Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/q_Pvn1hO4nJ1-lDTE1RN08XrbO0.roa
File: q_Pvn1hO4nJ1-lDTE1RN08XrbO0.roa (raw, json)
Hash identifier: 2BbzVhNusua3bMuyyOVO6NzlIoGcuorftJbIXoCMReI=
Subject key identifier: AB:F3:EF:9F:58:4E:E2:72:75:FA:50:D3:13:54:4D:D3:C5:EB:6C:ED
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018AD188A1D33D351200535DF1EC007A2631
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/q_Pvn1hO4nJ1-lDTE1RN08XrbO0.roa
Signing time: Tue 26 Sep 2023 12:48:27 +0000
ROA not before: Tue 26 Sep 2023 12:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.145.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:88:a1:d3:3d:35:12:00:53:5d:f1:ec:00:7a:26:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Sep 26 12:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abf3ef9f584ee27275fa50d313544dd3c5eb6ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4e:f6:de:c2:76:d3:e3:ec:b6:59:4b:64:4a:
49:30:97:59:3c:d1:34:17:6d:cf:2a:12:38:1d:a4:
bd:3d:46:88:99:46:dd:02:2c:c0:b4:fb:9c:ae:7e:
8f:63:99:38:7a:e6:a0:ac:03:c9:3d:a9:23:c6:e8:
50:84:ff:d7:8c:12:a2:87:16:ec:9c:df:51:61:0a:
a9:49:33:28:e1:1d:e2:71:32:d3:7e:a9:3f:8b:ca:
ba:f3:39:96:7b:eb:05:41:5c:e7:f7:aa:52:8f:fc:
4d:90:72:73:80:5d:19:6a:38:86:0c:20:09:d3:cb:
84:c7:de:9d:ba:e1:e9:9d:76:62:1b:c4:00:ca:fc:
06:4f:d6:34:5d:fd:20:e7:54:d3:39:c1:e3:03:a7:
df:61:3c:4e:da:1a:02:f9:ed:28:6a:6f:0a:c7:10:
f8:5c:a7:5d:41:c8:8e:d9:2f:f9:0a:df:89:01:23:
ce:83:eb:e7:d9:4c:9b:a4:49:e6:62:3c:97:1d:71:
e7:af:e6:5d:88:fb:fc:ba:d7:3e:68:4d:11:52:0d:
ed:d0:c1:0f:1d:f2:0f:0b:71:75:80:9b:92:50:c5:
1f:16:4a:c9:d8:91:4d:75:ab:25:aa:d3:f1:1a:f8:
8c:d2:54:da:30:8e:35:35:73:0d:c7:c2:aa:bb:7f:
99:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F3:EF:9F:58:4E:E2:72:75:FA:50:D3:13:54:4D:D3:C5:EB:6C:ED
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/q_Pvn1hO4nJ1-lDTE1RN08XrbO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0-85.239.148.255
85.239.151.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:dd:ce:2d:f6:b0:d5:15:71:78:45:44:07:0d:21:4c:98:d5:
6a:b2:48:14:13:16:15:0e:0e:74:b8:79:84:44:05:83:8b:5d:
35:66:72:70:0c:ea:4a:14:ed:69:a7:a6:c0:a9:af:e9:e6:9c:
99:f8:24:23:36:3a:8f:da:6f:ee:00:82:69:e8:74:21:8f:a6:
4c:cb:01:92:24:bb:af:57:a6:09:9b:c2:f5:2b:2e:68:5c:c8:
b0:3f:ec:9b:3c:d1:6a:ef:44:a1:da:19:e8:2a:b8:0a:a7:7e:
70:bd:aa:5e:1b:56:73:a4:23:2e:33:e2:fb:6d:76:01:1f:fc:
da:da:bc:9c:83:c4:2b:3d:47:a6:97:26:cf:93:61:34:d0:1c:
3a:fa:38:d2:d7:a3:85:b1:bc:67:2e:5a:75:26:cb:c9:06:84:
52:b7:45:23:50:30:4b:4b:fa:be:3a:c4:a4:b9:af:b4:6a:fc:
fb:e3:9a:5e:ae:72:6c:d9:bf:98:fd:dc:ce:65:71:58:2e:67:
5f:7c:af:da:95:8e:51:e9:d7:49:be:d9:9f:e2:2d:b3:71:93:
fa:5f:6c:48:da:d4:08:68:df:38:5f:9b:54:97:78:fb:0e:bd:
b8:08:45:3e:8a:3d:29:fb:9a:ae:3f:03:71:f8:87:65:13:89:
6b:50:c3:9b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYrRiKHTPTUSAFNd8ewAeiYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwOTI2MTI0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmYzZWY5ZjU4NGVlMjcyNzVmYTUwZDMxMzU0NGRkM2M1ZWI2Y2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20723sJ20+PstllLZEpJMJdZPNE0
F23PKhI4HaS9PUaImUbdAizAtPucrn6PY5k4euagrAPJPakjxuhQhP/XjBKihxbs
nN9RYQqpSTMo4R3icTLTfqk/i8q68zmWe+sFQVzn96pSj/xNkHJzgF0ZajiGDCAJ
08uEx96duuHpnXZiG8QAyvwGT9Y0Xf0g51TTOcHjA6ffYTxO2hoC+e0oam8KxxD4
XKddQciO2S/5Ct+JASPOg+vn2UybpEnmYjyXHXHnr+ZdiPv8utc+aE0RUg3t0MEP
HfIPC3F1gJuSUMUfFkrJ2JFNdaslqtPxGviM0lTaMI41NXMNx8Kqu3+Z1QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKvz759YTuJydfpQ0xNUTdPF62ztMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvcV9Qdm4xaE80bkoxLWxEVEUxUk4wOFhyYk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARV75AD
BABV75QDBABV75cwDQYJKoZIhvcNAQELBQADggEBAE7dzi32sNUVcXhFRAcNIUyY
1WqySBQTFhUODnS4eYREBYOLXTVmcnAM6koU7WmnpsCpr+nmnJn4JCM2Oo/ab+4A
gmnodCGPpkzLAZIku69XpgmbwvUrLmhcyLA/7Js80WrvRKHaGegquAqnfnC9ql4b
VnOkIy4z4vttdgEf/NravJyDxCs9R6aXJs+TYTTQHDr6ONLXo4WxvGcuWnUmy8kG
hFK3RSNQMEtL+r46xKS5r7Rq/Pvjml6ucmzZv5j93M5lcVguZ198r9qVjlHp10m+
2Z/iLbNxk/pfbEja1Aho3zhfm1SXePsOvbgIRT6KPSn7mq4/A3H4h2UTiWtQw5s=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:53 2025 by rpki-client