Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/8lBoSilDtW0ItY1m1FNkzFR9g7g.roa
File: 8lBoSilDtW0ItY1m1FNkzFR9g7g.roa (raw, json)
Hash identifier: eMaeIeeNpB0IKHLHfs7pADlpK9Gp8r9cF63rKmEO7/4=
Subject key identifier: F2:50:68:4A:29:43:B5:6D:08:B5:8D:66:D4:53:64:CC:54:7D:83:B8
Certificate issuer: /CN=759d6afb8ddf8f8c0dd660790edcba1f3b370c63
Certificate serial: 01942369E1CBD245693708172A31629E4E51
Authority key identifier: 75:9D:6A:FB:8D:DF:8F:8C:0D:D6:60:79:0E:DC:BA:1F:3B:37:0C:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/8lBoSilDtW0ItY1m1FNkzFR9g7g.roa
Signing time: Wed 01 Jan 2025 19:48:49 +0000
ROA not before: Wed 01 Jan 2025 19:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202269
IP address blocks: 130.185.72.0/24 maxlen: 24
130.185.73.0/24 maxlen: 24
130.185.74.0/24 maxlen: 24
130.185.75.0/24 maxlen: 24
130.185.76.0/24 maxlen: 24
130.185.77.0/24 maxlen: 24
130.185.78.0/23 maxlen: 23
130.185.78.0/24 maxlen: 24
130.185.79.0/24 maxlen: 24
185.8.172.0/24 maxlen: 24
185.8.173.0/24 maxlen: 24
185.8.174.0/24 maxlen: 24
185.8.175.0/24 maxlen: 24
2a03:2dc0:3000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e1:cb:d2:45:69:37:08:17:2a:31:62:9e:4e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=759d6afb8ddf8f8c0dd660790edcba1f3b370c63
Validity
Not Before: Jan 1 19:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f250684a2943b56d08b58d66d45364cc547d83b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:19:11:6b:0c:5a:ba:fd:f9:02:62:2e:0d:e8:
98:83:e7:e6:32:be:27:8a:9a:36:7f:f1:aa:49:8a:
20:41:5f:22:7a:e5:ae:a7:a9:96:cd:cb:ca:bb:0b:
c3:27:c1:86:b9:32:37:dc:19:d8:0c:64:0b:ba:b5:
7e:f3:81:33:09:f0:c9:29:37:dd:4d:6b:24:15:f5:
f0:07:5a:09:64:a7:45:3a:c6:69:50:16:60:15:20:
3c:f2:dc:4b:1f:80:79:32:3c:e1:cb:71:f6:76:2b:
fd:21:81:4b:b9:03:4d:5c:8a:ee:55:74:ad:2a:90:
1d:95:57:0a:4a:4c:c8:19:48:d1:24:37:9c:d6:a0:
50:a0:7c:97:71:d2:14:65:73:53:8e:56:00:28:1f:
43:33:dc:0c:fd:b1:a3:e2:1b:d0:a4:73:43:96:fe:
41:a8:88:a1:55:f2:46:31:9f:31:e5:2a:ad:91:7c:
71:26:84:ea:60:9f:c5:a1:63:14:a9:8d:67:f9:24:
ff:63:08:48:99:26:d9:b1:c2:1f:af:a7:d0:ab:c5:
8d:04:e0:7c:68:0e:60:8c:ee:b7:a1:7a:62:54:35:
98:27:46:08:61:0a:c4:2c:ec:1f:dd:d4:5f:d2:0a:
24:bc:dd:96:49:ac:ee:92:03:17:98:e9:9c:6a:91:
9f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:50:68:4A:29:43:B5:6D:08:B5:8D:66:D4:53:64:CC:54:7D:83:B8
X509v3 Authority Key Identifier:
keyid:75:9D:6A:FB:8D:DF:8F:8C:0D:D6:60:79:0E:DC:BA:1F:3B:37:0C:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/8lBoSilDtW0ItY1m1FNkzFR9g7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.72.0/21
