Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ib_NqiX8PkqJFapz08SqiF--Hyg.roa
File: ib_NqiX8PkqJFapz08SqiF--Hyg.roa (raw, json)
Hash identifier: t7UlnQocf7dj6frvLiPziQOHN1VZJ8I61FGZRWdOroI=
Subject key identifier: 89:BF:CD:AA:25:FC:3E:4A:89:15:AA:73:D3:C4:AA:88:5F:BE:1F:28
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2F8D395521B4A8CBE6F9EA169F443
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ib_NqiX8PkqJFapz08SqiF--Hyg.roa
Signing time: Thu 02 Jan 2025 01:48:16 +0000
ROA not before: Thu 02 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201315
IP address blocks: 85.254.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:f8:d3:95:52:1b:4a:8c:be:6f:9e:a1:69:f4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89bfcdaa25fc3e4a8915aa73d3c4aa885fbe1f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:96:4a:0a:52:3a:fc:33:b1:1a:76:63:31:d5:
fa:1b:5a:44:f2:07:02:be:13:29:b4:76:4b:ad:22:
da:60:62:7f:ff:fd:26:54:d3:c6:60:25:27:49:ef:
e6:9a:06:84:c9:98:99:92:f7:3e:2e:9c:9e:bb:65:
72:2f:63:28:7c:b2:fb:4e:9d:f9:39:c1:95:2e:45:
bb:cd:53:48:48:23:36:c6:36:aa:7d:65:15:e0:13:
30:6f:2f:90:7c:a3:44:9f:35:48:12:7f:00:a3:94:
31:90:12:52:bd:57:e1:64:79:e8:50:d3:85:2a:b4:
36:77:fe:d6:e0:20:97:a3:dc:0e:da:d6:c7:a4:d6:
05:0c:89:59:e0:7e:55:83:90:ac:a3:40:70:da:3f:
ce:b3:18:5b:72:1a:8b:56:12:ef:22:f8:43:83:ee:
1b:59:34:7a:6c:aa:12:66:62:09:fe:c5:6e:c3:fd:
62:dd:8a:99:80:4a:a6:53:84:31:77:a2:92:d4:ca:
b5:6e:81:de:0b:17:c2:78:e7:55:44:3f:51:ac:92:
aa:3e:9d:b5:1d:41:0e:ca:31:4e:6b:5b:2f:de:bc:
d9:30:ce:cd:c8:b8:0f:5d:63:83:7a:cf:b4:7d:4b:
ca:7a:c5:c5:5d:8c:0b:09:ae:5b:4a:ec:bd:04:9c:
dd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BF:CD:AA:25:FC:3E:4A:89:15:AA:73:D3:C4:AA:88:5F:BE:1F:28
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ib_NqiX8PkqJFapz08SqiF--Hyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.48.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:a4:55:96:78:f3:88:00:4c:ff:30:78:20:83:0f:8d:61:8b:
35:ca:c2:20:bc:bf:41:da:4b:c7:33:4b:3f:28:80:8f:60:fb:
c9:96:dd:71:19:ba:4e:c3:2f:ff:80:88:b3:5a:a7:30:59:d6:
24:8a:b7:88:f9:8a:48:53:aa:52:7c:81:16:e1:1e:93:74:7b:
e6:83:61:60:ed:40:a3:be:7e:66:57:4e:68:31:e1:f5:ea:67:
6c:86:af:af:12:0f:6c:5d:78:09:4a:88:84:71:2e:d5:74:89:
4e:8d:79:a4:63:bb:72:7c:b6:cf:55:79:c3:ad:df:fe:dc:95:
0b:ce:c9:01:5a:69:22:2c:40:df:bb:f5:69:36:12:a9:ac:5e:
16:b6:fc:61:fb:81:2c:6f:4b:04:e5:32:f7:df:51:6d:ce:74:
2a:bc:78:59:d0:da:f1:ce:54:30:ca:49:af:11:bc:c3:09:21:
f7:15:27:8a:83:48:d9:6f:d1:25:91:ef:66:e1:f4:f9:22:f4:
df:9d:2b:28:ac:c4:4a:ed:1c:3b:27:2e:6e:75:6f:d7:f7:b3:
cd:ad:cc:21:fc:5d:28:bb:35:5c:01:f8:8a:8d:5c:41:b8:da:
73:76:a1:33:8a:20:ca:79:ce:38:88:c0:9f:42:f4:bf:5d:94:
e5:da:a5:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksvjTlVIbSoy+b56hafRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJmY2RhYTI1ZmMzZTRhODkxNWFhNzNkM2M0YWE4ODVmYmUxZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZZKClI6/DOxGnZjMdX6G1pE8gcC
vhMptHZLrSLaYGJ///0mVNPGYCUnSe/mmgaEyZiZkvc+Lpyeu2VyL2MofLL7Tp35
OcGVLkW7zVNISCM2xjaqfWUV4BMwby+QfKNEnzVIEn8Ao5QxkBJSvVfhZHnoUNOF
KrQ2d/7W4CCXo9wO2tbHpNYFDIlZ4H5Vg5Cso0Bw2j/OsxhbchqLVhLvIvhDg+4b
WTR6bKoSZmIJ/sVuw/1i3YqZgEqmU4Qxd6KS1Mq1boHeCxfCeOdVRD9RrJKqPp21
HUEOyjFOa1sv3rzZMM7NyLgPXWODes+0fUvKesXFXYwLCa5bSuy9BJzdewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIm/zaol/D5KiRWqc9PEqohfvh8oMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaWJfTnFpWDhQa3FKRmFwejA4U3FpRi0tSHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf4wMA0G
CSqGSIb3DQEBCwUAA4IBAQDIpFWWePOIAEz/MHgggw+NYYs1ysIgvL9B2kvHM0s/
KICPYPvJlt1xGbpOwy//gIizWqcwWdYkireI+YpIU6pSfIEW4R6TdHvmg2Fg7UCj
vn5mV05oMeH16mdshq+vEg9sXXgJSoiEcS7VdIlOjXmkY7tyfLbPVXnDrd/+3JUL
zskBWmkiLEDfu/VpNhKprF4Wtvxh+4Esb0sE5TL331FtznQqvHhZ0NrxzlQwykmv
EbzDCSH3FSeKg0jZb9Elke9m4fT5IvTfnSsorMRK7Rw7Jy5udW/X97PNrcwh/F0o
uzVcAfiKjVxBuNpzdqEziiDKec44iMCfQvS/XZTl2qU9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:06 2025 by rpki-client