Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/8keuoYHRmEN7a8dM4R3KAZIUMn8.roa
File: 8keuoYHRmEN7a8dM4R3KAZIUMn8.roa (raw, json)
Hash identifier: cqhsmkY13XgBA/8McBrRobM59idSx8HxeP3LI73UX3s=
Subject key identifier: F2:47:AE:A1:81:D1:98:43:7B:6B:C7:4C:E1:1D:CA:01:92:14:32:7F
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 01941F8C467FF2249925A09F6CA204896D2D
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/8keuoYHRmEN7a8dM4R3KAZIUMn8.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34254
IP address blocks: 37.26.72.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:46:7f:f2:24:99:25:a0:9f:6c:a2:04:89:6d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f247aea181d198437b6bc74ce11dca019214327f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f5:37:5f:8e:33:87:72:e2:ce:3d:86:1c:15:
b2:b8:a2:66:d7:e5:f7:fd:cc:50:6a:2e:1b:92:62:
08:cd:d9:ff:14:4f:37:c0:e1:dd:93:70:a2:6c:83:
58:88:45:36:b1:46:5e:ed:5f:38:a8:07:a6:ce:85:
04:f3:d0:7b:52:b3:13:28:60:f8:be:44:44:5e:37:
95:d0:3f:7b:c4:85:76:7e:02:c1:f3:77:18:dd:f9:
08:4a:27:ad:cc:fb:34:0f:70:16:fc:d8:be:cb:20:
36:f7:5d:c3:97:42:89:d8:e7:59:5d:6f:c5:94:ee:
76:37:01:b6:be:95:ed:6b:46:81:00:70:ee:37:1e:
79:04:1d:ae:f8:5b:d7:b2:ae:ab:3e:df:3c:87:be:
45:93:76:1f:6e:97:bf:7a:0c:1a:10:d4:8c:13:4d:
aa:be:17:fe:dc:e8:01:25:af:01:6e:0a:fb:de:a5:
87:29:73:6f:b3:61:7b:66:dc:38:a5:2d:fe:e2:c8:
5d:e7:a3:18:6e:36:ae:7c:9c:33:7d:a1:39:80:fb:
d9:6c:e2:3b:e3:7c:7f:ae:11:76:48:df:ae:7e:11:
17:50:47:90:26:94:56:00:99:33:e7:34:1a:78:2a:
91:cd:54:42:05:57:c5:ef:e5:93:e5:4b:0d:df:b0:
72:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:47:AE:A1:81:D1:98:43:7B:6B:C7:4C:E1:1D:CA:01:92:14:32:7F
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/8keuoYHRmEN7a8dM4R3KAZIUMn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.72.0/23
Signature Algorithm: sha256WithRSAEncryption
97:38:de:5d:09:d9:9b:d3:68:71:70:9c:79:fe:99:1d:fe:a6:
72:a8:8a:4f:0a:fc:3c:52:86:c5:bc:83:54:38:44:ea:aa:be:
06:80:e5:21:74:92:2c:f2:df:6b:30:51:fa:02:bb:25:9e:9b:
e9:85:a7:d0:31:c1:65:91:7e:83:1b:64:d3:42:3c:29:27:79:
7c:57:6b:a4:80:17:9a:04:fe:2b:cd:0c:af:2a:a9:c4:e4:c1:
4c:6f:6f:45:55:b5:61:7e:83:53:36:32:40:b9:ef:0c:ee:b6:
e6:dd:49:ee:1e:e7:d8:e9:03:6c:5c:a6:80:24:d9:28:d7:c4:
49:9a:a9:8f:5a:61:7d:70:5a:6a:5f:37:7c:07:d2:1c:7e:de:
51:ec:6c:9a:71:a0:79:f7:2f:04:ee:e8:f3:38:65:4b:5e:cb:
e6:d7:cd:0d:64:8c:72:3a:94:39:32:a4:53:9f:7e:46:0c:8a:
14:b4:3c:63:eb:c5:8b:d3:d9:68:0e:57:a5:d7:42:0d:03:f6:
20:98:7a:41:d3:3c:eb:eb:f8:5e:fe:dc:4b:d2:d0:a3:01:4c:
d6:b3:d8:6b:59:62:ab:78:dd:53:8a:df:fc:14:4b:b4:36:df:
c9:38:fe:f2:33:66:61:15:12:7b:c0:60:44:b4:29:ea:ad:14:
39:fa:b8:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEZ/8iSZJaCfbKIEiW0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ3YWVhMTgxZDE5ODQzN2I2YmM3NGNlMTFkY2EwMTkyMTQzMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvU3X44zh3Lizj2GHBWyuKJm1+X3
/cxQai4bkmIIzdn/FE83wOHdk3CibINYiEU2sUZe7V84qAemzoUE89B7UrMTKGD4
vkREXjeV0D97xIV2fgLB83cY3fkISietzPs0D3AW/Ni+yyA2913Dl0KJ2OdZXW/F
lO52NwG2vpXta0aBAHDuNx55BB2u+FvXsq6rPt88h75Fk3Yfbpe/egwaENSME02q
vhf+3OgBJa8Bbgr73qWHKXNvs2F7Ztw4pS3+4shd56MYbjaufJwzfaE5gPvZbOI7
43x/rhF2SN+ufhEXUEeQJpRWAJkz5zQaeCqRzVRCBVfF7+WT5UsN37ByvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJHrqGB0ZhDe2vHTOEdygGSFDJ/MB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvOGtldW9ZSFJtRU43YThkTTRSM0tBWklVTW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJRpIMA0G
CSqGSIb3DQEBCwUAA4IBAQCXON5dCdmb02hxcJx5/pkd/qZyqIpPCvw8UobFvINU
OETqqr4GgOUhdJIs8t9rMFH6ArslnpvphafQMcFlkX6DG2TTQjwpJ3l8V2ukgBea
BP4rzQyvKqnE5MFMb29FVbVhfoNTNjJAue8M7rbm3UnuHufY6QNsXKaAJNko18RJ
mqmPWmF9cFpqXzd8B9Icft5R7GyacaB59y8E7ujzOGVLXsvm180NZIxyOpQ5MqRT
n35GDIoUtDxj68WL09loDlel10INA/YgmHpB0zzr6/he/txL0tCjAUzWs9hrWWKr
eN1Tit/8FEu0Nt/JOP7yM2ZhFRJ7wGBEtCnqrRQ5+riP
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:52:23 2025 by rpki-client