Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/jB8O0EexbXRJ48aM1Kli0Ktl1vI.roa
File: jB8O0EexbXRJ48aM1Kli0Ktl1vI.roa (raw, json)
Hash identifier: IcThWozF746RiVAe4jDaPPGv0zWnJg0lyhHJVcObykM=
Subject key identifier: 8C:1F:0E:D0:47:B1:6D:74:49:E3:C6:8C:D4:A9:62:D0:AB:65:D6:F2
Certificate issuer: /CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Certificate serial: 019420D5D00EC4991C28B2BAD4801A9F1E27
Authority key identifier: F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/jB8O0EexbXRJ48aM1Kli0Ktl1vI.roa
Signing time: Wed 01 Jan 2025 07:47:50 +0000
ROA not before: Wed 01 Jan 2025 07:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207829
IP address blocks: 91.198.170.0/23 maxlen: 23
2a0b:c140::/32 maxlen: 32
2a0b:c140:aa::/48 maxlen: 48
2a0b:c140:ab::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d0:0e:c4:99:1c:28:b2:ba:d4:80:1a:9f:1e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Validity
Not Before: Jan 1 07:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c1f0ed047b16d7449e3c68cd4a962d0ab65d6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e8:f0:e7:f6:b7:a7:f6:f5:4a:fd:98:51:7c:
66:b7:24:e8:26:f1:7b:63:41:08:07:d0:23:e5:97:
02:d6:43:ad:8e:c0:2d:98:e4:3a:b6:14:ed:95:32:
62:ca:b6:7b:c0:00:d2:ca:65:5d:bc:93:38:d6:b8:
5d:c3:9d:aa:e8:23:04:e0:8a:1b:f4:ba:11:24:3f:
3b:29:1c:d2:a4:b6:95:c1:81:9a:0b:90:31:91:5f:
ea:56:88:03:8e:bf:b2:17:86:f5:d6:35:40:54:e1:
8f:04:ea:f1:b5:73:64:da:47:52:6c:c6:da:81:76:
5e:e0:83:f9:f3:39:1a:7f:95:13:63:d8:42:19:11:
e2:43:54:95:09:6a:93:64:30:1a:28:e5:36:04:a4:
d4:07:5b:5d:c2:4d:37:e5:3d:f0:03:8e:20:21:19:
d0:db:40:aa:05:c0:a3:30:d6:73:92:50:89:39:1e:
94:42:1d:75:fa:4f:35:56:97:6f:7b:6f:00:60:24:
c1:85:8e:9c:c3:4a:b3:5e:54:9d:1f:e4:ae:78:cf:
37:7e:3c:84:9e:58:99:9f:a3:42:7c:0a:c9:38:7a:
93:fa:cf:66:82:6f:9f:2e:c6:0e:2a:3a:76:8c:cb:
b3:44:d6:0c:5d:f6:d5:b9:3e:bf:c6:96:16:ca:5b:
f3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:1F:0E:D0:47:B1:6D:74:49:E3:C6:8C:D4:A9:62:D0:AB:65:D6:F2
X509v3 Authority Key Identifier:
keyid:F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/jB8O0EexbXRJ48aM1Kli0Ktl1vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/8KMtISmjhsmgr9u5FeDb8TC6cNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.170.0/23
IPv6:
2a0b:c140::/32
Signature Algorithm: sha256WithRSAEncryption
a2:0e:c2:61:1c:3f:07:db:26:66:40:dc:57:55:29:a3:c2:7e:
31:9e:c1:b7:39:5d:8b:6c:03:4f:1c:78:cd:e0:51:c3:db:10:
fd:53:6a:dd:e0:a0:97:4d:15:bb:6f:95:52:7d:58:01:b3:10:
d4:24:a2:eb:3a:54:ef:f0:3e:c1:3b:74:47:ef:33:9d:b6:e2:
81:3a:b4:16:60:6d:e3:4e:21:67:bb:12:30:e9:d3:94:fc:8a:
51:ad:cd:3e:14:22:7f:c0:dc:27:ec:ef:23:9c:7c:75:a5:79:
40:3e:7f:83:e6:38:21:eb:3e:8d:42:6c:03:9e:79:ee:b4:b9:
be:0e:f8:9c:71:b9:82:58:e0:4e:28:4a:f6:a3:e1:e5:1e:20:
36:21:9e:f5:12:38:fc:b5:76:b6:6e:05:03:b5:74:ff:7f:48:
84:f8:4b:69:58:ab:6c:c2:12:c5:5a:9c:9f:3d:fb:77:23:bf:
d7:66:d1:3d:bf:54:1b:e7:9f:12:7d:11:3c:95:0e:02:ef:e5:
8a:db:d7:96:0f:53:5f:1a:98:11:f0:de:f3:40:c6:89:02:ac:
a4:8d:1a:81:d8:83:25:a1:41:9f:2b:7a:17:cd:66:e0:da:13:
41:5a:01:ee:a8:4d:f9:b6:a5:06:1f:55:cf:a1:68:19:b5:10:
93:26:94:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1dAOxJkcKLK61IAanx4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTMyZDIxMjlhMzg2YzlhMGFmZGJiOTE1ZTBkYmYxMzBi
YTcwZDUwHhcNMjUwMTAxMDc0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzFmMGVkMDQ3YjE2ZDc0NDllM2M2OGNkNGE5NjJkMGFiNjVkNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOjw5/a3p/b1Sv2YUXxmtyToJvF7
Y0EIB9Aj5ZcC1kOtjsAtmOQ6thTtlTJiyrZ7wADSymVdvJM41rhdw52q6CME4Iob
9LoRJD87KRzSpLaVwYGaC5AxkV/qVogDjr+yF4b11jVAVOGPBOrxtXNk2kdSbMba
gXZe4IP58zkaf5UTY9hCGRHiQ1SVCWqTZDAaKOU2BKTUB1tdwk035T3wA44gIRnQ
20CqBcCjMNZzklCJOR6UQh11+k81Vpdve28AYCTBhY6cw0qzXlSdH+SueM83fjyE
nliZn6NCfArJOHqT+s9mgm+fLsYOKjp2jMuzRNYMXfbVuT6/xpYWylvzjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIwfDtBHsW10SePGjNSpYtCrZdbyMB8GA1UdIwQY
MBaAFPCjLSEpo4bJoK/buRXg2/EwunDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYt
MmYwODM4MGFlNmM3LzEvakI4TzBFZXhiWFJKNDhhTTFLbGkwS3RsMXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYtMmYwODM4MGFlNmM3
LzEvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8aqMA0E
AgACMAcDBQAqC8FAMA0GCSqGSIb3DQEBCwUAA4IBAQCiDsJhHD8H2yZmQNxXVSmj
wn4xnsG3OV2LbANPHHjN4FHD2xD9U2rd4KCXTRW7b5VSfVgBsxDUJKLrOlTv8D7B
O3RH7zOdtuKBOrQWYG3jTiFnuxIw6dOU/IpRrc0+FCJ/wNwn7O8jnHx1pXlAPn+D
5jgh6z6NQmwDnnnutLm+DviccbmCWOBOKEr2o+HlHiA2IZ71Ejj8tXa2bgUDtXT/
f0iE+EtpWKtswhLFWpyfPft3I7/XZtE9v1Qb558SfRE8lQ4C7+WK29eWD1NfGpgR
8N7zQMaJAqykjRqB2IMloUGfK3oXzWbg2hNBWgHuqE35tqUGH1XPoWgZtRCTJpSk
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net