Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/67eb49-ff08-4ea4-bb9e-2efb461fd413/1/EdM8mT-itEKC9G8RLMrDLsNcS3o.roa
File: EdM8mT-itEKC9G8RLMrDLsNcS3o.roa (raw, json)
Hash identifier: aC1rODFSDGloRhxUO+L4zBSj1xyAZL+tlsZ8+nVllOY=
Subject key identifier: 11:D3:3C:99:3F:A2:B4:42:82:F4:6F:11:2C:CA:C3:2E:C3:5C:4B:7A
Certificate issuer: /CN=ea0f08d4ee1f94f984493b467bd8aca2adfa2866
Certificate serial: 0195F6CB3E3A3BB15297980625CF415BE7D6
Authority key identifier: EA:0F:08:D4:EE:1F:94:F9:84:49:3B:46:7B:D8:AC:A2:AD:FA:28:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g8I1O4flPmESTtGe9isoq36KGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/67eb49-ff08-4ea4-bb9e-2efb461fd413/1/EdM8mT-itEKC9G8RLMrDLsNcS3o.roa
Signing time: Wed 02 Apr 2025 13:57:49 +0000
ROA not before: Wed 02 Apr 2025 13:57:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35625
IP address blocks: 217.18.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:cb:3e:3a:3b:b1:52:97:98:06:25:cf:41:5b:e7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f08d4ee1f94f984493b467bd8aca2adfa2866
Validity
Not Before: Apr 2 13:57:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11d33c993fa2b44282f46f112ccac32ec35c4b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ef:86:11:df:eb:35:52:24:26:5a:22:50:7c:
87:06:3a:3e:ce:a2:d3:26:2b:aa:3c:e8:eb:c3:c0:
50:dc:b0:7b:2b:b4:7a:52:de:cc:6b:a8:3b:a3:4e:
a2:e6:27:1e:29:13:13:60:9b:19:5a:73:be:31:dd:
e1:a1:83:94:b9:25:99:9c:25:dc:ed:06:1b:a6:1f:
f2:2b:b3:89:b2:31:b8:91:e0:df:b8:5c:8e:81:12:
1d:77:34:1d:71:c7:ff:82:89:90:f9:6c:1f:84:08:
73:10:ee:f2:77:a7:e0:40:f8:e4:a1:1f:4f:4c:d7:
f5:15:c6:30:13:43:34:93:b1:1e:d1:e7:46:53:ad:
d3:49:b9:8b:18:36:5d:a4:93:81:dd:c2:01:80:1b:
a2:86:fc:9a:a7:73:78:45:81:45:d4:2e:99:9b:55:
30:e6:67:8d:2f:c1:c8:ec:fa:b0:ae:00:92:88:7a:
54:c1:98:bb:e0:54:3a:12:54:2d:c6:56:67:90:ee:
8c:d5:b1:52:dc:55:ee:aa:2a:60:91:ef:8c:da:fe:
80:a8:02:a4:49:e0:1b:55:ec:0a:a1:f3:8e:5c:54:
f4:e7:ac:7a:05:ec:1e:5f:ec:9e:7d:69:dc:46:c1:
01:44:a8:d2:7e:3a:14:9a:e8:0d:c9:f9:f5:d0:49:
69:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D3:3C:99:3F:A2:B4:42:82:F4:6F:11:2C:CA:C3:2E:C3:5C:4B:7A
X509v3 Authority Key Identifier:
keyid:EA:0F:08:D4:EE:1F:94:F9:84:49:3B:46:7B:D8:AC:A2:AD:FA:28:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g8I1O4flPmESTtGe9isoq36KGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/67eb49-ff08-4ea4-bb9e-2efb461fd413/1/EdM8mT-itEKC9G8RLMrDLsNcS3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/67eb49-ff08-4ea4-bb9e-2efb461fd413/1/6g8I1O4flPmESTtGe9isoq36KGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.221.0/24
