Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/82d824-4e02-46d4-854a-bd0512ce4905/1/8eIa-4UA2fnyQQyLs8y9bQIaWAM.roa
File: 8eIa-4UA2fnyQQyLs8y9bQIaWAM.roa (raw, json)
Hash identifier: SYGKUkvXI/obgdGVYKiFu2OylosInlCBmN7hXgRUyO8=
Subject key identifier: F1:E2:1A:FB:85:00:D9:F9:F2:41:0C:8B:B3:CC:BD:6D:02:1A:58:03
Certificate issuer: /CN=ffa41d3413ddacc91fe0f4426a828681cf30e0fc
Certificate serial: 01941FFAB26B450FF589E0BB371AAD84DE2A
Authority key identifier: FF:A4:1D:34:13:DD:AC:C9:1F:E0:F4:42:6A:82:86:81:CF:30:E0:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_6QdNBPdrMkf4PRCaoKGgc8w4Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/82d824-4e02-46d4-854a-bd0512ce4905/1/8eIa-4UA2fnyQQyLs8y9bQIaWAM.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39224
IP address blocks: 185.253.252.0/22 maxlen: 22
2a05:fec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b2:6b:45:0f:f5:89:e0:bb:37:1a:ad:84:de:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffa41d3413ddacc91fe0f4426a828681cf30e0fc
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1e21afb8500d9f9f2410c8bb3ccbd6d021a5803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4c:97:16:fc:b0:45:d5:12:00:f8:8b:96:66:
11:2c:09:2c:62:67:e7:04:e3:91:bb:a9:f9:e8:16:
c8:b3:87:fd:f2:f0:86:46:ab:bd:9b:8b:f8:ad:9c:
37:17:9a:d3:a2:91:55:b1:3e:a3:4e:b4:24:18:0e:
35:52:9b:a6:1e:06:29:d3:d2:36:28:50:59:2c:bd:
f5:86:68:73:27:5d:68:fe:f6:85:65:ae:68:a7:f9:
c9:8c:1d:b7:1f:71:13:49:f3:69:7f:94:fd:67:19:
b5:35:66:76:b6:29:ac:00:96:2e:0c:60:88:f2:e0:
ac:c5:15:8c:d3:ac:5a:08:66:80:74:46:a2:b8:f4:
58:d3:98:93:00:48:41:46:73:ab:05:24:e7:f0:89:
ab:39:e7:e6:f2:9b:ff:47:40:06:d3:a0:ce:32:e0:
af:72:d9:10:fe:6a:cf:52:c3:c2:26:4a:99:c1:18:
eb:ac:c7:85:5e:04:f0:ff:07:55:c7:4b:dd:b4:cf:
69:b0:60:bd:c1:23:63:6e:f3:0b:df:83:82:81:98:
f5:e7:83:8e:7d:3f:28:a1:f3:be:4f:7d:19:fa:72:
c3:0a:f8:e3:53:0b:51:35:8d:c7:50:43:58:1c:d7:
b5:80:47:07:8b:b7:9e:eb:27:3f:9f:28:24:42:cf:
a4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E2:1A:FB:85:00:D9:F9:F2:41:0C:8B:B3:CC:BD:6D:02:1A:58:03
X509v3 Authority Key Identifier:
keyid:FF:A4:1D:34:13:DD:AC:C9:1F:E0:F4:42:6A:82:86:81:CF:30:E0:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_6QdNBPdrMkf4PRCaoKGgc8w4Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/82d824-4e02-46d4-854a-bd0512ce4905/1/8eIa-4UA2fnyQQyLs8y9bQIaWAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/82d824-4e02-46d4-854a-bd0512ce4905/1/_6QdNBPdrMkf4PRCaoKGgc8w4Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.252.0/22
IPv6:
