Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/d-S7YgetzEwMrrxbSdTzmhWIDOU.roa
File: d-S7YgetzEwMrrxbSdTzmhWIDOU.roa (raw, json)
Hash identifier: 3G/Eu15jWX5wqv+LVcJ9iVdKlsYAltsvYTFwqOC6jKg=
Subject key identifier: 77:E4:BB:62:07:AD:CC:4C:0C:AE:BC:5B:49:D4:F3:9A:15:88:0C:E5
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 01942747E259DDE646C2EE798A8125894F96
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/d-S7YgetzEwMrrxbSdTzmhWIDOU.roa
Signing time: Thu 02 Jan 2025 13:50:09 +0000
ROA not before: Thu 02 Jan 2025 13:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207710
IP address blocks: 85.28.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e2:59:dd:e6:46:c2:ee:79:8a:81:25:89:4f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 2 13:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77e4bb6207adcc4c0caebc5b49d4f39a15880ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:66:37:e6:4b:1d:4f:39:c3:5f:9a:1e:67:f7:
0d:c8:33:54:14:85:d2:f4:bb:ce:b1:fa:ae:04:03:
d8:5c:79:08:cc:19:26:b8:83:91:b3:11:e1:79:1b:
76:7f:41:f1:f2:6f:fa:ca:cd:38:ef:cc:2e:de:9e:
43:d4:19:be:f7:a8:9d:f4:8e:06:8c:3f:ad:91:a6:
1e:df:74:97:0c:61:0b:77:ba:c5:27:7b:cc:65:b8:
60:ca:80:08:3b:ec:04:49:03:c1:39:4a:37:96:df:
3c:f2:bc:fd:ca:23:ae:57:09:fe:c0:dd:5a:5b:c2:
1f:f7:25:6d:a9:35:a0:57:c4:82:dd:d5:ba:25:f9:
6e:0f:86:cb:d4:9b:98:45:ea:72:11:d5:22:8c:2c:
f4:4b:d3:e9:9c:43:ca:67:df:72:7f:6d:37:bd:d1:
31:78:48:3a:21:37:f4:3c:44:e5:d8:ef:21:df:5a:
31:21:50:b6:d4:8f:3d:66:a3:c8:b0:32:0c:0d:f7:
11:01:0b:b9:32:1c:ca:31:0f:bc:2b:09:a6:32:ca:
ca:8c:60:1a:42:0a:d3:39:a6:01:41:67:fb:0b:cb:
c9:e1:05:62:9f:42:eb:40:3b:db:61:78:14:45:42:
0f:9c:cf:09:b8:92:e7:05:1c:10:32:8b:7e:eb:0d:
34:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E4:BB:62:07:AD:CC:4C:0C:AE:BC:5B:49:D4:F3:9A:15:88:0C:E5
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/d-S7YgetzEwMrrxbSdTzmhWIDOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.59.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:ba:76:7a:bb:40:a4:1b:e4:51:0d:d6:ab:f8:db:f4:48:25:
f5:1d:92:90:3e:9c:19:47:3e:7d:46:34:eb:86:19:1e:ea:02:
d7:b3:74:b6:7a:02:9f:99:99:e1:c1:6e:3b:cb:89:6b:fc:39:
6f:6c:36:90:00:fa:59:cc:95:e5:19:60:15:1f:ae:b1:51:fc:
5c:3e:ef:76:13:51:73:2d:5d:ca:83:b4:c0:09:59:62:08:18:
3b:eb:fd:7b:18:b0:92:c0:d5:bf:a9:cb:06:e6:8e:1b:28:0d:
2f:63:46:9b:86:d6:b6:e2:e3:86:e0:6b:9d:41:4d:7c:5d:fc:
8d:c9:4d:4b:a3:bd:0e:87:73:f7:36:89:86:4b:5b:a3:bf:d8:
6b:ab:ff:68:8e:5c:cb:93:6c:7f:84:c4:d1:ef:71:f7:80:2c:
8c:19:6c:1c:96:8e:d8:53:0c:22:46:0a:29:59:03:68:d3:b9:
7c:d1:79:eb:59:95:78:06:05:79:d0:bf:5b:bf:75:1f:72:39:
98:80:dd:a9:9b:4c:81:2b:e5:06:c7:1c:9d:ef:6f:62:8f:8a:
54:f5:45:04:dd:c5:b7:15:37:29:b3:e6:d1:35:35:98:85:b7:
cf:03:9e:52:46:93:17:aa:ae:9b:d3:98:54:13:8d:bc:28:32:
66:58:bf:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR+JZ3eZGwu55ioEliU+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjUwMTAyMTM1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2U0YmI2MjA3YWRjYzRjMGNhZWJjNWI0OWQ0ZjM5YTE1ODgwY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomY35ksdTznDX5oeZ/cNyDNUFIXS
9LvOsfquBAPYXHkIzBkmuIORsxHheRt2f0Hx8m/6ys0478wu3p5D1Bm+96id9I4G
jD+tkaYe33SXDGELd7rFJ3vMZbhgyoAIO+wESQPBOUo3lt888rz9yiOuVwn+wN1a
W8If9yVtqTWgV8SC3dW6JfluD4bL1JuYRepyEdUijCz0S9PpnEPKZ99yf203vdEx
eEg6ITf0PETl2O8h31oxIVC21I89ZqPIsDIMDfcRAQu5MhzKMQ+8KwmmMsrKjGAa
QgrTOaYBQWf7C8vJ4QVin0LrQDvbYXgURUIPnM8JuJLnBRwQMot+6w007wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfku2IHrcxMDK68W0nU85oViAzlMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvZC1TN1lnZXR6RXdNcnJ4YlNkVHptaFdJRE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVRw7MA0G
CSqGSIb3DQEBCwUAA4IBAQCpunZ6u0CkG+RRDdar+Nv0SCX1HZKQPpwZRz59RjTr
hhke6gLXs3S2egKfmZnhwW47y4lr/DlvbDaQAPpZzJXlGWAVH66xUfxcPu92E1Fz
LV3Kg7TACVliCBg76/17GLCSwNW/qcsG5o4bKA0vY0abhta24uOG4GudQU18XfyN
yU1Lo70Oh3P3NomGS1ujv9hrq/9ojlzLk2x/hMTR73H3gCyMGWwclo7YUwwiRgop
WQNo07l80XnrWZV4BgV50L9bv3UfcjmYgN2pm0yBK+UGxxyd729ij4pU9UUE3cW3
FTcps+bRNTWYhbfPA55SRpMXqq6b05hUE428KDJmWL/7
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:49:36 2025 by rpki-client