Signature Algorithm: sha256WithRSAEncryption
65:6b:55:df:5b:43:53:ca:3e:52:38:19:15:6e:cb:69:ce:c5:
40:e8:96:1c:85:7a:c3:26:d8:e7:75:55:6b:46:51:80:30:cb:
c3:4d:d9:13:16:d4:42:16:58:92:01:51:00:57:42:8b:3f:a4:
5c:2f:f1:4d:f8:ca:ec:8f:76:3d:68:bf:c9:2a:79:b7:88:40:
b5:99:a5:30:1f:6d:f1:57:bb:fb:58:42:80:0b:e9:15:99:87:
9a:5e:37:0c:5a:5a:39:7f:b7:c3:f3:b7:76:74:82:4f:17:3e:
54:a2:b8:ba:44:af:b7:b1:cf:6e:55:24:93:36:68:f9:de:c5:
1c:f3:32:47:39:e7:2f:41:e0:c8:8c:68:7c:45:22:91:be:dd:
cd:bf:73:3b:e3:40:02:b4:6f:bf:22:c8:d2:89:15:a2:33:f1:
42:e7:78:4a:92:19:e2:46:e3:b4:9c:81:7b:0a:dd:6e:54:cc:
92:bb:04:47:b3:4c:5d:30:73:5e:3c:9a:4b:e6:f0:58:b7:dd:
81:af:fb:05:ae:8e:10:0e:e0:49:a8:d4:d4:61:40:b8:cc:fa:
04:48:90:37:ed:3c:4e:bc:9f:39:74:28:76:e4:53:6f:86:6b:
73:39:89:89:4f:bd:25:c0:fc:9d:50:98:72:f5:e2:89:8d:2d:
40:8a:a0:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX2yz46O7FSl5gGJc9BW+fWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGYwOGQ0ZWUxZjk0Zjk4NDQ5M2I0NjdiZDhhY2EyYWRm
YTI4NjYwHhcNMjUwNDAyMTM1NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQzM2M5OTNmYTJiNDQyODJmNDZmMTEyY2NhYzMyZWMzNWM0YjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue+GEd/rNVIkJloiUHyHBjo+zqLT
JiuqPOjrw8BQ3LB7K7R6Ut7Ma6g7o06i5iceKRMTYJsZWnO+Md3hoYOUuSWZnCXc
7QYbph/yK7OJsjG4keDfuFyOgRIddzQdccf/gomQ+WwfhAhzEO7yd6fgQPjkoR9P
TNf1FcYwE0M0k7Ee0edGU63TSbmLGDZdpJOB3cIBgBuihvyap3N4RYFF1C6Zm1Uw
5meNL8HI7PqwrgCSiHpUwZi74FQ6ElQtxlZnkO6M1bFS3FXuqipgke+M2v6AqAKk
SeAbVewKofOOXFT056x6BeweX+yefWncRsEBRKjSfjoUmugNyfn10ElpPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBHTPJk/orRCgvRvESzKwy7DXEt6MB8GA1UdIwQY
MBaAFOoPCNTuH5T5hEk7RnvYrKKt+ihmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc4STFPNGZsUG1FU1R0R2U5aXNvcTM2S0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82N2ViNDktZmYwOC00ZWE0LWJiOWUt
MmVmYjQ2MWZkNDEzLzEvRWRNOG1ULWl0RUtDOUc4UkxNckRMc05jUzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82N2ViNDktZmYwOC00ZWE0LWJiOWUtMmVmYjQ2MWZkNDEz
LzEvNmc4STFPNGZsUG1FU1R0R2U5aXNvcTM2S0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RLdMA0G
CSqGSIb3DQEBCwUAA4IBAQBla1XfW0NTyj5SOBkVbstpzsVA6JYchXrDJtjndVVr
RlGAMMvDTdkTFtRCFliSAVEAV0KLP6RcL/FN+Mrsj3Y9aL/JKnm3iEC1maUwH23x
V7v7WEKAC+kVmYeaXjcMWlo5f7fD87d2dIJPFz5Uori6RK+3sc9uVSSTNmj53sUc
8zJHOecvQeDIjGh8RSKRvt3Nv3M740ACtG+/IsjSiRWiM/FC53hKkhniRuO0nIF7
Ct1uVMySuwRHs0xdMHNePJpL5vBYt92Br/sFro4QDuBJqNTUYUC4zPoESJA37TxO
vJ85dCh25FNvhmtzOYmJT70lwPydUJhy9eKJjS1AiqA/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net