185.8.172.0/22
IPv6:
2a03:2dc0:3000::/36
Signature Algorithm: sha256WithRSAEncryption
b6:8e:74:34:c6:68:c3:2c:ed:18:81:12:1c:25:e3:4e:cf:35:
c5:1c:56:a6:90:93:24:fa:ef:32:18:b7:5c:b1:ef:30:ed:9b:
51:30:7d:3a:99:3b:f2:48:6e:ff:fb:10:81:e2:67:30:98:ec:
f7:aa:1f:a6:d6:3a:21:7c:0b:39:24:37:fa:33:06:65:66:31:
78:d3:aa:7d:7f:dd:71:f7:5e:ce:c1:59:1b:76:8e:53:fb:ff:
a1:ed:05:ba:3b:1d:72:79:6f:4b:17:cd:97:dc:48:05:ae:e2:
32:dd:c6:14:07:36:9f:25:40:f9:fe:c0:79:eb:03:11:ca:bc:
56:31:f8:3c:64:74:b6:ee:c2:c4:83:37:8e:ae:b4:59:e4:76:
34:d3:39:93:a1:98:25:c4:9c:2b:97:a4:ca:ef:c4:3e:a3:3c:
51:ec:5b:b0:e2:0c:63:e6:2a:5a:4c:6a:07:4f:ef:97:59:dd:
30:be:4a:a7:bf:d4:12:9f:39:bd:8f:04:75:95:01:fc:e6:40:
81:3d:5f:c4:67:14:2c:d7:6e:e3:18:c0:2d:30:72:23:f0:43:
65:be:78:00:59:a2:cc:47:b5:1c:d3:82:07:a0:d9:b8:17:cd:
5e:b9:01:a0:89:a1:68:f6:45:a9:b1:f9:65:55:44:e2:53:02:
79:65:ef:c2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQjaeHL0kVpNwgXKjFink5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWQ2YWZiOGRkZjhmOGMwZGQ2NjA3OTBlZGNiYTFmM2Iz
NzBjNjMwHhcNMjUwMTAxMTk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjUwNjg0YTI5NDNiNTZkMDhiNThkNjZkNDUzNjRjYzU0N2Q4M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RkRawxauv35AmIuDeiYg+fmMr4n
ipo2f/GqSYogQV8ieuWup6mWzcvKuwvDJ8GGuTI33BnYDGQLurV+84EzCfDJKTfd
TWskFfXwB1oJZKdFOsZpUBZgFSA88txLH4B5Mjzhy3H2div9IYFLuQNNXIruVXSt
KpAdlVcKSkzIGUjRJDec1qBQoHyXcdIUZXNTjlYAKB9DM9wM/bGj4hvQpHNDlv5B
qIihVfJGMZ8x5SqtkXxxJoTqYJ/FoWMUqY1n+ST/YwhImSbZscIfr6fQq8WNBOB8
aA5gjO63oXpiVDWYJ0YIYQrELOwf3dRf0gokvN2WSazukgMXmOmcapGfJQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPJQaEopQ7VtCLWNZtRTZMxUfYO4MB8GA1UdIwQY
MBaAFHWdavuN34+MDdZgeQ7cuh87NwxjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFoxcS00M2ZqNHdOMW1CNUR0eTZIenMzREdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xNmI3ZjQtZmExNS00N2E2LTlmYzUt
MjU0YmNiY2VjMDM3LzEvOGxCb1NpbER0VzBJdFkxbTFGTmt6RlI5ZzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xNmI3ZjQtZmExNS00N2E2LTlmYzUtMjU0YmNiY2VjMDM3
LzEvZFoxcS00M2ZqNHdOMW1CNUR0eTZIenMzREdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDgrlIAwQC
uQisMA4EAgACMAgDBgQqAy3AMDANBgkqhkiG9w0BAQsFAAOCAQEAto50NMZowyzt
GIESHCXjTs81xRxWppCTJPrvMhi3XLHvMO2bUTB9Opk78khu//sQgeJnMJjs96of
ptY6IXwLOSQ3+jMGZWYxeNOqfX/dcfdezsFZG3aOU/v/oe0FujsdcnlvSxfNl9xI
Ba7iMt3GFAc2nyVA+f7AeesDEcq8VjH4PGR0tu7CxIM3jq60WeR2NNM5k6GYJcSc
K5ekyu/EPqM8UexbsOIMY+YqWkxqB0/vl1ndML5Kp7/UEp85vY8EdZUB/OZAgT1f
xGcULNdu4xjALTByI/BDZb54AFmizEe1HNOCB6DZuBfNXrkBoImhaPZFqbH5ZVVE
4lMCeWXvwg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:56:44 2025 by rpki-client