Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/r8SyFv2fzba2rsaAZpaSWzcngkw.roa
File: r8SyFv2fzba2rsaAZpaSWzcngkw.roa (raw, json)
Hash identifier: nKMxn+pRmGytAQ++Vu6+D6lCb2MTuAqsH86iDcF9gs0=
Subject key identifier: AF:C4:B2:16:FD:9F:CD:B6:B6:AE:C6:80:66:96:92:5B:37:27:82:4C
Certificate issuer: /CN=63495a4cecbeafb3eadf6ed0349bb0b96da464ee
Certificate serial: 0194214420B17CDCD320D9DB0B44FA0C93D9
Authority key identifier: 63:49:5A:4C:EC:BE:AF:B3:EA:DF:6E:D0:34:9B:B0:B9:6D:A4:64:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0laTOy-r7Pq327QNJuwuW2kZO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/r8SyFv2fzba2rsaAZpaSWzcngkw.roa
Signing time: Wed 01 Jan 2025 09:48:20 +0000
ROA not before: Wed 01 Jan 2025 09:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6908
IP address blocks: 185.215.36.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:20:b1:7c:dc:d3:20:d9:db:0b:44:fa:0c:93:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63495a4cecbeafb3eadf6ed0349bb0b96da464ee
Validity
Not Before: Jan 1 09:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afc4b216fd9fcdb6b6aec6806696925b3727824c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:78:74:b0:3b:7e:c1:c7:db:e8:8b:6e:90:0c:
3f:3e:68:dc:02:fe:86:38:f8:1f:5d:63:ad:32:aa:
b0:e9:46:17:e1:69:91:d9:61:ae:c1:1b:b8:84:57:
f9:36:b8:8e:60:ac:a6:ab:fb:97:95:74:08:dc:b9:
08:cf:cc:cc:eb:0c:0b:88:2d:b1:c9:9d:ad:08:91:
2b:65:f7:d0:6e:83:5d:86:92:55:ba:d3:b5:45:16:
9f:b0:60:b7:aa:4b:7a:ef:7b:c6:f6:ad:4b:a3:d0:
8d:e7:1d:63:38:d5:dd:67:8d:ea:ab:54:3b:e2:2e:
c0:f2:3c:0b:d4:aa:25:ae:5e:7b:3e:95:7a:84:52:
ab:48:ad:f6:11:9c:10:6e:b1:7f:3b:a3:a0:e4:92:
e8:ee:aa:56:fe:ad:56:cf:d0:8c:6f:4d:cf:54:79:
20:5f:66:c2:04:a6:7a:11:11:43:04:95:c5:cd:78:
de:4e:3f:ff:20:c6:91:c1:b6:f8:cb:d5:92:06:f5:
40:b8:3a:d4:0d:bb:67:b5:99:23:84:da:20:fe:94:
c2:83:32:21:67:f5:d2:2f:33:83:fe:d8:a0:8e:80:
2a:95:14:04:1e:fb:a1:c7:ba:9f:6d:fb:09:70:51:
13:0f:06:99:60:53:9c:4a:94:5c:05:e1:b3:5d:06:
3b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C4:B2:16:FD:9F:CD:B6:B6:AE:C6:80:66:96:92:5B:37:27:82:4C
X509v3 Authority Key Identifier:
keyid:63:49:5A:4C:EC:BE:AF:B3:EA:DF:6E:D0:34:9B:B0:B9:6D:A4:64:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0laTOy-r7Pq327QNJuwuW2kZO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/r8SyFv2fzba2rsaAZpaSWzcngkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/Y0laTOy-r7Pq327QNJuwuW2kZO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.36.0/22
