Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/rUx3I9NPIYpW-VhDccZrskqkFcE.roa
File: rUx3I9NPIYpW-VhDccZrskqkFcE.roa (raw, json)
Hash identifier: 9GGmZ3LuuR0FkfzP+/9Hc0GCAZPS8YpdkkA652I1420=
Subject key identifier: AD:4C:77:23:D3:4F:21:8A:56:F9:58:43:71:C6:6B:B2:4A:A4:15:C1
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B302D6754860CFD2C2996D3844B18C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/rUx3I9NPIYpW-VhDccZrskqkFcE.roa
Signing time: Thu 02 Jan 2025 01:48:19 +0000
ROA not before: Thu 02 Jan 2025 01:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215712
IP address blocks: 85.254.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:02:d6:75:48:60:cf:d2:c2:99:6d:38:44:b1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad4c7723d34f218a56f9584371c66bb24aa415c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:aa:16:11:bd:57:d8:ae:a8:a6:5e:a5:32:5d:
13:89:86:91:e7:e3:6c:4b:be:b6:20:05:e2:36:23:
1d:ae:78:92:27:1c:6a:f2:ce:b0:9e:d6:15:12:ed:
07:7e:77:ee:61:1b:1d:7f:08:45:24:82:d1:b4:77:
52:4a:ab:65:0c:90:c7:03:d6:7b:9e:00:65:3b:80:
ce:77:07:81:69:34:e0:f3:31:e1:bc:0b:05:c8:5b:
e2:fc:1d:45:48:03:de:7a:62:26:2d:80:9f:46:05:
0d:d2:4e:99:c0:6b:5f:05:12:5b:49:05:04:1f:14:
be:99:c8:ed:f4:71:ce:07:00:58:7b:b9:5d:f9:70:
e4:39:24:80:58:c0:31:e8:4f:ef:2b:36:45:e6:7f:
cc:8d:3c:a6:03:c5:1b:dd:77:9a:8f:6e:39:de:85:
34:2a:bd:73:0f:fb:cb:ce:17:30:1d:ec:b4:17:d4:
2d:92:af:9f:9a:64:dc:87:ed:22:1e:a4:d1:b6:31:
30:14:12:0f:e0:b6:da:e3:5a:ed:0f:e8:60:36:9e:
8f:fa:58:a7:28:29:84:14:43:c8:77:89:6d:81:23:
cc:57:04:2f:a8:b0:a5:d2:0b:fd:22:79:14:39:6d:
f2:93:6c:ab:b4:cc:10:1e:15:85:8a:b9:d5:32:60:
73:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4C:77:23:D3:4F:21:8A:56:F9:58:43:71:C6:6B:B2:4A:A4:15:C1
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/rUx3I9NPIYpW-VhDccZrskqkFcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.127.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:dd:1b:cb:c0:71:70:75:2f:66:48:25:d3:14:f5:31:b1:2d:
a7:c4:b7:25:d3:16:78:31:22:d4:b7:6e:77:7a:39:22:42:03:
7b:7e:1f:db:88:eb:39:ce:e6:e1:04:e3:2b:bc:3b:35:21:ec:
87:37:79:bb:a0:a0:80:10:97:47:33:14:bf:a8:ca:0a:b9:dd:
d3:08:1d:72:ed:0c:71:9e:26:b3:0c:77:79:11:e2:4b:0a:a5:
f2:bf:73:37:c1:2e:d1:db:46:cb:61:2a:98:f2:f4:2d:f9:b8:
41:38:17:65:74:39:66:97:86:fc:25:e6:25:7d:3a:ca:56:30:
d8:ae:24:49:8e:b7:e9:68:bc:55:f6:bc:b2:d5:b3:c6:db:24:
07:d2:85:9c:06:4f:51:e0:a8:6e:6c:74:ba:97:f5:bd:09:34:
45:c7:4d:ba:cc:e5:b0:56:8c:0b:e8:d1:c8:87:51:aa:e8:d1:
b9:95:c4:39:81:d6:a3:bb:25:f6:ec:7c:ac:55:78:24:22:6a:
54:6f:75:71:69:a6:84:6a:53:0a:b5:37:62:5e:f4:34:f2:ee:
e7:22:3e:c1:eb:0f:e7:2c:60:31:c8:e0:b9:ed:a2:c5:c4:02:
19:a4:88:a5:7c:7c:32:3e:93:54:4c:04:a6:6f:83:ff:0f:28:
16:62:e3:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkswLWdUhgz9LCmW04RLGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDRjNzcyM2QzNGYyMThhNTZmOTU4NDM3MWM2NmJiMjRhYTQxNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aoWEb1X2K6opl6lMl0TiYaR5+Ns
S762IAXiNiMdrniSJxxq8s6wntYVEu0HfnfuYRsdfwhFJILRtHdSSqtlDJDHA9Z7
ngBlO4DOdweBaTTg8zHhvAsFyFvi/B1FSAPeemImLYCfRgUN0k6ZwGtfBRJbSQUE
HxS+mcjt9HHOBwBYe7ld+XDkOSSAWMAx6E/vKzZF5n/MjTymA8Ub3Xeaj2453oU0
Kr1zD/vLzhcwHey0F9Qtkq+fmmTch+0iHqTRtjEwFBIP4Lba41rtD+hgNp6P+lin
KCmEFEPId4ltgSPMVwQvqLCl0gv9InkUOW3yk2yrtMwQHhWFirnVMmBzGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1MdyPTTyGKVvlYQ3HGa7JKpBXBMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvclV4M0k5TlBJWXBXLVZoRGNjWnJza3FrRmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf5/MA0G
CSqGSIb3DQEBCwUAA4IBAQCL3RvLwHFwdS9mSCXTFPUxsS2nxLcl0xZ4MSLUt253
ejkiQgN7fh/biOs5zubhBOMrvDs1IeyHN3m7oKCAEJdHMxS/qMoKud3TCB1y7Qxx
niazDHd5EeJLCqXyv3M3wS7R20bLYSqY8vQt+bhBOBdldDlml4b8JeYlfTrKVjDY
riRJjrfpaLxV9ryy1bPG2yQH0oWcBk9R4KhubHS6l/W9CTRFx026zOWwVowL6NHI
h1Gq6NG5lcQ5gdajuyX27HysVXgkImpUb3VxaaaEalMKtTdiXvQ08u7nIj7B6w/n
LGAxyOC57aLFxAIZpIilfHwyPpNUTASmb4P/DygWYuPw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:45 2025 by rpki-client