Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dt1bzx9p7m0uE8ubvPkktplimjQ.roa
File: dt1bzx9p7m0uE8ubvPkktplimjQ.roa (raw, json)
Hash identifier: BGthPDtnn++lKGkNnfGUngrHw27ojlB4xD6KodlOOZ8=
Subject key identifier: 76:DD:5B:CF:1F:69:EE:6D:2E:13:CB:9B:BC:F9:24:B6:99:62:9A:34
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019425218CEE318BA92ECE4C2BBF2F89733B
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dt1bzx9p7m0uE8ubvPkktplimjQ.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
85.239.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8c:ee:31:8b:a9:2e:ce:4c:2b:bf:2f:89:73:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76dd5bcf1f69ee6d2e13cb9bbcf924b699629a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:45:df:e2:fb:e2:8e:8a:11:66:1e:49:ae:1e:
b8:bb:b6:33:a2:c3:15:38:48:07:6d:d2:19:84:a7:
83:74:ad:e3:21:d4:45:9f:45:98:0c:72:36:12:8d:
dc:38:9b:67:a2:d4:cf:f8:09:81:7e:8b:ab:80:e8:
4a:51:eb:61:cb:ae:fe:a1:31:92:f9:5c:c6:69:d0:
c7:54:11:ff:d2:49:a2:12:b8:06:aa:95:99:78:ed:
0a:e1:d5:94:e7:63:38:5a:67:87:d3:61:c3:ff:bd:
5b:86:b7:65:24:df:66:72:3b:3a:c9:99:2e:53:7c:
91:53:29:7d:6c:e5:b6:00:e8:f8:0c:5b:1c:50:b4:
43:5e:12:4d:11:0c:d6:34:e0:98:61:c9:36:fd:4d:
55:45:31:6f:1b:fe:28:60:91:44:51:83:83:b6:03:
25:79:c7:94:32:6f:47:00:5f:83:1e:5d:fd:9d:40:
85:1e:bf:1a:2a:90:f3:3b:97:e3:f9:f3:9d:56:97:
8b:bf:56:9a:ab:7c:92:62:15:17:de:42:c0:8b:75:
17:3a:6f:0b:ea:23:34:07:04:0f:7f:77:eb:fc:7e:
37:88:72:27:3e:b1:1e:c8:fb:41:0a:44:52:73:23:
09:cf:41:f2:eb:fb:e8:86:10:60:43:cf:26:e9:92:
76:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DD:5B:CF:1F:69:EE:6D:2E:13:CB:9B:BC:F9:24:B6:99:62:9A:34
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dt1bzx9p7m0uE8ubvPkktplimjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.146.0/23
85.239.156.0/24
Signature Algorithm: sha256WithRSAEncryption
70:c0:09:ca:50:d4:d4:2c:2f:dc:c9:c9:b9:88:d0:34:ee:93:
d9:65:2e:d6:1d:fa:d4:99:42:b0:00:65:e8:40:2c:2f:c8:1c:
6c:24:bf:f5:52:d5:d7:ee:69:73:ed:cb:bf:21:27:08:15:ac:
ab:bd:05:8d:1e:0b:a1:8f:0e:e2:b3:5e:ef:04:98:ce:a5:49:
df:ab:ca:1f:bc:e0:8a:b2:94:d2:2f:b1:c0:fa:8c:de:0a:90:
28:1c:48:3d:a1:26:37:39:42:ca:87:ca:5c:9a:da:1b:87:41:
21:ae:f4:8f:b0:79:fe:93:bd:f6:4d:db:78:5a:2f:65:9c:96:
9d:04:33:1e:b3:ed:66:3a:d0:e3:28:e8:10:e6:9e:86:62:90:
18:dd:f3:4d:0c:19:5f:62:12:c4:97:c2:b8:90:d2:16:49:2e:
c3:21:a7:c4:32:46:3a:f7:7f:66:a6:7d:55:c5:6f:91:ca:35:
53:97:b0:55:2b:c9:46:37:b2:58:25:36:2b:b4:ed:39:29:7b:
73:be:b3:ae:5f:26:c5:89:05:c4:fd:e0:c9:e1:e5:5b:21:cf:
d9:07:57:ae:a2:32:cb:cb:c4:56:2c:a7:fd:b5:1a:74:b3:98:
ad:4b:5b:2f:b4:24:7d:8f:b9:ef:37:6f:3e:6f:c2:22:22:64:
4f:66:1f:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIYzuMYupLs5MK78viXM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRkNWJjZjFmNjllZTZkMmUxM2NiOWJiY2Y5MjRiNjk5NjI5YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUXf4vvijooRZh5Jrh64u7YzosMV
OEgHbdIZhKeDdK3jIdRFn0WYDHI2Eo3cOJtnotTP+AmBfourgOhKUethy67+oTGS
+VzGadDHVBH/0kmiErgGqpWZeO0K4dWU52M4WmeH02HD/71bhrdlJN9mcjs6yZku
U3yRUyl9bOW2AOj4DFscULRDXhJNEQzWNOCYYck2/U1VRTFvG/4oYJFEUYODtgMl
eceUMm9HAF+DHl39nUCFHr8aKpDzO5fj+fOdVpeLv1aaq3ySYhUX3kLAi3UXOm8L
6iM0BwQPf3fr/H43iHInPrEeyPtBCkRScyMJz0Hy6/vohhBgQ88m6ZJ2UwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHbdW88fae5tLhPLm7z5JLaZYpo0MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZHQxYnp4OXA3bTB1RTh1YnZQa2t0cGxpbWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVe+SAwQA
Ve+cMA0GCSqGSIb3DQEBCwUAA4IBAQBwwAnKUNTULC/cycm5iNA07pPZZS7WHfrU
mUKwAGXoQCwvyBxsJL/1UtXX7mlz7cu/IScIFayrvQWNHguhjw7is17vBJjOpUnf
q8ofvOCKspTSL7HA+ozeCpAoHEg9oSY3OULKh8pcmtobh0EhrvSPsHn+k732Tdt4
Wi9lnJadBDMes+1mOtDjKOgQ5p6GYpAY3fNNDBlfYhLEl8K4kNIWSS7DIafEMkY6
939mpn1VxW+RyjVTl7BVK8lGN7JYJTYrtO05KXtzvrOuXybFiQXE/eDJ4eVbIc/Z
B1euojLLy8RWLKf9tRp0s5itS1svtCR9j7nvN28+b8IiImRPZh+C
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:58 2025 by rpki-client