Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/dGrI4BE8oPWh3DjqR5EL1omnmFE.roa
File: dGrI4BE8oPWh3DjqR5EL1omnmFE.roa (raw, json)
Hash identifier: fh9dXwWPLeOX+9MGqs4zz/wpDF+snGcI3Q6bKbn3R34=
Subject key identifier: 74:6A:C8:E0:11:3C:A0:F5:A1:DC:38:EA:47:91:0B:D6:89:A7:98:51
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 019427B57F6FBD13DF742916B28100B9F814
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/dGrI4BE8oPWh3DjqR5EL1omnmFE.roa
Signing time: Thu 02 Jan 2025 15:49:53 +0000
ROA not before: Thu 02 Jan 2025 15:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 85.209.217.0/24 maxlen: 24
195.206.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:7f:6f:bd:13:df:74:29:16:b2:81:00:b9:f8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 2 15:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=746ac8e0113ca0f5a1dc38ea47910bd689a79851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:df:3b:7a:e5:ff:b7:84:71:de:57:6e:44:b6:
09:54:60:cd:dd:47:d6:45:00:e3:25:3b:bc:29:b9:
ff:f6:a9:40:c2:67:1d:41:20:9d:0b:fa:bf:97:57:
53:a4:06:da:47:46:80:38:07:a6:93:a2:e7:80:27:
5c:51:38:fe:39:64:a4:04:ef:05:85:77:f8:22:4f:
cb:cd:98:91:9a:e4:03:2d:03:12:97:9d:f2:40:44:
51:8d:77:75:e9:f3:ee:77:86:34:ba:69:4e:ad:39:
ff:cd:56:eb:63:f7:63:7a:8d:22:67:82:15:de:71:
08:14:83:8b:96:2d:d1:7a:be:e5:83:3d:ed:5f:b0:
49:c9:08:b8:ca:6e:a4:a5:47:1b:ce:5d:7a:bd:0d:
6d:0c:4f:50:3e:c9:94:ea:8e:d9:b2:da:3f:51:b6:
60:97:f7:70:06:7a:51:76:b0:96:b9:a1:61:ed:85:
ed:9f:bf:cc:30:0d:7e:0e:59:1d:e9:ea:44:d8:b5:
07:77:f3:2a:4f:a9:02:42:1c:71:63:9a:a7:b3:b2:
0e:09:49:1a:38:f9:16:5d:22:c6:4b:ef:c1:bb:35:
aa:d1:d2:53:67:f5:f1:21:83:f3:79:b0:0c:80:6a:
d4:e1:76:db:78:7a:b2:4b:c1:51:a2:b4:c5:14:63:
12:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6A:C8:E0:11:3C:A0:F5:A1:DC:38:EA:47:91:0B:D6:89:A7:98:51
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/dGrI4BE8oPWh3DjqR5EL1omnmFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.217.0/24
195.206.109.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ed:ee:f8:3f:c7:7f:d4:67:61:1f:0a:90:b5:a1:13:71:50:
29:0a:b6:33:38:bb:9e:db:e5:da:37:a3:18:c6:9d:37:00:d9:
e1:37:fc:ac:44:4b:87:43:be:f8:f7:5f:a2:f4:f3:36:fe:41:
e6:e7:98:34:69:ca:95:e9:fc:66:7b:c8:32:5c:3e:d5:19:bb:
cd:02:50:c3:1f:de:73:b1:be:b2:14:0b:cf:02:98:ab:ff:d5:
86:9b:76:69:ec:a0:11:7b:07:34:b1:f3:68:40:98:fa:7e:4e:
bb:6a:cc:f3:cc:ba:04:5a:2c:59:14:2b:f6:83:a4:9a:e2:26:
7c:c0:68:ff:f8:cd:0f:94:bb:9a:09:25:e9:64:ef:b5:af:f5:
ca:96:62:a5:f0:65:60:85:a3:78:d3:00:0c:f4:40:11:67:24:
9f:b2:57:7c:bb:40:93:81:90:d3:98:b5:55:6e:af:f4:5c:b4:
36:c7:13:aa:21:59:c5:7c:32:7d:dc:ca:cd:d7:30:23:6b:4f:
38:d6:7d:d4:48:d9:82:67:10:a3:91:51:00:42:85:72:d0:33:
e2:54:ab:61:a3:8c:29:65:4a:4d:cd:25:6f:3a:a3:b7:47:dc:
00:96:cc:04:49:18:44:58:dd:2d:a9:ee:ed:46:8e:1a:05:78:
12:90:43:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntX9vvRPfdCkWsoEAufgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjUwMTAyMTU0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDZhYzhlMDExM2NhMGY1YTFkYzM4ZWE0NzkxMGJkNjg5YTc5ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t87euX/t4Rx3lduRLYJVGDN3UfW
RQDjJTu8Kbn/9qlAwmcdQSCdC/q/l1dTpAbaR0aAOAemk6LngCdcUTj+OWSkBO8F
hXf4Ik/LzZiRmuQDLQMSl53yQERRjXd16fPud4Y0umlOrTn/zVbrY/djeo0iZ4IV
3nEIFIOLli3Rer7lgz3tX7BJyQi4ym6kpUcbzl16vQ1tDE9QPsmU6o7Zsto/UbZg
l/dwBnpRdrCWuaFh7YXtn7/MMA1+Dlkd6epE2LUHd/MqT6kCQhxxY5qns7IOCUka
OPkWXSLGS+/BuzWq0dJTZ/XxIYPzebAMgGrU4XbbeHqyS8FRorTFFGMSTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHRqyOARPKD1odw46keRC9aJp5hRMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZEdySTRCRThvUFdoM0RqcVI1RUwxb21ubUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVdHZAwQA
w85tMA0GCSqGSIb3DQEBCwUAA4IBAQBo7e74P8d/1GdhHwqQtaETcVApCrYzOLue
2+XaN6MYxp03ANnhN/ysREuHQ77491+i9PM2/kHm55g0acqV6fxme8gyXD7VGbvN
AlDDH95zsb6yFAvPApir/9WGm3Zp7KARewc0sfNoQJj6fk67aszzzLoEWixZFCv2
g6Sa4iZ8wGj/+M0PlLuaCSXpZO+1r/XKlmKl8GVghaN40wAM9EARZySfsld8u0CT
gZDTmLVVbq/0XLQ2xxOqIVnFfDJ93MrN1zAja0841n3USNmCZxCjkVEAQoVy0DPi
VKtho4wpZUpNzSVvOqO3R9wAlswESRhEWN0tqe7tRo4aBXgSkEOU
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:32:07 2025 by rpki-client