Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/819e39-c00c-49b0-a768-4406688eef85/1/OAHDY3Esd2bFMqfXH9wjGqOdXkA.roa
File: OAHDY3Esd2bFMqfXH9wjGqOdXkA.roa (raw, json)
Hash identifier: ezGRfrEUgs6GAni5G5KnMMu2HuLSOxs8x40d/tWUdSI=
Subject key identifier: 38:01:C3:63:71:2C:77:66:C5:32:A7:D7:1F:DC:23:1A:A3:9D:5E:40
Certificate issuer: /CN=74d34abbe9afba280432c2ab83898c7b950df7ac
Certificate serial: 019427B4A1A594C145170304E69DA68A246E
Authority key identifier: 74:D3:4A:BB:E9:AF:BA:28:04:32:C2:AB:83:89:8C:7B:95:0D:F7:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dNNKu-mvuigEMsKrg4mMe5UN96w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/819e39-c00c-49b0-a768-4406688eef85/1/OAHDY3Esd2bFMqfXH9wjGqOdXkA.roa
Signing time: Thu 02 Jan 2025 15:48:56 +0000
ROA not before: Thu 02 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212045
IP address blocks: 85.117.228.0/24 maxlen: 24
85.117.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:a1:a5:94:c1:45:17:03:04:e6:9d:a6:8a:24:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74d34abbe9afba280432c2ab83898c7b950df7ac
Validity
Not Before: Jan 2 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3801c363712c7766c532a7d71fdc231aa39d5e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d1:fa:d0:8e:b6:f5:e1:ee:5d:bc:8f:95:78:
e3:b2:6f:2e:ca:a0:e1:06:a7:27:2a:26:83:1d:d5:
78:d1:f0:27:2c:9f:a2:f5:3a:34:cf:a1:dc:44:96:
67:0b:e9:97:7a:7d:e5:b8:63:3c:7d:ec:85:77:50:
9b:77:f8:56:5a:3b:aa:4e:5a:d3:05:b0:40:3e:a1:
b8:c8:42:4b:55:17:5b:de:1b:79:f9:e7:10:ca:4b:
d1:fe:8e:c2:51:a5:37:20:f5:df:c8:d8:5f:36:9b:
70:04:53:d0:a5:f8:6c:2f:a3:fa:9d:0e:45:d8:58:
bd:9f:ca:b1:68:a4:54:1a:02:85:33:ca:d4:74:f1:
dd:e2:33:99:20:42:2a:10:7f:86:b2:6b:3b:a4:30:
85:42:4a:d4:61:9d:fd:00:3c:eb:a3:1e:14:9f:ab:
a4:00:64:44:cd:f8:af:62:23:64:79:51:32:07:15:
f8:63:4a:ea:19:79:10:07:1a:8d:b9:74:81:b1:5a:
61:15:dd:fe:20:f2:a3:89:00:05:ff:b6:e6:ed:a1:
69:ac:72:5a:e6:9d:a6:a6:3a:45:ef:11:e0:fa:dd:
31:b6:6a:70:9a:d7:5d:ea:99:ef:4f:d6:31:16:2e:
ca:09:80:cf:6a:5a:1a:ac:8c:a9:53:ba:d1:a7:e1:
51:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:01:C3:63:71:2C:77:66:C5:32:A7:D7:1F:DC:23:1A:A3:9D:5E:40
X509v3 Authority Key Identifier:
keyid:74:D3:4A:BB:E9:AF:BA:28:04:32:C2:AB:83:89:8C:7B:95:0D:F7:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNNKu-mvuigEMsKrg4mMe5UN96w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/819e39-c00c-49b0-a768-4406688eef85/1/OAHDY3Esd2bFMqfXH9wjGqOdXkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/819e39-c00c-49b0-a768-4406688eef85/1/dNNKu-mvuigEMsKrg4mMe5UN96w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.228.0/23
