Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CzsD8R8yjoOh9ePdmIFTXWCt40A.roa
File: CzsD8R8yjoOh9ePdmIFTXWCt40A.roa (raw, json)
Hash identifier: Vhv7pOyJEflwoFdYshZKMjFgHzHNPx9Te1M3xOu5BCo=
Subject key identifier: 0B:3B:03:F1:1F:32:8E:83:A1:F5:E3:DD:98:81:53:5D:60:AD:E3:40
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2F349D227493BB2260AF35059279C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CzsD8R8yjoOh9ePdmIFTXWCt40A.roa
Signing time: Thu 02 Jan 2025 01:48:14 +0000
ROA not before: Thu 02 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56938
IP address blocks: 85.254.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:f3:49:d2:27:49:3b:b2:26:0a:f3:50:59:27:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b3b03f11f328e83a1f5e3dd9881535d60ade340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f1:07:cf:2b:62:61:b7:0f:95:3e:55:a0:42:
62:4c:66:22:57:f2:6a:89:a0:fd:c0:75:59:2e:d4:
2b:10:86:c5:4a:5d:87:4b:ea:ab:ff:4c:03:77:a2:
e8:e1:46:ac:a2:fd:b7:60:cd:7a:f0:7b:8b:32:c6:
d5:1a:64:db:1a:c6:b5:f6:57:44:28:a9:d5:57:2e:
8b:ee:32:14:10:dc:83:b3:42:91:24:04:bd:c7:9e:
cc:24:cd:17:07:ca:4c:8d:02:a2:67:a5:99:59:8b:
89:32:6c:86:58:c2:7e:13:86:2c:8e:3f:5a:86:64:
ef:bb:db:6a:00:aa:b1:63:1d:3a:2f:b3:dc:b5:b4:
d6:f9:5d:51:ad:06:88:a5:25:30:c9:db:bd:da:b3:
e9:f2:7d:ec:ba:8f:03:6f:38:c7:40:69:fc:c6:75:
56:89:92:97:a6:e6:55:6b:2b:70:42:f9:e6:cb:98:
75:48:33:e7:d8:64:d5:22:77:58:78:eb:15:68:46:
0f:38:51:52:12:10:c7:bd:39:8e:18:b7:9e:6c:4e:
c8:fb:9d:5e:0f:6d:92:00:28:65:01:ec:2b:75:05:
3a:54:65:38:75:02:52:7c:22:b0:f8:14:48:db:01:
c9:76:91:46:f1:ce:5e:8b:bb:68:b8:ca:09:2a:cf:
c4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3B:03:F1:1F:32:8E:83:A1:F5:E3:DD:98:81:53:5D:60:AD:E3:40
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CzsD8R8yjoOh9ePdmIFTXWCt40A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
13:f7:98:22:2c:1c:fa:e1:87:7d:c5:50:53:b0:ac:55:b9:1d:
99:13:39:5c:3c:5a:74:4d:1a:d5:34:27:4b:99:61:60:3c:2c:
c2:c6:56:df:6d:54:59:2c:bb:da:f4:6f:e3:68:c4:4d:75:3f:
df:6f:19:e1:f6:57:b3:0a:83:9b:43:fa:41:2e:7a:c8:19:16:
29:47:78:e7:72:d8:20:6f:43:93:c5:d6:e7:5c:8a:73:92:10:
58:75:15:c8:9a:af:60:1a:4a:91:d3:3f:bd:c9:e7:33:1e:38:
e8:8f:7e:ff:f4:93:80:0e:dc:5a:00:e0:52:0f:30:b8:4e:f9:
7f:9e:0a:d0:da:0c:5a:fe:fa:ab:31:65:e1:96:2e:b4:91:20:
29:cc:2b:b5:18:54:25:11:35:ea:cb:5f:e4:cb:15:84:74:f1:
31:69:24:03:5d:45:da:00:e2:f7:06:23:96:bc:8a:db:39:f2:
61:a9:74:ad:d1:e0:76:16:24:3b:18:9b:4e:54:fc:29:67:38:
87:9e:d2:6e:4c:5b:c8:f3:43:88:97:3b:1e:a2:a2:29:74:44:
5e:cc:e4:4e:2d:11:96:2f:0e:27:e2:7d:83:17:2a:d9:44:83:
41:48:fa:b5:54:ba:9c:6a:35:4b:78:b0:ca:b1:bb:1e:17:a1:
5c:a4:fb:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksvNJ0idJO7ImCvNQWSecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNiMDNmMTFmMzI4ZTgzYTFmNWUzZGQ5ODgxNTM1ZDYwYWRlMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/EHzytiYbcPlT5VoEJiTGYiV/Jq
iaD9wHVZLtQrEIbFSl2HS+qr/0wDd6Lo4Uasov23YM168HuLMsbVGmTbGsa19ldE
KKnVVy6L7jIUENyDs0KRJAS9x57MJM0XB8pMjQKiZ6WZWYuJMmyGWMJ+E4Ysjj9a
hmTvu9tqAKqxYx06L7PctbTW+V1RrQaIpSUwydu92rPp8n3suo8DbzjHQGn8xnVW
iZKXpuZVaytwQvnmy5h1SDPn2GTVIndYeOsVaEYPOFFSEhDHvTmOGLeebE7I+51e
D22SAChlAewrdQU6VGU4dQJSfCKw+BRI2wHJdpFG8c5ei7touMoJKs/EhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAs7A/EfMo6DofXj3ZiBU11greNAMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQ3pzRDhSOHlqb09oOWVQZG1JRlRYV0N0NDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf6eMA0G
CSqGSIb3DQEBCwUAA4IBAQAT95giLBz64Yd9xVBTsKxVuR2ZEzlcPFp0TRrVNCdL
mWFgPCzCxlbfbVRZLLva9G/jaMRNdT/fbxnh9lezCoObQ/pBLnrIGRYpR3jnctgg
b0OTxdbnXIpzkhBYdRXImq9gGkqR0z+9yeczHjjoj37/9JOADtxaAOBSDzC4Tvl/
ngrQ2gxa/vqrMWXhli60kSApzCu1GFQlETXqy1/kyxWEdPExaSQDXUXaAOL3BiOW
vIrbOfJhqXSt0eB2FiQ7GJtOVPwpZziHntJuTFvI80OIlzseoqIpdERezOROLRGW
Lw4n4n2DFyrZRINBSPq1VLqcajVLeLDKsbseF6FcpPs5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:49 2025 by rpki-client