Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d7aed8-4a41-4df1-ae87-ee370ac6190b/1/DxiNJxmTHJKfRIijze68CeppnvY.roa
File: DxiNJxmTHJKfRIijze68CeppnvY.roa (raw, json)
Hash identifier: Zww2Mqqb7kTus45eT9kMjZpc6yuvN5cHTH+SeRORyGE=
Subject key identifier: 0F:18:8D:27:19:93:1C:92:9F:44:88:A3:CD:EE:BC:09:EA:69:9E:F6
Certificate issuer: /CN=53b7c7709ed6bdc3a295c7355a503eb8d61fd232
Certificate serial: 09D3DA7E
Authority key identifier: 53:B7:C7:70:9E:D6:BD:C3:A2:95:C7:35:5A:50:3E:B8:D6:1F:D2:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7fHcJ7WvcOilcc1WlA-uNYf0jI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/d7aed8-4a41-4df1-ae87-ee370ac6190b/1/DxiNJxmTHJKfRIijze68CeppnvY.roa
Signing time: Sat 01 Jan 2022 05:51:41 +0000
ROA not before: Sat 01 Jan 2022 05:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 85.8.154.0/24 maxlen: 24
85.8.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164878974 (0x9d3da7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b7c7709ed6bdc3a295c7355a503eb8d61fd232
Validity
Not Before: Jan 1 05:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f188d2719931c929f4488a3cdeebc09ea699ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ee:54:70:0a:89:0e:9d:0d:8d:a8:be:46:55:
3c:e0:51:ff:d6:2d:41:3d:ed:ed:a0:d1:47:1f:fd:
62:bd:30:e8:37:6d:61:36:8b:81:45:f9:ce:41:e9:
c9:d1:b5:6e:b2:f3:1f:f0:76:02:25:1c:70:07:7f:
0e:8e:d6:1d:3b:e9:5e:39:60:84:53:56:e5:88:ba:
b9:aa:7a:9e:78:49:d8:2e:75:ad:1d:b8:fb:b7:aa:
f9:24:99:53:47:d9:28:0d:0e:47:cd:35:7d:c3:c1:
e8:77:85:b0:a0:b4:a5:6b:9f:65:2d:d5:6d:2c:4d:
3e:99:56:f8:96:c9:c9:59:81:ea:58:d1:be:2a:da:
d6:28:80:16:76:d1:9c:32:9d:09:da:7c:61:17:d2:
83:fe:a4:27:3b:5f:05:8e:5b:f5:43:3c:af:51:1c:
57:ff:97:23:d2:67:f4:84:79:e4:6d:fd:4a:2d:47:
87:69:a0:15:b6:0f:d8:93:6e:f0:57:83:e9:d8:64:
c7:36:82:64:87:d9:38:b0:32:c5:72:66:e8:db:8a:
48:97:13:44:df:75:e7:6b:a6:7b:dd:9a:9d:d9:87:
aa:a1:9d:5e:c3:b2:c2:a0:d1:80:aa:65:45:16:81:
fb:b9:74:dd:43:c9:d9:1e:a2:79:ab:a8:74:07:61:
37:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:18:8D:27:19:93:1C:92:9F:44:88:A3:CD:EE:BC:09:EA:69:9E:F6
X509v3 Authority Key Identifier:
keyid:53:B7:C7:70:9E:D6:BD:C3:A2:95:C7:35:5A:50:3E:B8:D6:1F:D2:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7fHcJ7WvcOilcc1WlA-uNYf0jI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d7aed8-4a41-4df1-ae87-ee370ac6190b/1/DxiNJxmTHJKfRIijze68CeppnvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d7aed8-4a41-4df1-ae87-ee370ac6190b/1/U7fHcJ7WvcOilcc1WlA-uNYf0jI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.153.0-85.8.154.255
