Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/sAUuTa0NxQDQaogfsBE0spI7wLY.roa
File: sAUuTa0NxQDQaogfsBE0spI7wLY.roa (raw, json)
Hash identifier: LqhsGf+sCdkce6YV0v+cako7Xiw7Niu7YnjSoKkIukg=
Subject key identifier: B0:05:2E:4D:AD:0D:C5:00:D0:6A:88:1F:B0:11:34:B2:92:3B:C0:B6
Certificate issuer: /CN=8cd9d61f83e0d7e8308a6cde4dd315dd75756c03
Certificate serial: 019420D602BCFFEE5D6011CE84522D6A5F70
Authority key identifier: 8C:D9:D6:1F:83:E0:D7:E8:30:8A:6C:DE:4D:D3:15:DD:75:75:6C:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/sAUuTa0NxQDQaogfsBE0spI7wLY.roa
Signing time: Wed 01 Jan 2025 07:48:03 +0000
ROA not before: Wed 01 Jan 2025 07:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205493
IP address blocks: 185.215.192.0/22 maxlen: 22
2a0b:ad40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:02:bc:ff:ee:5d:60:11:ce:84:52:2d:6a:5f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cd9d61f83e0d7e8308a6cde4dd315dd75756c03
Validity
Not Before: Jan 1 07:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0052e4dad0dc500d06a881fb01134b2923bc0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9f:fe:36:cb:60:9b:4a:17:da:4e:4a:f9:77:
2f:a1:55:c9:24:1c:b3:25:20:e8:12:14:31:db:73:
59:84:be:61:f0:f6:58:85:1d:71:90:04:9b:92:f0:
2a:2f:2a:ab:a9:34:bb:93:30:dd:ba:84:59:3b:69:
27:a0:d2:df:dc:e6:11:82:f6:04:f1:b8:0e:91:4e:
77:62:9b:4a:24:10:b2:06:e9:b6:42:49:d7:f4:0a:
54:01:13:3f:e7:64:a9:9e:cb:1e:80:8a:fe:42:1d:
20:a2:a1:49:3d:84:dd:bc:93:ae:cc:4d:14:e2:22:
bd:0c:1f:64:18:f8:80:34:20:e6:cd:6f:13:66:9d:
ce:cb:c2:1e:40:69:b7:64:ac:b7:b4:85:45:0d:4b:
78:8f:94:e4:f2:78:2e:2c:dd:4a:04:70:43:01:d9:
5e:1d:3a:5d:25:5b:af:91:91:bf:18:6c:86:6c:f5:
02:a7:91:c5:f3:58:41:3d:f7:f8:4a:e1:07:5f:0a:
c2:9f:00:46:e3:e6:5d:1a:e1:fd:a6:f0:28:b8:d3:
2f:1d:64:ae:29:5c:16:51:44:6a:56:ec:9c:9b:3c:
87:20:e1:d4:58:4e:3a:63:a0:51:37:55:61:59:4a:
c6:27:09:8d:b5:1d:29:5a:77:9b:78:2d:c0:02:70:
f2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:05:2E:4D:AD:0D:C5:00:D0:6A:88:1F:B0:11:34:B2:92:3B:C0:B6
X509v3 Authority Key Identifier:
keyid:8C:D9:D6:1F:83:E0:D7:E8:30:8A:6C:DE:4D:D3:15:DD:75:75:6C:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/sAUuTa0NxQDQaogfsBE0spI7wLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/jNnWH4Pg1-gwimzeTdMV3XV1bAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.192.0/22
IPv6:
2a0b:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
1d:43:50:37:e2:a7:73:a4:bd:cb:4c:12:c1:81:46:da:45:5d:
32:97:fd:3b:a3:05:9c:bb:46:1b:eb:8d:cb:55:06:84:36:57:
4c:f5:38:a1:3b:e4:5c:65:31:15:2d:13:1b:fd:4c:3a:04:85:
54:72:de:9d:a5:ba:a4:41:33:ed:dc:81:82:17:0e:00:76:8d:
8a:b8:8d:8d:21:8b:ca:e8:dd:70:e1:39:dc:fe:4f:64:b1:e0:
c2:03:e3:bc:c2:b5:ba:e7:a4:04:34:02:98:11:e7:5b:b7:2e:
62:55:c7:47:b9:22:7b:23:1f:76:6f:e5:95:3c:bb:75:bf:b7:
70:a0:6a:68:c7:dc:ad:ba:ba:e3:ea:83:bd:b9:d4:f4:0b:33:
f8:03:3c:23:14:de:c7:39:d4:9e:b0:94:e0:11:d3:cb:30:81:
e6:bb:95:a2:68:a8:ce:7a:6d:42:6d:91:8b:99:79:e5:86:5b:
91:b3:a1:51:48:91:d1:d1:72:32:ad:15:00:36:17:88:f7:b2:
40:1e:37:1f:f4:82:18:90:dd:f8:85:2e:a4:f2:1e:ca:72:fd:
11:29:d8:f5:d0:92:40:97:d1:06:53:f6:94:89:1a:27:f2:5b:
c7:84:9c:fc:67:b1:ec:81:cd:32:5e:67:1a:af:f5:32:83:16:
b9:00:e7:9a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1gK8/+5dYBHOhFItal9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZDlkNjFmODNlMGQ3ZTgzMDhhNmNkZTRkZDMxNWRkNzU3
NTZjMDMwHhcNMjUwMTAxMDc0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDA1MmU0ZGFkMGRjNTAwZDA2YTg4MWZiMDExMzRiMjkyM2JjMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup/+Nstgm0oX2k5K+XcvoVXJJByz
JSDoEhQx23NZhL5h8PZYhR1xkASbkvAqLyqrqTS7kzDduoRZO2knoNLf3OYRgvYE
8bgOkU53YptKJBCyBum2QknX9ApUARM/52SpnssegIr+Qh0goqFJPYTdvJOuzE0U
4iK9DB9kGPiANCDmzW8TZp3Oy8IeQGm3ZKy3tIVFDUt4j5Tk8nguLN1KBHBDAdle
HTpdJVuvkZG/GGyGbPUCp5HF81hBPff4SuEHXwrCnwBG4+ZdGuH9pvAouNMvHWSu
KVwWUURqVuycmzyHIOHUWE46Y6BRN1VhWUrGJwmNtR0pWnebeC3AAnDypQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLAFLk2tDcUA0GqIH7ARNLKSO8C2MB8GA1UdIwQY
MBaAFIzZ1h+D4NfoMIps3k3TFd11dWwDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5uV0g0UGcxLWd3aW16ZVRkTVYzWFYxYkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84NmM5NDYtMTRjYi00OTM1LTg4ZTMt
ZDJkNTc4NDNhMjdkLzEvc0FVdVRhME54UURRYW9nZnNCRTBzcEk3d0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84NmM5NDYtMTRjYi00OTM1LTg4ZTMtZDJkNTc4NDNhMjdk
LzEvak5uV0g0UGcxLWd3aW16ZVRkTVYzWFYxYkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudfAMA0E
AgACMAcDBQMqC61AMA0GCSqGSIb3DQEBCwUAA4IBAQAdQ1A34qdzpL3LTBLBgUba
RV0yl/07owWcu0Yb643LVQaENldM9TihO+RcZTEVLRMb/Uw6BIVUct6dpbqkQTPt
3IGCFw4Ado2KuI2NIYvK6N1w4Tnc/k9kseDCA+O8wrW656QENAKYEedbty5iVcdH
uSJ7Ix92b+WVPLt1v7dwoGpox9yturrj6oO9udT0CzP4AzwjFN7HOdSesJTgEdPL
MIHmu5WiaKjOem1CbZGLmXnlhluRs6FRSJHR0XIyrRUANheI97JAHjcf9IIYkN34
hS6k8h7Kcv0RKdj10JJAl9EGU/aUiRon8lvHhJz8Z7Hsgc0yXmcar/Uygxa5AOea
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:28:06 2025 by rpki-client