2a05:fec0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:06:60:24:a6:93:22:03:a7:cb:fd:f3:0d:66:aa:7f:b7:c3:
ca:84:7b:05:b9:33:12:7b:4f:61:1f:08:aa:ae:34:5f:fd:48:
6a:80:a4:5c:38:c6:24:37:77:10:a6:ba:ce:d3:14:b4:d0:33:
61:9a:f7:56:e2:61:34:f4:34:c4:22:82:35:1d:af:e8:11:bc:
d5:6a:83:9b:d6:d1:f0:8c:64:e8:bd:8e:5e:a8:e9:84:c9:a0:
86:3f:0f:a7:16:99:d4:ee:ce:fd:62:9c:66:95:d6:13:69:89:
1c:e3:c8:c3:d3:63:ea:90:de:18:74:d6:f9:23:68:f5:f1:80:
b7:c2:48:f8:b2:e3:4f:31:e1:6e:d8:87:e0:d8:ea:57:f7:ca:
24:b8:3b:63:e8:0d:50:68:70:1f:aa:a6:be:7f:d9:55:3d:6f:
c1:03:02:78:de:c7:9f:78:b5:ae:62:ff:51:7e:73:39:be:5d:
39:f8:14:25:0c:85:24:e9:9d:1e:04:6d:79:fd:bd:d3:62:5e:
db:cb:54:68:d4:39:28:f3:47:4e:ac:81:87:9e:c6:81:3e:5d:
6b:e1:39:e7:0f:4d:91:fb:50:00:65:aa:2b:4a:7f:99:c0:9a:
c1:6c:1c:f4:1c:bb:ea:5d:4c:96:42:6b:19:6e:6a:bc:fd:ed:
cc:2f:2b:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+rJrRQ/1ieC7NxqthN4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYTQxZDM0MTNkZGFjYzkxZmUwZjQ0MjZhODI4NjgxY2Yz
MGUwZmMwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWUyMWFmYjg1MDBkOWY5ZjI0MTBjOGJiM2NjYmQ2ZDAyMWE1ODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUyXFvywRdUSAPiLlmYRLAksYmfn
BOORu6n56BbIs4f98vCGRqu9m4v4rZw3F5rTopFVsT6jTrQkGA41UpumHgYp09I2
KFBZLL31hmhzJ11o/vaFZa5op/nJjB23H3ETSfNpf5T9Zxm1NWZ2timsAJYuDGCI
8uCsxRWM06xaCGaAdEaiuPRY05iTAEhBRnOrBSTn8ImrOefm8pv/R0AG06DOMuCv
ctkQ/mrPUsPCJkqZwRjrrMeFXgTw/wdVx0vdtM9psGC9wSNjbvML34OCgZj154OO
fT8oofO+T30Z+nLDCvjjUwtRNY3HUENYHNe1gEcHi7ee6yc/nygkQs+kmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPHiGvuFANn58kEMi7PMvW0CGlgDMB8GA1UdIwQY
MBaAFP+kHTQT3azJH+D0QmqChoHPMOD8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzZRZE5CUGRyTWtmNFBSQ2FvS0dnYzh3NFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84MmQ4MjQtNGUwMi00NmQ0LTg1NGEt
YmQwNTEyY2U0OTA1LzEvOGVJYS00VUEyZm55UVF5THM4eTliUUlhV0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84MmQ4MjQtNGUwMi00NmQ0LTg1NGEtYmQwNTEyY2U0OTA1
LzEvXzZRZE5CUGRyTWtmNFBSQ2FvS0dnYzh3NFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf38MA0E
AgACMAcDBQMqBf7AMA0GCSqGSIb3DQEBCwUAA4IBAQCpBmAkppMiA6fL/fMNZqp/
t8PKhHsFuTMSe09hHwiqrjRf/UhqgKRcOMYkN3cQprrO0xS00DNhmvdW4mE09DTE
IoI1Ha/oEbzVaoOb1tHwjGTovY5eqOmEyaCGPw+nFpnU7s79YpxmldYTaYkc48jD
02PqkN4YdNb5I2j18YC3wkj4suNPMeFu2Ifg2OpX98okuDtj6A1QaHAfqqa+f9lV
PW/BAwJ43sefeLWuYv9RfnM5vl05+BQlDIUk6Z0eBG15/b3TYl7by1Ro1Dko80dO
rIGHnsaBPl1r4TnnD02R+1AAZaorSn+ZwJrBbBz0HLvqXUyWQmsZbmq8/e3MLytP
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:01:08 2025 by rpki-client