Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/SEXt1RRFTdGh6sBs88rhzbxfWxo.roa
File: SEXt1RRFTdGh6sBs88rhzbxfWxo.roa (raw, json)
Hash identifier: TqoxAFEnicrdVVeXGPtxpbw1lqvW/xQbPaLth9jsXOI=
Subject key identifier: 48:45:ED:D5:14:45:4D:D1:A1:EA:C0:6C:F3:CA:E1:CD:BC:5F:5B:1A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B3016B8F1E088710FB83A92168E9C9
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/SEXt1RRFTdGh6sBs88rhzbxfWxo.roa
Signing time: Thu 02 Jan 2025 01:48:18 +0000
ROA not before: Thu 02 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212717
IP address blocks: 85.254.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:01:6b:8f:1e:08:87:10:fb:83:a9:21:68:e9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4845edd514454dd1a1eac06cf3cae1cdbc5f5b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:e1:41:6b:2c:23:84:b7:76:74:fb:9a:a2:
72:6b:47:d2:eb:31:3a:3f:a3:2a:4b:8a:98:09:5e:
b0:e9:dd:d5:c2:f6:e1:74:bb:7f:f3:c8:5f:6b:24:
d8:76:3c:2c:b2:f3:c3:fe:9b:77:ee:23:a4:30:e2:
0a:55:bc:6c:cf:31:f0:77:8f:6e:d4:43:40:7c:29:
a0:cc:78:77:ec:0e:ea:51:4b:04:17:85:78:bb:f2:
2b:3a:db:95:00:92:33:46:45:8d:e7:0f:01:44:e9:
d2:65:8b:b5:45:a2:15:17:80:c4:60:d2:a9:61:0f:
dc:7b:7c:81:91:a9:91:91:6b:17:68:06:c6:8e:d8:
39:a8:2b:a4:aa:ab:54:2c:d5:de:27:af:27:64:8a:
76:bd:d5:c0:db:db:71:6e:4e:3e:b3:a6:e3:b2:59:
3c:08:97:2d:8c:c7:09:70:f6:96:5e:cf:5e:28:35:
2b:6a:0d:8e:62:76:e9:3b:60:2c:66:34:9b:84:4e:
d6:24:f6:13:9d:8e:7a:76:81:0c:b4:4a:55:6d:68:
d3:74:de:1f:75:fa:a0:77:23:a0:4c:57:1b:84:a8:
ad:77:92:f4:53:c1:84:90:84:98:a3:48:5f:52:26:
b1:d6:c1:5b:6f:a0:cf:de:3f:0f:c0:b9:49:ab:5f:
8e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:45:ED:D5:14:45:4D:D1:A1:EA:C0:6C:F3:CA:E1:CD:BC:5F:5B:1A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/SEXt1RRFTdGh6sBs88rhzbxfWxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.28.0/24
Signature Algorithm: sha256WithRSAEncryption
30:68:b6:d7:29:0b:2e:8d:88:2a:ae:9e:19:c0:99:f1:27:74:
a1:ed:f8:ca:85:8c:72:77:8e:1d:5c:9c:fb:94:4b:27:cc:fb:
28:bb:01:01:4d:50:75:d0:74:3d:f0:25:9f:f7:68:c4:0b:05:
56:9d:41:a7:e4:54:66:c0:3e:bf:95:cd:31:a4:8a:6b:d9:fa:
35:e7:4f:d5:43:7e:13:09:ce:76:32:1b:fd:01:e9:06:a6:99:
f4:4d:d6:fe:d2:dc:d3:06:f1:fd:26:85:a6:50:a8:45:4c:87:
70:b6:01:bb:6e:0b:e1:7f:e6:8e:7e:41:d2:e3:19:59:f7:6e:
ee:f3:3b:66:54:22:bc:30:ec:82:dc:d7:58:83:6a:a2:04:31:
5b:46:49:17:47:7c:33:aa:2f:4c:a1:c3:fc:dc:fc:a9:56:e2:
bd:5e:86:69:63:93:58:f8:f1:47:f7:3c:88:97:e3:79:fb:25:
65:5e:8c:36:b1:73:59:ec:ea:64:8b:dc:e6:eb:31:6b:c8:04:
67:48:3b:48:20:f3:bd:d6:84:41:ea:58:34:a9:54:55:73:22:
89:b4:5d:83:54:93:d2:9c:29:91:ba:b8:2f:09:b4:9a:f4:ec:
70:ef:a2:7e:24:17:43:91:65:90:35:dd:8e:b1:c3:a5:8d:93:
b9:88:a2:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkswFrjx4IhxD7g6khaOnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQ1ZWRkNTE0NDU0ZGQxYTFlYWMwNmNmM2NhZTFjZGJjNWY1YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI3hQWssI4S3dnT7mqJya0fS6zE6
P6MqS4qYCV6w6d3VwvbhdLt/88hfayTYdjwssvPD/pt37iOkMOIKVbxszzHwd49u
1ENAfCmgzHh37A7qUUsEF4V4u/IrOtuVAJIzRkWN5w8BROnSZYu1RaIVF4DEYNKp
YQ/ce3yBkamRkWsXaAbGjtg5qCukqqtULNXeJ68nZIp2vdXA29txbk4+s6bjslk8
CJctjMcJcPaWXs9eKDUrag2OYnbpO2AsZjSbhE7WJPYTnY56doEMtEpVbWjTdN4f
dfqgdyOgTFcbhKitd5L0U8GEkISYo0hfUiax1sFbb6DP3j8PwLlJq1+OgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhF7dUURU3RoerAbPPK4c28X1saMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvU0VYdDFSUkZUZEdoNnNCczg4cmh6YnhmV3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf4cMA0G
CSqGSIb3DQEBCwUAA4IBAQAwaLbXKQsujYgqrp4ZwJnxJ3Sh7fjKhYxyd44dXJz7
lEsnzPsouwEBTVB10HQ98CWf92jECwVWnUGn5FRmwD6/lc0xpIpr2fo150/VQ34T
Cc52Mhv9AekGppn0Tdb+0tzTBvH9JoWmUKhFTIdwtgG7bgvhf+aOfkHS4xlZ927u
8ztmVCK8MOyC3NdYg2qiBDFbRkkXR3wzqi9MocP83PypVuK9XoZpY5NY+PFH9zyI
l+N5+yVlXow2sXNZ7Opki9zm6zFryARnSDtIIPO91oRB6lg0qVRVcyKJtF2DVJPS
nCmRurgvCbSa9Oxw76J+JBdDkWWQNd2OscOljZO5iKKP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:18 2025 by rpki-client