Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/8epfI_mMakP3Lc2UTESKvosKkSQ.roa
File: 8epfI_mMakP3Lc2UTESKvosKkSQ.roa (raw, json)
Hash identifier: TdgdgIhwNAm+SCbAnoUIw15ZVzHOK/dqP386QKWeMpw=
Subject key identifier: F1:EA:5F:23:F9:8C:6A:43:F7:2D:CD:94:4C:44:8A:BE:8B:0A:91:24
Certificate issuer: /CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Certificate serial: 019422FBFCD7E15EECCC5EC30946502B4AF4
Authority key identifier: 31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/8epfI_mMakP3Lc2UTESKvosKkSQ.roa
Signing time: Wed 01 Jan 2025 17:48:47 +0000
ROA not before: Wed 01 Jan 2025 17:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198285
IP address blocks: 158.255.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:fc:d7:e1:5e:ec:cc:5e:c3:09:46:50:2b:4a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Validity
Not Before: Jan 1 17:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1ea5f23f98c6a43f72dcd944c448abe8b0a9124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:96:8d:15:fb:ee:5b:f1:44:10:24:d3:d6:60:
59:99:bc:84:b5:7b:72:fd:3a:de:29:7a:fd:4c:ae:
a5:a5:c5:ee:0d:69:bb:96:75:a5:bc:a3:64:bc:88:
19:77:5c:8c:32:73:b6:cd:12:58:f6:42:70:22:5e:
df:7f:7e:a4:d9:6c:1a:53:85:c0:96:40:6c:01:1e:
df:7b:2e:cc:a7:56:23:ae:5a:ec:b0:ea:31:88:e3:
a7:82:49:bc:a4:61:c1:bf:6a:1f:15:a9:b5:04:1a:
da:05:84:23:72:6f:d3:b2:0f:c6:38:37:64:7b:71:
31:60:f5:46:2a:db:78:e8:3d:d0:0d:da:55:2a:65:
cd:ef:42:cb:ae:50:07:0d:d8:ac:96:91:8b:cb:2b:
e2:5e:04:bf:e9:21:0d:db:d1:99:10:b6:97:a2:57:
01:bc:ce:e8:01:9c:1f:df:df:09:a5:e5:16:ea:39:
ff:5f:19:00:65:75:f4:54:d8:19:b3:42:4f:86:a4:
70:8f:4d:46:82:dd:37:55:fa:50:d8:75:b9:c8:18:
ab:2b:03:7a:12:96:ef:46:59:10:b1:0a:54:3b:2c:
36:47:4a:5e:2a:66:48:c7:d6:0a:d1:50:04:06:1e:
0d:9a:24:c4:9c:54:2b:e5:25:02:51:3e:13:79:ec:
cf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EA:5F:23:F9:8C:6A:43:F7:2D:CD:94:4C:44:8A:BE:8B:0A:91:24
X509v3 Authority Key Identifier:
keyid:31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/8epfI_mMakP3Lc2UTESKvosKkSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/MYKMmdNcuS4tU9rxKOSX6EG2OrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.255.56.0/24
Signature Algorithm: sha256WithRSAEncryption
79:af:2f:c8:e9:6d:f6:72:4a:0d:29:de:8d:22:01:95:74:15:
0a:dd:4c:e8:bf:83:05:aa:a3:c3:ef:43:03:8c:af:6b:d7:c2:
4a:11:0b:58:f8:46:89:e7:47:d0:ef:bc:21:89:d3:96:9b:e6:
dc:bf:84:6e:df:c9:c1:2a:12:85:fa:f4:ba:ec:39:62:28:95:
ba:40:40:cd:19:17:a2:57:96:2f:ca:89:3b:4e:ad:27:e9:6c:
ad:c0:55:87:49:aa:27:69:9d:ee:6e:78:6f:b6:0f:88:22:9c:
a1:5f:6b:fe:f3:48:eb:a4:33:ef:84:38:0f:93:d0:59:98:4b:
8e:3b:2c:e6:45:50:d3:05:a7:a3:ff:01:be:ac:82:db:09:f5:
61:b8:89:16:b9:3b:0b:62:09:a1:0e:fc:c1:3d:a2:15:b8:52:
4d:f8:31:72:b5:e9:87:03:33:db:cc:7c:a4:e3:62:66:93:28:
2d:74:90:d5:ff:ad:0c:3d:e9:d2:d6:ac:d0:fb:ea:0a:ea:81:
9f:09:88:f0:72:f2:8c:79:77:64:28:32:6b:16:21:db:28:92:
b3:d0:55:76:76:54:5e:02:a6:d5:53:40:e1:b7:63:d3:73:20:
f7:0e:29:45:72:bf:8f:de:4f:fa:1f:e7:57:3f:a4:ab:20:09:
2c:45:97:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+/zX4V7szF7DCUZQK0r0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODI4Yzk5ZDM1Y2I5MmUyZDUzZGFmMTI4ZTQ5N2U4NDFi
NjNhYjAwHhcNMjUwMTAxMTc0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWVhNWYyM2Y5OGM2YTQzZjcyZGNkOTQ0YzQ0OGFiZThiMGE5MTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypaNFfvuW/FEECTT1mBZmbyEtXty
/TreKXr9TK6lpcXuDWm7lnWlvKNkvIgZd1yMMnO2zRJY9kJwIl7ff36k2WwaU4XA
lkBsAR7fey7Mp1YjrlrssOoxiOOngkm8pGHBv2ofFam1BBraBYQjcm/Tsg/GODdk
e3ExYPVGKtt46D3QDdpVKmXN70LLrlAHDdislpGLyyviXgS/6SEN29GZELaXolcB
vM7oAZwf398JpeUW6jn/XxkAZXX0VNgZs0JPhqRwj01Ggt03VfpQ2HW5yBirKwN6
EpbvRlkQsQpUOyw2R0peKmZIx9YK0VAEBh4NmiTEnFQr5SUCUT4TeezPbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHqXyP5jGpD9y3NlExEir6LCpEkMB8GA1UdIwQY
MBaAFDGCjJnTXLkuLVPa8Sjkl+hBtjqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYt
ZWIzN2E4NWE4MmM1LzEvOGVwZklfbU1ha1AzTGMyVVRFU0t2b3NLa1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYtZWIzN2E4NWE4MmM1
LzEvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnv84MA0G
CSqGSIb3DQEBCwUAA4IBAQB5ry/I6W32ckoNKd6NIgGVdBUK3Uzov4MFqqPD70MD
jK9r18JKEQtY+EaJ50fQ77whidOWm+bcv4Ru38nBKhKF+vS67DliKJW6QEDNGRei
V5Yvyok7Tq0n6WytwFWHSaonaZ3ubnhvtg+IIpyhX2v+80jrpDPvhDgPk9BZmEuO
OyzmRVDTBaej/wG+rILbCfVhuIkWuTsLYgmhDvzBPaIVuFJN+DFytemHAzPbzHyk
42JmkygtdJDV/60MPenS1qzQ++oK6oGfCYjwcvKMeXdkKDJrFiHbKJKz0FV2dlRe
AqbVU0Dht2PTcyD3DilFcr+P3k/6H+dXP6SrIAksRZdA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net