Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/0SWPLRWTYkJG7421JHXOtiDBZR4.roa
File: 0SWPLRWTYkJG7421JHXOtiDBZR4.roa (raw, json)
Hash identifier: 6unS6vuhfVD53i6+xoXsZBSCsuic5U4lcQX4ccwpcWM=
Subject key identifier: D1:25:8F:2D:15:93:62:42:46:EF:8D:B5:24:75:CE:B6:20:C1:65:1E
Certificate issuer: /CN=c8d5aa7034250ab1a8789ac86cc0eef3bfc9db5f
Certificate serial: 019427B4A359F25D8314F47339B938546521
Authority key identifier: C8:D5:AA:70:34:25:0A:B1:A8:78:9A:C8:6C:C0:EE:F3:BF:C9:DB:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/0SWPLRWTYkJG7421JHXOtiDBZR4.roa
Signing time: Thu 02 Jan 2025 15:48:57 +0000
ROA not before: Thu 02 Jan 2025 15:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12301
IP address blocks: 85.119.8.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:a3:59:f2:5d:83:14:f4:73:39:b9:38:54:65:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5aa7034250ab1a8789ac86cc0eef3bfc9db5f
Validity
Not Before: Jan 2 15:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1258f2d1593624246ef8db52475ceb620c1651e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:45:e5:c9:5f:5a:a7:77:ed:60:fb:bd:f3:23:
22:11:30:b3:c6:1d:9b:c1:50:e7:75:3a:33:ff:55:
2e:b2:e5:62:30:e0:89:79:20:e8:b4:45:23:db:a2:
1e:c9:aa:e6:7e:fb:ed:37:1f:10:ff:74:67:8f:b5:
0c:f6:2c:19:e9:19:e6:6c:85:86:a7:21:18:29:bd:
1b:a0:f0:d6:84:f4:f5:7e:e7:b1:c3:55:b4:63:54:
4b:a3:b8:66:f2:32:e8:45:95:07:ab:10:70:66:91:
be:58:dd:2f:ec:bb:67:76:fd:a8:b3:e8:37:b5:7b:
54:be:59:8f:15:42:fc:b3:b0:dd:84:a2:52:9e:2f:
88:ba:33:d8:3d:71:59:33:2f:88:a2:4e:a6:51:dd:
a5:2c:7a:d2:35:1d:b2:ee:20:de:0b:e0:d4:aa:8d:
bb:ae:0f:05:b9:56:f0:44:bc:10:58:ab:7d:2a:9e:
eb:18:83:18:a3:a3:83:f9:fb:c6:0d:55:9e:0a:0b:
ea:08:2c:77:7d:16:55:c4:0b:61:d0:02:0c:a6:5b:
84:4e:35:ef:20:37:f4:c8:52:28:76:b5:3b:b2:f4:
32:4d:9e:23:0e:49:28:e6:e9:01:5c:82:8f:b0:45:
9c:1f:1b:d9:d1:0b:0c:c4:bf:96:7a:7c:14:ac:34:
87:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:25:8F:2D:15:93:62:42:46:EF:8D:B5:24:75:CE:B6:20:C1:65:1E
X509v3 Authority Key Identifier:
keyid:C8:D5:AA:70:34:25:0A:B1:A8:78:9A:C8:6C:C0:EE:F3:BF:C9:DB:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/0SWPLRWTYkJG7421JHXOtiDBZR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/yNWqcDQlCrGoeJrIbMDu87_J218.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.8.0/21
Signature Algorithm: sha256WithRSAEncryption
99:6e:24:0f:62:f7:22:ea:a3:64:19:da:93:96:4e:8d:85:46:
86:43:7b:80:6e:b1:0b:59:e9:35:61:f3:37:c7:9d:2f:58:d7:
ef:50:94:25:32:4b:44:04:d2:e1:b5:28:53:c4:36:b8:35:78:
3e:69:3f:d0:01:93:bc:2c:37:c5:45:93:c4:a4:93:98:50:52:
58:60:86:2b:ba:52:01:38:08:82:ca:28:1c:0f:b4:63:9f:b2:
48:72:ae:f0:05:e4:04:5a:dd:52:fc:b1:c0:c9:26:1f:7b:b4:
09:f5:74:0e:22:11:f9:fb:61:53:c9:a5:25:c1:7a:7c:d1:b6:
f6:87:94:a5:35:05:12:22:71:7b:ff:6c:4e:80:f1:4d:ef:84:
4c:cf:52:72:6a:3b:e2:04:fa:a1:17:69:ae:fb:ea:3f:f1:20:
0c:48:f4:c6:6d:92:47:b1:a0:ec:fb:02:07:02:29:46:0e:54:
85:63:01:45:a6:cb:dc:99:0c:fd:5d:14:2e:bf:19:f8:96:d2:
8d:cb:f6:a3:9e:6d:39:a7:ca:21:bb:ac:56:31:53:8e:eb:5e:
01:75:52:7e:7c:ef:e7:86:74:ec:6b:0b:fd:e8:e6:55:fe:4d:
47:ed:40:30:8d:8b:69:3c:cc:13:ec:16:72:9b:3d:67:d4:4c:
89:94:b0:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntKNZ8l2DFPRzObk4VGUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVhYTcwMzQyNTBhYjFhODc4OWFjODZjYzBlZWYzYmZj
OWRiNWYwHhcNMjUwMTAyMTU0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTI1OGYyZDE1OTM2MjQyNDZlZjhkYjUyNDc1Y2ViNjIwYzE2NTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0XlyV9ap3ftYPu98yMiETCzxh2b
wVDndToz/1UusuViMOCJeSDotEUj26IeyarmfvvtNx8Q/3Rnj7UM9iwZ6RnmbIWG
pyEYKb0boPDWhPT1fuexw1W0Y1RLo7hm8jLoRZUHqxBwZpG+WN0v7Ltndv2os+g3
tXtUvlmPFUL8s7DdhKJSni+IujPYPXFZMy+Iok6mUd2lLHrSNR2y7iDeC+DUqo27
rg8FuVbwRLwQWKt9Kp7rGIMYo6OD+fvGDVWeCgvqCCx3fRZVxAth0AIMpluETjXv
IDf0yFIodrU7svQyTZ4jDkko5ukBXIKPsEWcHxvZ0QsMxL+WenwUrDSHvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEljy0Vk2JCRu+NtSR1zrYgwWUeMB8GA1UdIwQY
MBaAFMjVqnA0JQqxqHiayGzA7vO/ydtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5XcWNEUWxDckdvZUpySWJNRHU4N19KMjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yZDQ5MGMtNmZmOC00NzFkLTk3ZDIt
MmQ3MmYyMzE5M2RiLzEvMFNXUExSV1RZa0pHNzQyMUpIWE90aURCWlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yZDQ5MGMtNmZmOC00NzFkLTk3ZDItMmQ3MmYyMzE5M2Ri
LzEveU5XcWNEUWxDckdvZUpySWJNRHU4N19KMjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVXcIMA0G
CSqGSIb3DQEBCwUAA4IBAQCZbiQPYvci6qNkGdqTlk6NhUaGQ3uAbrELWek1YfM3
x50vWNfvUJQlMktEBNLhtShTxDa4NXg+aT/QAZO8LDfFRZPEpJOYUFJYYIYrulIB
OAiCyigcD7Rjn7JIcq7wBeQEWt1S/LHAySYfe7QJ9XQOIhH5+2FTyaUlwXp80bb2
h5SlNQUSInF7/2xOgPFN74RMz1JyajviBPqhF2mu++o/8SAMSPTGbZJHsaDs+wIH
AilGDlSFYwFFpsvcmQz9XRQuvxn4ltKNy/ajnm05p8ohu6xWMVOO614BdVJ+fO/n
hnTsawv96OZV/k1H7UAwjYtpPMwT7BZymz1n1EyJlLA2
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:15:14 2025 by rpki-client