Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/XYqHeojhyaEPPXs5DEOHHetvPJc.roa
File: XYqHeojhyaEPPXs5DEOHHetvPJc.roa (raw, json)
Hash identifier: OF3yrYCdmmQfLrqWxUnLsAo+p0+Hp93IupqLeBwz9yM=
Subject key identifier: 5D:8A:87:7A:88:E1:C9:A1:0F:3D:7B:39:0C:43:87:1D:EB:6F:3C:97
Certificate issuer: /CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Certificate serial: 019425220B4442151765926D1760B05E255F
Authority key identifier: 52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/XYqHeojhyaEPPXs5DEOHHetvPJc.roa
Signing time: Thu 02 Jan 2025 03:49:35 +0000
ROA not before: Thu 02 Jan 2025 03:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35050
IP address blocks: 85.223.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0b:44:42:15:17:65:92:6d:17:60:b0:5e:25:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Validity
Not Before: Jan 2 03:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d8a877a88e1c9a10f3d7b390c43871deb6f3c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:50:78:b0:b4:47:c4:07:ad:d3:48:18:9a:dd:
fc:62:b4:56:91:5c:de:95:03:6f:4e:b4:c2:86:6e:
59:cb:db:b2:01:1d:53:0a:43:10:1b:5e:a9:83:af:
cd:70:f3:c1:79:71:19:dd:46:26:a5:b7:be:9f:0f:
9f:5c:77:49:8e:72:d3:57:3d:6c:bd:46:69:e3:cb:
d9:47:24:8c:55:47:17:1e:69:65:17:b8:cb:62:3c:
10:8d:4c:d9:51:d0:66:e2:1f:48:b0:83:79:1a:ea:
c4:46:99:ac:f4:78:97:1e:f5:86:78:98:6c:80:1d:
27:64:56:5e:4b:78:0a:26:2d:71:0a:b2:14:74:f7:
67:13:8c:3a:73:3a:d3:9b:43:31:bb:a9:eb:31:0b:
3b:a6:80:ba:19:b3:86:46:e8:c4:60:fc:88:9a:bf:
06:81:89:82:35:49:ec:d5:91:94:36:00:81:f9:0a:
df:b2:11:59:71:16:41:0e:19:8a:7e:57:d4:13:fa:
07:e8:e8:78:9e:07:e7:8e:a3:a5:83:42:24:01:a0:
85:26:81:c5:97:9c:b1:e5:89:0e:b9:12:bf:d5:c5:
26:57:a0:aa:34:25:f9:99:35:eb:60:24:53:49:82:
76:a2:12:e9:c6:4d:c7:2a:2e:e4:18:1c:71:96:cb:
d3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8A:87:7A:88:E1:C9:A1:0F:3D:7B:39:0C:43:87:1D:EB:6F:3C:97
X509v3 Authority Key Identifier:
keyid:52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/XYqHeojhyaEPPXs5DEOHHetvPJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.223.136.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:e1:c6:88:65:dd:09:43:c0:5a:45:c9:39:6f:f7:7f:04:23:
0f:f4:82:ba:86:34:67:bf:5b:26:4b:f6:a2:4e:21:4a:ec:29:
ab:d1:d9:c8:b1:58:48:c5:44:de:b6:85:63:a5:aa:0f:7a:f3:
a0:17:25:09:3f:ac:07:45:cd:58:69:71:07:d2:38:e3:3b:81:
cb:0b:97:c1:38:c1:6e:af:dd:a9:44:19:cf:ba:7f:e7:70:31:
aa:31:2e:57:2a:61:cc:23:63:f8:d5:1e:8b:ff:a3:dc:ba:31:
e0:47:a7:80:99:85:73:89:80:01:8f:32:dc:47:66:4d:a7:4a:
c8:38:0e:fd:b2:14:fb:30:ad:09:aa:8d:a8:2e:00:9f:3d:84:
4f:8b:fe:d6:d4:4d:74:8f:eb:15:f2:2c:a8:72:98:b4:8c:5c:
11:f1:cc:19:af:54:41:b0:51:cf:f0:c6:b0:85:06:91:be:44:
d5:af:e3:2f:f1:26:38:58:25:53:fb:05:56:ed:dc:f4:f3:04:
16:f1:67:fa:a8:32:cb:9e:73:2c:69:95:a6:17:01:05:53:44:
32:16:ec:8e:08:fe:8d:d3:c4:de:0d:0d:da:e0:b0:7d:10:69:
78:3e:18:13:b3:cd:12:b4:6c:f8:61:35:18:fd:f9:17:d8:dc:
39:5f:b1:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIgtEQhUXZZJtF2CwXiVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYjliOWUyNTY1ODBjNDM0NGJiMjQxNDQ1YjRkNTJlNTRm
ZGQ1MGIwHhcNMjUwMTAyMDM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhhODc3YTg4ZTFjOWExMGYzZDdiMzkwYzQzODcxZGViNmYzYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VB4sLRHxAet00gYmt38YrRWkVze
lQNvTrTChm5Zy9uyAR1TCkMQG16pg6/NcPPBeXEZ3UYmpbe+nw+fXHdJjnLTVz1s
vUZp48vZRySMVUcXHmllF7jLYjwQjUzZUdBm4h9IsIN5GurERpms9HiXHvWGeJhs
gB0nZFZeS3gKJi1xCrIUdPdnE4w6czrTm0Mxu6nrMQs7poC6GbOGRujEYPyImr8G
gYmCNUns1ZGUNgCB+QrfshFZcRZBDhmKflfUE/oH6Oh4ngfnjqOlg0IkAaCFJoHF
l5yx5YkOuRK/1cUmV6CqNCX5mTXrYCRTSYJ2ohLpxk3HKi7kGBxxlsvTUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2Kh3qI4cmhDz17OQxDhx3rbzyXMB8GA1UdIwQY
MBaAFFK5ueJWWAxDRLskFEW01S5U/dULMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAt
ZGUwNWM1NDA0NWJiLzEvWFlxSGVvamh5YUVQUFhzNURFT0hIZXR2UEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAtZGUwNWM1NDA0NWJi
LzEvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVd+IMA0G
CSqGSIb3DQEBCwUAA4IBAQBd4caIZd0JQ8BaRck5b/d/BCMP9IK6hjRnv1smS/ai
TiFK7Cmr0dnIsVhIxUTetoVjpaoPevOgFyUJP6wHRc1YaXEH0jjjO4HLC5fBOMFu
r92pRBnPun/ncDGqMS5XKmHMI2P41R6L/6PcujHgR6eAmYVziYABjzLcR2ZNp0rI
OA79shT7MK0Jqo2oLgCfPYRPi/7W1E10j+sV8iyocpi0jFwR8cwZr1RBsFHP8Maw
hQaRvkTVr+Mv8SY4WCVT+wVW7dz08wQW8Wf6qDLLnnMsaZWmFwEFU0QyFuyOCP6N
08TeDQ3a4LB9EGl4PhgTs80StGz4YTUY/fkX2Nw5X7H2
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:13 2025 by rpki-client