Signature Algorithm: sha256WithRSAEncryption
54:85:dc:c4:bd:6f:26:5a:b5:81:52:18:47:cd:46:c9:f8:66:
68:3e:ab:f6:cc:0a:94:22:63:26:9b:26:ac:03:9b:96:65:bf:
ee:57:db:50:94:f4:d0:5f:fb:08:dc:32:fd:d6:f6:a4:61:04:
ba:bd:8e:56:5f:da:4b:de:5e:aa:1d:d4:6e:ea:5b:ca:d4:da:
8d:2b:c2:59:40:9d:13:c4:ca:ac:42:d9:3c:06:03:a8:e0:b5:
da:a0:d9:df:a0:1c:ee:43:a5:d6:02:06:0b:ee:0c:36:f3:a7:
81:fe:7b:e4:71:1e:3c:98:cf:f6:bd:dc:b0:2c:45:6b:4a:d2:
e9:0a:74:84:dc:41:46:51:e3:72:9e:f2:f8:cb:44:d4:92:01:
e8:d0:09:78:23:7d:a1:51:6d:b8:61:99:cf:af:cf:dc:7e:75:
59:d7:f8:68:57:ad:d9:11:52:9c:46:c7:b4:d5:50:78:94:9e:
7d:cb:ac:0b:e2:72:9e:e2:22:42:c6:bb:3b:88:22:ba:7a:ce:
82:4a:01:28:f5:a6:43:45:3b:00:ed:a9:fb:32:84:5c:52:25:
98:84:c9:59:21:99:22:ba:22:8f:0a:8c:7e:08:f2:74:77:ff:
91:99:21:1b:88:5c:11:fa:ae:60:7a:e3:b1:1e:e1:81:ab:17:
c6:b2:d2:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntKGllMFFFwME5p2miiRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDM0YWJiZTlhZmJhMjgwNDMyYzJhYjgzODk4YzdiOTUw
ZGY3YWMwHhcNMjUwMTAyMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODAxYzM2MzcxMmM3NzY2YzUzMmE3ZDcxZmRjMjMxYWEzOWQ1ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dH60I629eHuXbyPlXjjsm8uyqDh
BqcnKiaDHdV40fAnLJ+i9To0z6HcRJZnC+mXen3luGM8feyFd1Cbd/hWWjuqTlrT
BbBAPqG4yEJLVRdb3ht5+ecQykvR/o7CUaU3IPXfyNhfNptwBFPQpfhsL6P6nQ5F
2Fi9n8qxaKRUGgKFM8rUdPHd4jOZIEIqEH+Gsms7pDCFQkrUYZ39ADzrox4Un6uk
AGREzfivYiNkeVEyBxX4Y0rqGXkQBxqNuXSBsVphFd3+IPKjiQAF/7bm7aFprHJa
5p2mpjpF7xHg+t0xtmpwmtdd6pnvT9YxFi7KCYDPaloarIypU7rRp+FRoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgBw2NxLHdmxTKn1x/cIxqjnV5AMB8GA1UdIwQY
MBaAFHTTSrvpr7ooBDLCq4OJjHuVDfesMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5OS3UtbXZ1aWdFTXNLcmc0bU1lNVVOOTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84MTllMzktYzAwYy00OWIwLWE3Njgt
NDQwNjY4OGVlZjg1LzEvT0FIRFkzRXNkMmJGTXFmWEg5d2pHcU9kWGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84MTllMzktYzAwYy00OWIwLWE3NjgtNDQwNjY4OGVlZjg1
LzEvZE5OS3UtbXZ1aWdFTXNLcmc0bU1lNVVOOTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVXXkMA0G
CSqGSIb3DQEBCwUAA4IBAQBUhdzEvW8mWrWBUhhHzUbJ+GZoPqv2zAqUImMmmyas
A5uWZb/uV9tQlPTQX/sI3DL91vakYQS6vY5WX9pL3l6qHdRu6lvK1NqNK8JZQJ0T
xMqsQtk8BgOo4LXaoNnfoBzuQ6XWAgYL7gw286eB/nvkcR48mM/2vdywLEVrStLp
CnSE3EFGUeNynvL4y0TUkgHo0Al4I32hUW24YZnPr8/cfnVZ1/hoV63ZEVKcRse0
1VB4lJ59y6wL4nKe4iJCxrs7iCK6es6CSgEo9aZDRTsA7an7MoRcUiWYhMlZIZki
uiKPCox+CPJ0d/+RmSEbiFwR+q5geuOxHuGBqxfGstL8
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:06:58 2025 by rpki-client