Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/nYixXNQ0XKj0qnHm5y5hTzYQVBo.roa
File: nYixXNQ0XKj0qnHm5y5hTzYQVBo.roa (raw, json)
Hash identifier: KOcQW1jQ5xzl2STbFIIoZ8lI1+0udq83HKLC6O571Rc=
Subject key identifier: 9D:88:B1:5C:D4:34:5C:A8:F4:AA:71:E6:E7:2E:61:4F:36:10:54:1A
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01945F7E2B1F538D775D2205028FD21463AD
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/nYixXNQ0XKj0qnHm5y5hTzYQVBo.roa
Signing time: Mon 13 Jan 2025 11:48:11 +0000
ROA not before: Mon 13 Jan 2025 11:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25098
IP address blocks: 85.8.144.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:7e:2b:1f:53:8d:77:5d:22:05:02:8f:d2:14:63:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 13 11:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d88b15cd4345ca8f4aa71e6e72e614f3610541a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:55:3d:99:bb:b3:4a:ae:eb:37:5e:cd:00:04:
f0:f7:97:d3:4d:94:3a:b9:1b:8f:01:69:2c:6b:b2:
c8:2e:ff:0e:7e:40:d3:0a:25:87:94:24:6c:e1:34:
df:36:74:5b:63:00:19:ec:73:34:7e:71:49:84:81:
18:6f:4b:23:df:75:b7:f2:cc:27:f2:46:44:94:58:
11:37:91:ce:bd:4e:2c:1f:1a:a3:5f:70:f8:c8:a8:
ab:58:b7:5e:77:3e:49:14:f0:9f:3d:d2:4a:70:ee:
15:34:e7:c2:10:6c:07:dd:ea:2c:54:c2:f7:27:33:
e6:ac:12:be:01:3e:2e:39:bf:c8:1b:55:e7:be:7a:
62:a9:ee:ff:52:4c:d5:9f:b0:05:0e:9c:b1:4a:a7:
04:0a:d4:8b:11:ad:64:93:e8:57:88:be:8e:34:88:
9c:23:7b:5f:9c:c1:c4:36:3e:ab:2e:ce:39:73:e7:
48:97:51:de:57:79:8c:fa:db:ef:d2:b1:d3:c9:33:
a5:61:28:c8:76:89:95:be:1f:a4:a9:21:33:08:fc:
5f:80:ae:b0:ca:9d:67:c4:ca:bf:f5:ce:d8:6c:3c:
01:20:69:6b:46:8b:39:5b:9f:9d:28:53:42:06:a8:
3a:1c:0a:1d:99:fc:41:fc:0f:39:15:f4:c6:15:6d:
93:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:88:B1:5C:D4:34:5C:A8:F4:AA:71:E6:E7:2E:61:4F:36:10:54:1A
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/nYixXNQ0XKj0qnHm5y5hTzYQVBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.144.0/22
188.119.68.0/22
212.107.4.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:72:ce:f7:76:2a:ed:f3:84:fa:1e:21:79:af:dd:21:60:e9:
1f:fd:90:7b:7e:be:69:7b:61:80:1f:16:df:3e:e4:b7:9d:00:
65:6d:c2:69:b8:7a:03:5d:f8:95:2d:21:f1:ca:24:b8:35:fb:
3a:36:df:de:02:7b:93:b6:b7:c9:d1:03:46:95:80:05:27:48:
93:cc:8b:95:c5:1a:31:c1:04:2a:7b:0b:50:ed:74:de:78:fd:
37:47:52:6c:2a:c4:4b:21:2c:29:71:d2:e5:b6:25:88:b5:80:
8b:04:1d:d3:2e:e9:a9:e5:cf:5c:17:8c:39:4c:9a:99:84:52:
b8:df:13:30:27:bb:b6:70:ed:29:9f:2c:7f:76:f2:b6:11:5f:
62:7d:c6:98:9f:78:aa:15:cd:11:15:64:cc:43:e2:dd:b8:f5:
71:ea:31:08:d2:d3:2c:a1:aa:2a:c2:de:38:d4:b4:ee:a9:c4:
09:10:39:55:db:b4:17:cb:cb:5e:cc:75:5a:ca:b2:1e:75:cf:
f0:1a:77:d4:52:2a:77:d7:2e:3f:8f:43:71:06:57:21:80:3e:
38:fb:74:16:ca:ae:c6:cc:46:cd:11:0b:97:c9:4b:a9:76:e5:
db:76:ef:49:82:0e:3d:27:3b:5a:9c:72:db:55:45:7c:d0:dc:
90:28:7a:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRffisfU413XSIFAo/SFGOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTEzMTE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg4YjE1Y2Q0MzQ1Y2E4ZjRhYTcxZTZlNzJlNjE0ZjM2MTA1NDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VU9mbuzSq7rN17NAATw95fTTZQ6
uRuPAWksa7LILv8OfkDTCiWHlCRs4TTfNnRbYwAZ7HM0fnFJhIEYb0sj33W38swn
8kZElFgRN5HOvU4sHxqjX3D4yKirWLdedz5JFPCfPdJKcO4VNOfCEGwH3eosVML3
JzPmrBK+AT4uOb/IG1Xnvnpiqe7/UkzVn7AFDpyxSqcECtSLEa1kk+hXiL6ONIic
I3tfnMHENj6rLs45c+dIl1HeV3mM+tvv0rHTyTOlYSjIdomVvh+kqSEzCPxfgK6w
yp1nxMq/9c7YbDwBIGlrRos5W5+dKFNCBqg6HAodmfxB/A85FfTGFW2TgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ2IsVzUNFyo9Kpx5ucuYU82EFQaMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvbllpeFhOUTBYS2owcW5IbTV5NWhUellRVkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVQiQAwQC
vHdEAwQC1GsEAwQC1HNkMA0GCSqGSIb3DQEBCwUAA4IBAQBOcs73dirt84T6HiF5
r90hYOkf/ZB7fr5pe2GAHxbfPuS3nQBlbcJpuHoDXfiVLSHxyiS4Nfs6Nt/eAnuT
trfJ0QNGlYAFJ0iTzIuVxRoxwQQqewtQ7XTeeP03R1JsKsRLISwpcdLltiWItYCL
BB3TLump5c9cF4w5TJqZhFK43xMwJ7u2cO0pnyx/dvK2EV9ifcaYn3iqFc0RFWTM
Q+LduPVx6jEI0tMsoaoqwt441LTuqcQJEDlV27QXy8tezHVayrIedc/wGnfUUip3
1y4/j0NxBlchgD44+3QWyq7GzEbNEQuXyUupduXbdu9Jgg49JztanHLbVUV80NyQ
KHqe
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:36:25 2025 by rpki-client