Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dTrad9zBkuf1kg0cgfBRSmbnm6o.roa
File: dTrad9zBkuf1kg0cgfBRSmbnm6o.roa (raw, json)
Hash identifier: vCwiQt8R61nFWf5QjsNL/1/KnwfPRWZbM1zqpXVr4As=
Subject key identifier: 75:3A:DA:77:DC:C1:92:E7:F5:92:0D:1C:81:F0:51:4A:66:E7:9B:AA
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019425219163EE06B8729038BAF9C25B7925
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dTrad9zBkuf1kg0cgfBRSmbnm6o.roa
Signing time: Thu 02 Jan 2025 03:49:04 +0000
ROA not before: Thu 02 Jan 2025 03:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 85.239.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:91:63:ee:06:b8:72:90:38:ba:f9:c2:5b:79:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 2 03:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=753ada77dcc192e7f5920d1c81f0514a66e79baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0f:9c:7b:81:ea:7f:1e:7d:3d:25:55:20:80:
34:c0:94:46:b3:1a:62:dd:48:d4:20:59:21:fc:e1:
8f:28:61:24:f0:c3:56:f2:68:da:23:bd:2f:8b:93:
03:2c:de:c1:e5:dc:cb:1f:0a:2c:95:5c:aa:77:d7:
51:50:91:88:db:75:19:33:be:2a:14:e0:5e:c2:eb:
1c:87:eb:a2:78:eb:d3:42:1c:61:4a:80:62:10:a9:
d5:90:6f:f9:82:94:8b:20:7a:65:5f:ce:c4:38:86:
e4:a6:eb:ed:07:dd:e9:87:e2:02:0f:b7:ab:71:8c:
d5:38:bf:30:72:30:ef:90:0f:ba:7e:31:e0:9c:60:
ea:4b:b0:14:c4:22:42:0a:09:b9:4e:72:43:1c:de:
33:db:30:2d:a3:a0:96:df:e1:84:2d:25:3c:54:2a:
97:d7:2f:5b:89:5c:09:5e:02:da:c9:76:e3:3a:db:
73:0a:17:81:c5:53:f5:8e:8e:c6:c4:06:5d:18:02:
44:ec:d8:e0:b7:1a:af:b9:d1:f6:0b:4f:f9:f8:c3:
68:b7:a6:48:b2:3f:fd:b5:62:fd:ad:7e:be:a5:ca:
ca:7a:c9:de:e4:0a:aa:fa:a3:37:f6:37:b6:e1:30:
28:ca:39:b3:8f:4c:2f:0c:da:64:17:0a:c7:74:88:
3d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3A:DA:77:DC:C1:92:E7:F5:92:0D:1C:81:F0:51:4A:66:E7:9B:AA
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dTrad9zBkuf1kg0cgfBRSmbnm6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:0d:9c:59:f2:7d:15:9d:d0:4b:cf:97:7d:2c:b3:70:c1:bd:
a0:f4:ee:09:e2:0f:3e:bd:78:ea:1e:79:2c:dc:4c:f9:f1:dc:
4e:51:95:7c:68:3f:db:86:35:46:e6:3d:17:c8:d4:71:4e:bf:
f9:12:3f:f7:9b:83:7e:0f:6d:49:cb:7e:c8:ea:b3:75:b1:f5:
d1:d5:9c:38:49:b4:be:89:f4:93:f4:10:52:4e:f6:3f:ed:c8:
a7:9b:59:96:47:b0:95:55:15:c9:79:91:3a:f2:b3:f1:f6:7d:
80:99:ce:82:2c:6a:84:af:98:81:ee:91:85:80:45:97:82:4b:
24:ef:8d:1a:0b:2e:f8:c3:f7:e8:0b:0a:7c:5b:99:44:8c:3c:
53:92:e9:11:3c:f9:61:b7:db:8c:bb:ce:31:c3:7f:a3:e5:e0:
7f:57:3f:04:f8:49:36:59:67:49:83:9f:f4:93:44:f2:9c:76:
85:65:c4:67:d0:b6:4f:a8:91:10:78:3f:ce:e2:a7:4d:74:c3:
13:7b:0c:8d:5d:35:e1:7b:e1:28:45:f3:31:85:c7:83:9c:2b:
01:a8:c5:64:7d:38:4a:da:72:6a:88:1c:0f:3e:0b:c6:f5:dd:
f6:53:a2:60:7c:0b:e1:3a:1e:1b:19:26:73:d6:8e:39:a5:cc:
19:ef:db:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIZFj7ga4cpA4uvnCW3klMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMTAyMDM0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTNhZGE3N2RjYzE5MmU3ZjU5MjBkMWM4MWYwNTE0YTY2ZTc5YmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7w+ce4Hqfx59PSVVIIA0wJRGsxpi
3UjUIFkh/OGPKGEk8MNW8mjaI70vi5MDLN7B5dzLHwoslVyqd9dRUJGI23UZM74q
FOBewusch+uieOvTQhxhSoBiEKnVkG/5gpSLIHplX87EOIbkpuvtB93ph+ICD7er
cYzVOL8wcjDvkA+6fjHgnGDqS7AUxCJCCgm5TnJDHN4z2zAto6CW3+GELSU8VCqX
1y9biVwJXgLayXbjOttzCheBxVP1jo7GxAZdGAJE7NjgtxqvudH2C0/5+MNot6ZI
sj/9tWL9rX6+pcrKesne5Aqq+qM39je24TAoyjmzj0wvDNpkFwrHdIg9dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHU62nfcwZLn9ZINHIHwUUpm55uqMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZFRyYWQ5ekJrdWYxa2cwY2dmQlJTbWJubTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe+QMA0G
CSqGSIb3DQEBCwUAA4IBAQClDZxZ8n0VndBLz5d9LLNwwb2g9O4J4g8+vXjqHnks
3Ez58dxOUZV8aD/bhjVG5j0XyNRxTr/5Ej/3m4N+D21Jy37I6rN1sfXR1Zw4SbS+
ifST9BBSTvY/7cinm1mWR7CVVRXJeZE68rPx9n2Amc6CLGqEr5iB7pGFgEWXgksk
740aCy74w/foCwp8W5lEjDxTkukRPPlht9uMu84xw3+j5eB/Vz8E+Ek2WWdJg5/0
k0TynHaFZcRn0LZPqJEQeD/O4qdNdMMTewyNXTXhe+EoRfMxhceDnCsBqMVkfThK
2nJqiBwPPgvG9d32U6JgfAvhOh4bGSZz1o45pcwZ79sd
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:52 2025 by rpki-client