Signature Algorithm: sha256WithRSAEncryption
41:fe:03:30:ed:fb:00:c0:ef:bd:d3:e3:d1:20:e4:46:70:bf:
49:af:9c:ee:5e:89:14:24:68:44:f7:90:7b:e6:5b:4b:d9:0a:
02:f3:eb:c8:b4:15:6e:5e:89:ad:40:8b:f5:5b:5f:7a:58:27:
44:ad:50:fe:8c:db:31:26:d9:69:b4:1f:ce:55:82:92:e1:da:
86:96:6c:84:b4:f9:e0:52:1b:f0:2c:bd:7a:3e:c8:3f:d5:72:
5f:d6:de:c0:9b:11:37:68:4f:17:57:0a:dd:58:09:b8:cf:85:
52:47:3f:82:38:e1:09:e9:4e:5e:2f:43:a4:7d:e8:58:82:65:
3a:d9:6b:ca:d8:53:9f:d4:02:ad:1a:3e:fe:ef:ac:39:02:6d:
a4:94:f6:b1:c3:db:17:91:d5:ce:5b:0e:b7:4e:6e:e7:60:f3:
ab:16:a9:8e:06:5d:f4:6e:4c:a3:4d:35:2c:84:1e:bc:13:15:
20:b0:10:4e:89:31:1b:48:dc:93:b9:0a:f9:44:e7:80:b1:19:
92:c3:ef:7c:5e:9e:95:7b:c4:1a:7b:13:d5:17:5b:bf:35:d6:
15:a6:6b:3b:f5:b6:13:9a:13:36:5e:d3:c9:c0:0a:11:de:7d:
75:05:7c:9f:28:dd:7f:39:dd:37:47:7d:6f:ce:c0:f6:92:2a:
6f:0b:8b:c6
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECdPafjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2I3Yzc3MDllZDZiZGMzYTI5NWM3MzU1YTUwM2ViOGQ2MWZkMjMyMB4XDTIyMDEw
MTA1NTE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYxODhkMjcxOTkz
MWM5MjlmNDQ4OGEzY2RlZWJjMDllYTY5OWVmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjuVHAKiQ6dDY2ovkZVPOBR/9YtQT3t7aDRRx/9Yr0w6Ddt
YTaLgUX5zkHpydG1brLzH/B2AiUccAd/Do7WHTvpXjlghFNW5Yi6uap6nnhJ2C51
rR24+7eq+SSZU0fZKA0OR801fcPB6HeFsKC0pWufZS3VbSxNPplW+JbJyVmB6ljR
vira1iiAFnbRnDKdCdp8YRfSg/6kJztfBY5b9UM8r1EcV/+XI9Jn9IR55G39Si1H
h2mgFbYP2JNu8FeD6dhkxzaCZIfZOLAyxXJm6NuKSJcTRN9152ume92andmHqqGd
XsOywqDRgKplRRaB+7l03UPJ2R6ieauodAdhNycCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQPGI0nGZMckp9EiKPN7rwJ6mme9jAfBgNVHSMEGDAWgBRTt8dwnta9w6KV
xzVaUD641h/SMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1U3ZkhjSjdXdmNPaWxjYzFXbEEtdU5ZZjBqSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvZDdhZWQ4LTRhNDEtNGRmMS1hZTg3LWVlMzcwYWM2MTkwYi8x
L0R4aU5KeG1USEpLZlJJaWp6ZTY4Q2VwcG52WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
ZDdhZWQ4LTRhNDEtNGRmMS1hZTg3LWVlMzcwYWM2MTkwYi8xL1U3ZkhjSjdXdmNP
aWxjYzFXbEEtdU5ZZjBqSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAVQiZAwQAVQiaMA0GCSqGSIb3
DQEBCwUAA4IBAQBB/gMw7fsAwO+90+PRIORGcL9Jr5zuXokUJGhE95B75ltL2QoC
8+vItBVuXomtQIv1W196WCdErVD+jNsxJtlptB/OVYKS4dqGlmyEtPngUhvwLL16
Psg/1XJf1t7AmxE3aE8XVwrdWAm4z4VSRz+COOEJ6U5eL0OkfehYgmU62WvK2FOf
1AKtGj7+76w5Am2klPaxw9sXkdXOWw63Tm7nYPOrFqmOBl30bkyjTTUshB68ExUg
sBBOiTEbSNyTuQr5ROeAsRmSw+98Xp6Ve8QaexPVF1u/NdYVpms79bYTmhM2XtPJ
wAoR3n11BXyfKN1/Od03R31vzsD2kipvC4vG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:15 2025 by rpki-client