Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_aJvQ_SUQkt2hMocarsuWl4tD-w.roa
File: _aJvQ_SUQkt2hMocarsuWl4tD-w.roa (raw, json)
Hash identifier: Hd/3Nd7v5uW0kYN4T8QY9A0sCOYf0ArQNgWmn/eu060=
Subject key identifier: FD:A2:6F:43:F4:94:42:4B:76:84:CA:1C:6A:BB:2E:5A:5E:2D:0F:EC
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019422FBD1AC5697F09D5607FB9D11E45CCD
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_aJvQ_SUQkt2hMocarsuWl4tD-w.roa
Signing time: Wed 01 Jan 2025 17:48:36 +0000
ROA not before: Wed 01 Jan 2025 17:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214382
IP address blocks: 85.235.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d1:ac:56:97:f0:9d:56:07:fb:9d:11:e4:5c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 17:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fda26f43f494424b7684ca1c6abb2e5a5e2d0fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:08:c8:42:f2:b0:ed:46:9a:6c:33:5d:a8:
4c:a2:56:72:aa:44:00:3f:2c:64:94:df:60:9f:f6:
b0:99:68:07:9b:d7:7f:08:65:9a:66:85:4d:26:ec:
f7:00:c0:07:85:ed:2b:05:b9:76:c9:3e:23:e2:5f:
fe:33:c6:cb:61:ae:6f:8c:e4:9e:da:88:2e:03:22:
d1:b6:9f:33:e1:8b:27:ab:94:9e:46:30:4d:23:51:
98:4e:27:2f:7a:a5:1c:30:a0:41:4c:26:dc:a2:33:
df:a3:20:aa:e4:40:12:fa:35:56:93:89:a3:ef:2c:
9f:f8:31:cb:bf:ab:ab:1e:70:d9:d6:d8:ad:12:1f:
09:70:46:03:ed:be:ce:2f:d3:19:cc:f8:1a:31:d7:
e0:2c:31:5d:ab:1c:87:63:3b:b4:e2:59:11:10:82:
8b:5f:5b:88:80:a9:68:eb:2d:80:c7:4b:8b:a6:b8:
db:f9:92:a4:ef:e6:c2:76:79:02:86:5a:a1:4e:1b:
41:85:a5:0c:cd:6e:f4:9d:db:ac:38:1b:ad:51:80:
50:33:f4:9e:f8:86:67:7c:ca:14:ef:cf:45:26:fa:
1c:49:53:3c:03:80:d9:b1:e7:55:cf:d8:a5:73:2c:
7c:b8:0b:e1:7f:bd:b0:f5:8c:a6:37:ad:46:7f:f7:
a4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A2:6F:43:F4:94:42:4B:76:84:CA:1C:6A:BB:2E:5A:5E:2D:0F:EC
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_aJvQ_SUQkt2hMocarsuWl4tD-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.75.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:6e:68:29:c6:17:a9:df:a3:7c:ec:bc:cd:d3:cf:f6:6a:91:
5e:a1:0d:20:07:69:82:17:c9:21:0e:79:03:20:cd:9f:b6:7a:
95:37:a3:c9:67:30:50:d4:9d:84:b7:ff:5c:6f:cd:6b:1d:9a:
fd:da:1f:3a:b3:f7:d8:3d:28:fa:15:e5:64:e6:d2:9b:57:0e:
00:cf:d2:f8:9c:0d:48:0c:78:e8:ae:bc:76:00:24:f4:a2:5e:
4c:25:3e:f3:41:e9:33:fc:72:2c:b8:e6:a8:6e:39:05:02:c5:
3a:05:43:94:c2:54:cf:11:3a:fd:05:f5:ca:65:91:38:10:28:
55:cd:b8:62:27:48:15:fe:31:be:f8:88:f9:7a:3b:fb:95:50:
e6:52:be:87:2c:b6:39:7d:55:0d:f7:b2:dc:a7:e5:48:ea:9a:
fd:94:ad:91:4d:0d:e3:60:6f:79:d0:a3:d8:dc:79:7e:30:d4:
72:ef:32:8c:60:f1:a3:ad:a6:58:cb:93:ca:0f:81:a4:57:2b:
3f:32:6b:c2:19:0a:90:7b:85:85:ec:02:30:cf:a0:12:30:2e:
99:38:26:ab:a6:a9:f0:71:fb:59:ca:72:64:81:d9:5f:50:f0:
0d:3b:01:e9:a9:31:69:b1:92:16:3e:33:ff:64:e0:aa:89:78:
d9:5f:78:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+9GsVpfwnVYH+50R5FzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGEyNmY0M2Y0OTQ0MjRiNzY4NGNhMWM2YWJiMmU1YTVlMmQwZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZwIyELysO1GmmwzXahMolZyqkQA
PyxklN9gn/awmWgHm9d/CGWaZoVNJuz3AMAHhe0rBbl2yT4j4l/+M8bLYa5vjOSe
2oguAyLRtp8z4Ysnq5SeRjBNI1GYTicveqUcMKBBTCbcojPfoyCq5EAS+jVWk4mj
7yyf+DHLv6urHnDZ1titEh8JcEYD7b7OL9MZzPgaMdfgLDFdqxyHYzu04lkREIKL
X1uIgKlo6y2Ax0uLprjb+ZKk7+bCdnkChlqhThtBhaUMzW70ndusOButUYBQM/Se
+IZnfMoU789FJvocSVM8A4DZsedVz9ilcyx8uAvhf72w9YymN61Gf/ekcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2ib0P0lEJLdoTKHGq7LlpeLQ/sMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvX2FKdlFfU1VRa3QyaE1vY2Fyc3VXbDR0RC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVetLMA0G
CSqGSIb3DQEBCwUAA4IBAQC2bmgpxhep36N87LzN08/2apFeoQ0gB2mCF8khDnkD
IM2ftnqVN6PJZzBQ1J2Et/9cb81rHZr92h86s/fYPSj6FeVk5tKbVw4Az9L4nA1I
DHjorrx2ACT0ol5MJT7zQekz/HIsuOaobjkFAsU6BUOUwlTPETr9BfXKZZE4EChV
zbhiJ0gV/jG++Ij5ejv7lVDmUr6HLLY5fVUN97Lcp+VI6pr9lK2RTQ3jYG950KPY
3Hl+MNRy7zKMYPGjraZYy5PKD4GkVys/MmvCGQqQe4WF7AIwz6ASMC6ZOCarpqnw
cftZynJkgdlfUPANOwHpqTFpsZIWPjP/ZOCqiXjZX3hR
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:36:14 2025 by rpki-client