Signature Algorithm: sha256WithRSAEncryption
e4:55:3e:82:02:7e:d4:bb:79:ee:a5:43:a9:f7:c7:89:2b:37:
38:10:c7:09:a7:65:93:69:9f:b9:39:84:db:e6:64:91:64:af:
f1:ca:2c:4f:c3:e5:92:3d:a8:a5:fe:bb:df:57:dd:fe:68:67:
01:4c:ec:e7:99:27:63:96:77:7b:49:23:62:83:09:97:27:54:
86:b4:ed:2c:fe:75:7b:d3:e2:7d:93:af:85:9b:5d:86:49:0a:
b5:ba:88:73:de:61:35:c4:04:7b:31:de:d6:23:8a:80:01:97:
89:10:d0:ad:28:37:d6:72:46:bf:74:81:7f:68:21:48:27:b0:
3e:b2:66:d5:75:ef:f0:fa:9d:f3:a3:c3:96:4c:b0:51:36:d5:
6d:5a:fe:25:a8:3e:ff:f3:6b:6a:a4:a8:54:46:d7:36:96:79:
a1:1f:08:33:8f:63:db:05:06:da:ec:94:6e:68:ff:8c:8c:c9:
73:f8:98:9d:00:ba:7a:73:57:6c:42:12:91:d3:56:dd:12:b8:
15:26:b2:12:61:f3:89:4a:4a:7b:e9:d1:1c:e2:e3:b4:c6:ea:
dd:03:55:a7:df:8d:9a:3a:c6:39:17:8c:6a:c8:3d:c3:20:21:
80:0b:46:7c:4b:f4:b8:32:14:10:a4:03:a7:2a:aa:77:87:44:
ee:e4:fe:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCCxfNzTINnbC0T6DJPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDk1YTRjZWNiZWFmYjNlYWRmNmVkMDM0OWJiMGI5NmRh
NDY0ZWUwHhcNMjUwMTAxMDk0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmM0YjIxNmZkOWZjZGI2YjZhZWM2ODA2Njk2OTI1YjM3Mjc4MjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Hh0sDt+wcfb6ItukAw/PmjcAv6G
OPgfXWOtMqqw6UYX4WmR2WGuwRu4hFf5NriOYKymq/uXlXQI3LkIz8zM6wwLiC2x
yZ2tCJErZffQboNdhpJVutO1RRafsGC3qkt673vG9q1Lo9CN5x1jONXdZ43qq1Q7
4i7A8jwL1Kolrl57PpV6hFKrSK32EZwQbrF/O6Og5JLo7qpW/q1Wz9CMb03PVHkg
X2bCBKZ6ERFDBJXFzXjeTj//IMaRwbb4y9WSBvVAuDrUDbtntZkjhNog/pTCgzIh
Z/XSLzOD/tigjoAqlRQEHvuhx7qfbfsJcFETDwaZYFOcSpRcBeGzXQY7kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/Eshb9n822tq7GgGaWkls3J4JMMB8GA1UdIwQY
MBaAFGNJWkzsvq+z6t9u0DSbsLltpGTuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBsYVRPeS1yN1BxMzI3UU5KdXd1VzJrWk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xZmRlMTgtMjg3My00ZmUwLTg2OWMt
MzgyMGY3ZWUyY2I4LzEvcjhTeUZ2MmZ6YmEycnNhQVpwYVNXemNuZ2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xZmRlMTgtMjg3My00ZmUwLTg2OWMtMzgyMGY3ZWUyY2I4
LzEvWTBsYVRPeS1yN1BxMzI3UU5KdXd1VzJrWk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudckMA0G
CSqGSIb3DQEBCwUAA4IBAQDkVT6CAn7Uu3nupUOp98eJKzc4EMcJp2WTaZ+5OYTb
5mSRZK/xyixPw+WSPail/rvfV93+aGcBTOznmSdjlnd7SSNigwmXJ1SGtO0s/nV7
0+J9k6+Fm12GSQq1uohz3mE1xAR7Md7WI4qAAZeJENCtKDfWcka/dIF/aCFIJ7A+
smbVde/w+p3zo8OWTLBRNtVtWv4lqD7/82tqpKhURtc2lnmhHwgzj2PbBQba7JRu
aP+MjMlz+JidALp6c1dsQhKR01bdErgVJrISYfOJSkp76dEc4uO0xurdA1Wn342a
OsY5F4xqyD3DICGAC0Z8S/S4MhQQpAOnKqp3h0Tu5P7G
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:50 2025 by rpki-client