Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/VmDiDZU5j_jVvS28SRt208tKd1k.roa
File: VmDiDZU5j_jVvS28SRt208tKd1k.roa (raw, json)
Hash identifier: FRI4bFE5EfnWhCnVwcnLML2H5HJ4T4tcvHv/9lasnq4=
Subject key identifier: 56:60:E2:0D:95:39:8F:F8:D5:BD:2D:BC:49:1B:76:D3:CB:4A:77:59
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0194252191CD660ABB4CAC156B9CDAC327F4
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/VmDiDZU5j_jVvS28SRt208tKd1k.roa
Signing time: Thu 02 Jan 2025 03:49:04 +0000
ROA not before: Thu 02 Jan 2025 03:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 85.239.148.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:91:cd:66:0a:bb:4c:ac:15:6b:9c:da:c3:27:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 2 03:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5660e20d95398ff8d5bd2dbc491b76d3cb4a7759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:31:e2:28:07:5c:6b:86:6a:8a:67:8f:4b:dc:
69:80:01:d7:11:0f:33:40:3f:fe:eb:88:49:ef:84:
81:ad:3b:9e:45:d4:c6:f1:42:8f:d7:c2:9c:3d:d2:
3d:2d:ff:77:ef:07:78:18:a9:65:4f:09:0e:3a:24:
ad:d9:6c:59:4c:34:a0:23:c3:3f:d9:c9:dd:52:af:
aa:9e:9f:2e:62:60:40:be:57:ff:09:ea:ee:c7:5e:
e4:42:80:02:c8:b0:db:65:ad:93:36:d3:61:4d:83:
6d:48:8f:10:da:f1:a1:5a:85:6b:67:a4:eb:bd:72:
c1:3e:e4:78:e8:10:96:88:c4:fa:05:41:26:96:95:
a9:b1:d2:04:67:4c:f4:0b:91:9e:ac:01:c4:95:9e:
b2:0c:3a:d4:89:f4:f9:a3:29:c2:9d:29:e4:2e:f0:
c4:fd:c7:31:a9:88:21:35:e8:2f:44:72:5f:ad:f0:
bd:d1:b3:ef:b3:f3:7f:3f:32:37:9e:1a:15:4b:78:
01:7e:af:10:56:b5:7a:64:e7:53:4c:61:fb:0c:75:
07:2b:bd:10:99:26:89:f9:1a:3c:76:dc:03:36:81:
87:2a:92:16:74:07:80:11:b5:5a:1e:fa:64:fd:84:
be:47:92:27:f3:a0:05:89:a7:b0:d7:68:a0:95:c3:
02:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:60:E2:0D:95:39:8F:F8:D5:BD:2D:BC:49:1B:76:D3:CB:4A:77:59
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/VmDiDZU5j_jVvS28SRt208tKd1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0/24
185.95.157.0-185.95.158.255
Signature Algorithm: sha256WithRSAEncryption
57:2d:9d:43:be:04:f5:8e:4c:72:b4:a3:9d:00:75:88:e9:7d:
fa:38:78:48:72:df:ff:fb:4f:5a:85:15:18:f5:f1:ac:17:36:
c3:61:9f:16:39:07:0a:14:cf:dd:19:57:3e:c7:9a:f0:20:26:
da:1a:38:19:95:26:39:2a:ef:64:52:fb:9c:e4:27:44:63:f9:
17:59:29:27:d8:e6:5d:0f:0b:34:b2:e3:dc:b0:fe:3f:be:e4:
71:98:7a:55:4f:c6:e7:0c:6f:43:fa:8e:44:b8:98:4c:c5:9b:
c6:a2:13:f7:3f:2d:dd:dc:3c:4f:d0:ea:9b:da:10:8d:c8:ef:
f9:14:61:bd:6b:d8:fc:34:37:8f:25:fb:da:38:55:a2:cd:8e:
19:af:31:26:2a:c0:fb:71:ac:f9:3a:a1:84:74:25:ee:8b:20:
5f:b6:eb:3a:f8:35:00:a3:32:b5:9c:e0:88:76:13:2b:24:1f:
eb:2e:ac:c5:e6:61:4f:93:a6:6e:40:24:d5:a1:19:22:c0:35:
80:12:fa:7f:ec:ed:48:07:73:2e:cc:12:34:87:f0:bb:16:ed:
35:03:02:4e:a7:76:3e:2c:fa:c6:c0:78:54:52:79:ac:fc:e9:
b8:1a:f1:a0:bd:de:ac:59:71:f8:0d:29:64:ca:ae:5b:9b:e7:
85:cd:3b:ec
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIZHNZgq7TKwVa5zawyf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMTAyMDM0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjYwZTIwZDk1Mzk4ZmY4ZDViZDJkYmM0OTFiNzZkM2NiNGE3NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDHiKAdca4ZqimePS9xpgAHXEQ8z
QD/+64hJ74SBrTueRdTG8UKP18KcPdI9Lf937wd4GKllTwkOOiSt2WxZTDSgI8M/
2cndUq+qnp8uYmBAvlf/Cerux17kQoACyLDbZa2TNtNhTYNtSI8Q2vGhWoVrZ6Tr
vXLBPuR46BCWiMT6BUEmlpWpsdIEZ0z0C5GerAHElZ6yDDrUifT5oynCnSnkLvDE
/ccxqYghNegvRHJfrfC90bPvs/N/PzI3nhoVS3gBfq8QVrV6ZOdTTGH7DHUHK70Q
mSaJ+Ro8dtwDNoGHKpIWdAeAEbVaHvpk/YS+R5In86AFiaew12iglcMCWQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFZg4g2VOY/41b0tvEkbdtPLSndZMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvVm1EaURaVTVqX2pWdlMyOFNSdDIwOHRLZDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVe+UMAwD
BAC5X50DBAC5X54wDQYJKoZIhvcNAQELBQADggEBAFctnUO+BPWOTHK0o50AdYjp
ffo4eEhy3//7T1qFFRj18awXNsNhnxY5BwoUz90ZVz7HmvAgJtoaOBmVJjkq72RS
+5zkJ0Rj+RdZKSfY5l0PCzSy49yw/j++5HGYelVPxucMb0P6jkS4mEzFm8aiE/c/
Ld3cPE/Q6pvaEI3I7/kUYb1r2Pw0N48l+9o4VaLNjhmvMSYqwPtxrPk6oYR0Je6L
IF+26zr4NQCjMrWc4Ih2EyskH+surMXmYU+Tpm5AJNWhGSLANYAS+n/s7UgHcy7M
EjSH8LsW7TUDAk6ndj4s+sbAeFRSeaz86bga8aC93qxZcfgNKWTKrlub54XNO+w=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:13 2025 by rpki-client