Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/0I8Tv0UylD63i4vV2xwB6rppwxI.roa
File: 0I8Tv0UylD63i4vV2xwB6rppwxI.roa (raw, json)
Hash identifier: QA7YvKS+a4NHe+cVmaIAaBQvm5w2dBSibTU49pm5mxM=
Subject key identifier: D0:8F:13:BF:45:32:94:3E:B7:8B:8B:D5:DB:1C:01:EA:BA:69:C3:12
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 01942521FC45CE2577CFE261D76883DD1808
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/0I8Tv0UylD63i4vV2xwB6rppwxI.roa
Signing time: Thu 02 Jan 2025 03:49:31 +0000
ROA not before: Thu 02 Jan 2025 03:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58326
IP address blocks: 91.106.208.0/21 maxlen: 24
185.66.160.0/22 maxlen: 24
185.177.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:fc:45:ce:25:77:cf:e2:61:d7:68:83:dd:18:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Jan 2 03:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d08f13bf4532943eb78b8bd5db1c01eaba69c312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d2:b9:a9:69:96:55:22:bf:72:21:37:e1:33:
aa:e8:bb:b1:1b:08:a4:75:6e:8c:25:ad:5b:1d:36:
ea:ec:ec:68:74:c0:86:9d:b2:49:1e:9f:9a:7c:88:
b5:2e:04:95:f0:f2:9b:e9:08:d5:e5:41:a3:cc:28:
26:d0:2c:be:19:c1:be:95:a5:bf:96:fc:24:6c:83:
9c:c2:05:6e:9f:87:cd:15:1e:c9:64:9a:22:d3:76:
eb:25:b1:89:b0:4f:7a:37:22:64:2c:4a:6f:08:19:
59:fc:74:20:ef:94:99:df:60:43:40:db:f1:02:9e:
e7:d9:a3:b2:6d:60:97:7d:23:40:f7:08:19:d7:b8:
d2:71:4d:1d:43:05:65:f3:d8:4f:f7:56:d6:56:e1:
d6:b3:0a:34:01:98:82:96:cb:61:c0:8d:5a:ac:11:
4d:f7:f5:b0:e0:ed:f1:95:b5:04:3c:2e:c3:ea:6e:
8c:db:85:aa:d5:e2:c7:a0:45:6b:17:d5:36:43:8b:
e6:18:e3:50:8a:3f:c4:94:8b:43:31:48:2e:d7:be:
44:5e:cb:66:2f:92:5e:39:76:2e:05:2c:2a:7c:74:
1b:7a:39:c7:f7:4a:f5:0b:d2:43:1e:9a:2a:ec:a1:
b0:c3:bf:d9:2a:89:c0:6d:27:e2:68:c8:c8:e7:75:
a1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:8F:13:BF:45:32:94:3E:B7:8B:8B:D5:DB:1C:01:EA:BA:69:C3:12
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/0I8Tv0UylD63i4vV2xwB6rppwxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.208.0/21
185.66.160.0/22
185.177.88.0/22
Signature Algorithm: sha256WithRSAEncryption
19:a2:29:84:47:0b:c1:6d:77:f8:db:0a:2c:51:85:88:e7:44:
8f:8b:0f:dc:b2:cf:c8:b4:3e:d2:1a:8f:55:ff:70:bf:ca:d6:
9d:6e:97:15:b8:38:b2:5a:c3:a1:75:80:f8:e1:82:44:b3:6d:
46:52:09:5d:2a:8e:37:4f:52:30:1c:aa:5b:8f:16:18:db:64:
5e:87:4a:ca:90:bf:6e:c5:d9:1b:66:69:b8:47:62:4c:7f:b1:
63:3b:64:72:dd:e8:b8:ff:29:3e:a4:d4:70:f9:f1:b1:24:a9:
b7:a6:48:63:ef:85:28:e9:59:fc:77:40:9e:19:70:4f:1c:16:
9e:40:a1:bf:b0:a8:6e:8f:ea:79:86:da:21:6c:8c:7d:03:52:
ab:d2:27:c1:3c:4c:27:1e:05:68:08:9b:e0:1b:ac:26:d4:59:
91:0b:3c:29:6e:a4:36:1d:32:74:7c:1d:32:5e:ce:e7:fe:80:
eb:66:93:7a:ad:3a:b3:f3:74:b3:19:90:28:0e:e3:23:39:6c:
f6:49:00:14:54:88:1b:5e:60:25:e9:5d:18:61:d3:c8:c3:b0:
95:6c:3f:28:2a:84:eb:74:d9:9f:b9:42:0e:1e:c0:ab:3b:a0:
26:68:2e:ed:2a:48:7c:2e:b0:d0:e4:31:5d:80:f6:53:dd:5b:
01:1e:4f:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIfxFziV3z+Jh12iD3RgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjUwMTAyMDM0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDhmMTNiZjQ1MzI5NDNlYjc4YjhiZDVkYjFjMDFlYWJhNjljMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dK5qWmWVSK/ciE34TOq6LuxGwik
dW6MJa1bHTbq7OxodMCGnbJJHp+afIi1LgSV8PKb6QjV5UGjzCgm0Cy+GcG+laW/
lvwkbIOcwgVun4fNFR7JZJoi03brJbGJsE96NyJkLEpvCBlZ/HQg75SZ32BDQNvx
Ap7n2aOybWCXfSNA9wgZ17jScU0dQwVl89hP91bWVuHWswo0AZiClsthwI1arBFN
9/Ww4O3xlbUEPC7D6m6M24Wq1eLHoEVrF9U2Q4vmGONQij/ElItDMUgu175EXstm
L5JeOXYuBSwqfHQbejnH90r1C9JDHpoq7KGww7/ZKonAbSfiaMjI53Wh/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNCPE79FMpQ+t4uL1dscAeq6acMSMB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvMEk4VHYwVXlsRDYzaTR2VjJ4d0I2cnBwd3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW2rQAwQC
uUKgAwQCubFYMA0GCSqGSIb3DQEBCwUAA4IBAQAZoimERwvBbXf42wosUYWI50SP
iw/css/ItD7SGo9V/3C/ytadbpcVuDiyWsOhdYD44YJEs21GUgldKo43T1IwHKpb
jxYY22Reh0rKkL9uxdkbZmm4R2JMf7FjO2Ry3ei4/yk+pNRw+fGxJKm3pkhj74Uo
6Vn8d0CeGXBPHBaeQKG/sKhuj+p5htohbIx9A1Kr0ifBPEwnHgVoCJvgG6wm1FmR
CzwpbqQ2HTJ0fB0yXs7n/oDrZpN6rTqz83SzGZAoDuMjOWz2SQAUVIgbXmAl6V0Y
YdPIw7CVbD8oKoTrdNmfuUIOHsCrO6AmaC7tKkh8LrDQ5DFdgPZT3VsBHk9u
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:09:09 2025 by rpki-client