Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/hU1wod77MfEC350xRthoMBa5DB4.roa
File: hU1wod77MfEC350xRthoMBa5DB4.roa (raw, json)
Hash identifier: EKwRQ6dRPfAhWc09wxekuhlQAWyc+vBh11nX7qZiNHo=
Subject key identifier: 85:4D:70:A1:DE:FB:31:F1:02:DF:9D:31:46:D8:68:30:16:B9:0C:1E
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 019425FCB5D41FA49F7B7C470767FDD85CF4
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/hU1wod77MfEC350xRthoMBa5DB4.roa
Signing time: Thu 02 Jan 2025 07:48:26 +0000
ROA not before: Thu 02 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202162
IP address blocks: 85.232.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b5:d4:1f:a4:9f:7b:7c:47:07:67:fd:d8:5c:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=854d70a1defb31f102df9d3146d8683016b90c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:46:95:83:ee:ce:f3:d2:35:65:db:e4:de:b7:
78:6e:18:f8:41:43:94:8f:6e:e4:98:00:b5:f2:f4:
0c:f5:e1:e5:8f:64:de:4c:f0:98:26:37:86:08:e7:
65:5f:61:d7:0b:ce:f5:c4:58:9b:d0:f4:77:a6:8b:
c7:ed:ec:75:c1:12:74:ff:23:c3:f6:bf:47:65:fd:
e1:e7:4f:28:af:e7:3e:e3:6d:fa:e7:45:47:0d:da:
7f:13:c8:bd:c0:66:f7:de:8e:f0:da:6d:1f:ad:5f:
54:c5:16:ec:05:c2:e2:f6:93:16:0e:8e:5c:26:41:
15:ea:c2:6e:3c:0e:77:1f:68:54:de:7d:17:b6:b7:
bd:85:6e:02:52:8b:1e:cd:4a:17:9d:de:17:de:0f:
f3:59:c1:76:cb:77:4d:03:f4:52:0c:f0:0e:e8:b0:
e1:c9:b1:31:08:98:15:39:85:b3:5f:7d:51:36:d2:
4a:4e:45:c3:ce:d6:7f:34:75:f1:23:2c:c2:63:aa:
6d:9b:54:6c:fa:64:65:ae:86:13:a1:a2:c6:c6:7d:
e2:fa:ae:13:6d:ac:f3:7c:0d:36:09:5b:e7:3e:35:
2a:ec:36:5d:0a:17:ab:a2:75:4b:6a:33:12:db:8b:
35:c4:49:d2:4b:c2:9b:47:97:e5:b3:db:42:e0:3d:
88:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4D:70:A1:DE:FB:31:F1:02:DF:9D:31:46:D8:68:30:16:B9:0C:1E
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/hU1wod77MfEC350xRthoMBa5DB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.232.236.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:98:7f:50:01:d6:24:10:c5:51:1f:a6:d4:c6:a9:cf:dd:f9:
0d:86:a0:cc:58:06:63:dc:c1:ff:47:c2:bc:45:de:92:cd:ce:
3d:ea:77:d3:3a:30:3c:46:0b:24:6e:68:5f:a2:4e:81:8f:68:
22:ff:f3:ca:28:54:b6:99:e8:9d:37:b0:e4:c4:4a:70:2b:d6:
bc:85:b6:17:c9:84:5a:35:b9:87:8a:9b:af:49:25:33:81:eb:
4b:19:af:e1:46:b1:7d:92:67:e3:6a:4e:16:f7:c7:a5:83:d7:
9d:84:04:fb:ea:80:14:1b:9b:76:5f:ec:c7:12:1d:16:25:ca:
fc:2e:64:5c:d6:96:79:fb:91:cb:55:a3:08:42:2a:dd:4f:aa:
46:60:23:d9:d1:3f:21:eb:cd:fb:67:4d:4c:ea:66:9a:46:89:
2a:95:b4:74:24:2b:19:ad:4e:a6:a4:10:21:d8:ee:39:76:3c:
78:5d:0c:8c:16:0c:fb:f7:34:70:ba:62:29:55:c5:43:b1:df:
c2:17:eb:5b:02:0a:c7:61:c9:3d:04:8f:5b:c6:dc:76:c4:18:
95:ac:ed:2c:bd:63:da:7b:32:a9:9c:6a:96:9a:52:6b:06:72:
75:af:54:1a:41:a6:63:ce:4c:74:13:b2:20:30:0e:4c:21:0a:
cc:32:51:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/LXUH6Sfe3xHB2f92Fz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjUwMTAyMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTRkNzBhMWRlZmIzMWYxMDJkZjlkMzE0NmQ4NjgzMDE2YjkwYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EaVg+7O89I1Zdvk3rd4bhj4QUOU
j27kmAC18vQM9eHlj2TeTPCYJjeGCOdlX2HXC871xFib0PR3povH7ex1wRJ0/yPD
9r9HZf3h508or+c+423650VHDdp/E8i9wGb33o7w2m0frV9UxRbsBcLi9pMWDo5c
JkEV6sJuPA53H2hU3n0Xtre9hW4CUosezUoXnd4X3g/zWcF2y3dNA/RSDPAO6LDh
ybExCJgVOYWzX31RNtJKTkXDztZ/NHXxIyzCY6ptm1Rs+mRlroYToaLGxn3i+q4T
bazzfA02CVvnPjUq7DZdCheronVLajMS24s1xEnSS8KbR5fls9tC4D2ItQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVNcKHe+zHxAt+dMUbYaDAWuQweMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvaFUxd29kNzdNZkVDMzUweFJ0aG9NQmE1REI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVejsMA0G
CSqGSIb3DQEBCwUAA4IBAQBOmH9QAdYkEMVRH6bUxqnP3fkNhqDMWAZj3MH/R8K8
Rd6Szc496nfTOjA8Rgskbmhfok6Bj2gi//PKKFS2meidN7DkxEpwK9a8hbYXyYRa
NbmHipuvSSUzgetLGa/hRrF9kmfjak4W98elg9edhAT76oAUG5t2X+zHEh0WJcr8
LmRc1pZ5+5HLVaMIQirdT6pGYCPZ0T8h6837Z01M6maaRokqlbR0JCsZrU6mpBAh
2O45djx4XQyMFgz79zRwumIpVcVDsd/CF+tbAgrHYck9BI9bxtx2xBiVrO0svWPa
ezKpnGqWmlJrBnJ1r1QaQaZjzkx0E7IgMA5MIQrMMlHr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:07 2025 by rpki-client