:
1d:19:a9:20:15:2f:63:5a:c1:54:26:68:a3:d8:15:76:6c:6d:
f5:4e:2e:fd
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQm2bxp/NEJLy+BO8ObaS+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTAyMTE0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ3YzRhMzMyYWFhNThmMjdjNDI1Nzg3NTk1ZDRiODVjZGZhMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXY54BH9iCJxTkzg8Ye7czdVLeV5
U2co/RFWpWu1FzNMwEzRL4lBv9xYFTg5ujHoOzfMP8bWEKChQKgpjkH4mWfxe0pT
37dPsBbANa+mONhHKajC7tWaUaz+hqNzAyQAj4rtrrVR8DnW3bPi1XrpdPlaULVO
5e0t2AqjDvzrSk7CwznvkyGUO3W5mP30HlEuncyI6Lf+GVMVTwT5a2wYy5ZcZlBz
pWhHSMYs31eXYgiO10owr8SfzWliovZMNv02INB+RXL6vSXMsVzHcktH72BpSv9R
OLvZ31uHnTCPLMy7MkKjgO11g5bOSDN+XAWz55c3FjfXvwJpeWkWu1KZnQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPBHxKMyqqWPJ8QleHWV1Lhc36KMMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvOEVmRW96S3FwWThueENWNGRaWFV1Rnpmb293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAawbUAD
BACwbUIDBAGwbUQwDwQCAAIwCQMHACoCACgADTANBgkqhkiG9w0BAQsFAAOCAQEA
JyHVTwpoBddXDQ+IGkI2Ks/D3+ju/pPuZLp5RbiCrVXBecXwOUqqxBhWUZH88v/D
kS2mvEubFKOddeqCKteWBOh0joi/f9ZSdsKhIjiCr3J16CjgE/C5iIgWzL00DY8p
twBSVj+tvDC7BWy76kWFPRF7NqR6obe6RmXGd2ETD7n+Q+cKeLNh3aR5WJA199zW
o6JUlz6Vpj4rCYRFU77WRRfupHUvrBTnJgm7HY7tWJmwHyfQtiLBoRegMmIDM/GW
sAFykVW+RnV8cD5V8X1lUowBYVEVIphZKFOxrEO7FK0YJFRz82cseuu5HRmpIBUv
Y1rBVCZoo9gVdmxt9U4u/Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:45:04 2025 by rpki-client