Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d7aed8-4a41-4df1-ae87-ee370ac6190b/1/GILrTXNaFZiocKfFB4pujxx3imo.roa
File: GILrTXNaFZiocKfFB4pujxx3imo.roa (raw, json)
Hash identifier: kqs1LPH8uGqoyF5XSKEhpmNT1jOBhNIqae2wDW0kecU=
Subject key identifier: 18:82:EB:4D:73:5A:15:98:A8:70:A7:C5:07:8A:6E:8F:1C:77:8A:6A
Certificate issuer: /CN=53b7c7709ed6bdc3a295c7355a503eb8d61fd232
Certificate serial: 01857343B00102E6FB3DA6A67F32A5CD60C1
Authority key identifier: 53:B7:C7:70:9E:D6:BD:C3:A2:95:C7:35:5A:50:3E:B8:D6:1F:D2:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7fHcJ7WvcOilcc1WlA-uNYf0jI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/d7aed8-4a41-4df1-ae87-ee370ac6190b/1/GILrTXNaFZiocKfFB4pujxx3imo.roa
Signing time: Mon 02 Jan 2023 16:14:53 +0000
ROA not before: Mon 02 Jan 2023 16:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 85.8.152.0/24 maxlen: 24
85.8.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:b0:01:02:e6:fb:3d:a6:a6:7f:32:a5:cd:60:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b7c7709ed6bdc3a295c7355a503eb8d61fd232
Validity
Not Before: Jan 2 16:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1882eb4d735a1598a870a7c5078a6e8f1c778a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:73:c2:64:9b:3a:65:b6:db:83:cd:34:97:7d:
83:b0:55:d5:6c:48:28:ef:a4:c3:2b:f8:de:0b:40:
ff:d3:28:93:42:f3:b2:8f:91:25:41:ba:b0:8d:93:
2f:7f:c2:36:08:63:17:e2:91:d1:e7:81:c2:f1:cd:
21:62:4a:9f:3f:b8:22:a9:99:8b:eb:20:4c:4d:52:
c9:58:9b:f7:af:26:ab:8d:ef:56:33:99:9d:fd:9f:
15:05:13:92:f0:60:33:54:b9:3b:e3:c3:45:ad:f8:
15:4c:cd:3e:b8:7a:3b:b4:44:70:95:94:e7:41:6d:
15:7f:a6:42:1f:2b:8b:31:a0:d1:af:e9:d6:ef:4d:
dc:1c:08:73:fa:aa:d3:bd:ed:6d:ac:7b:7a:21:1d:
67:86:20:54:49:5e:7a:da:1e:db:b5:35:a7:f8:19:
3d:18:29:ab:7e:5d:02:de:a0:65:07:21:a7:df:69:
6c:28:dc:83:6e:54:20:6e:76:d9:95:0d:41:02:80:
ba:04:4c:75:e6:73:f4:ba:10:32:de:29:e1:db:1e:
c3:09:40:6f:75:ec:e3:8b:87:eb:59:d1:a7:fc:f9:
be:81:a5:3f:09:eb:26:5a:f2:b5:29:f4:4c:47:b6:
b2:a0:2d:66:ff:04:e4:d7:6c:5f:fe:c4:fa:ea:47:
9f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:82:EB:4D:73:5A:15:98:A8:70:A7:C5:07:8A:6E:8F:1C:77:8A:6A
X509v3 Authority Key Identifier:
keyid:53:B7:C7:70:9E:D6:BD:C3:A2:95:C7:35:5A:50:3E:B8:D6:1F:D2:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7fHcJ7WvcOilcc1WlA-uNYf0jI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d7aed8-4a41-4df1-ae87-ee370ac6190b/1/GILrTXNaFZiocKfFB4pujxx3imo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d7aed8-4a41-4df1-ae87-ee370ac6190b/1/U7fHcJ7WvcOilcc1WlA-uNYf0jI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.152.0/24
85.8.155.0/24
Signature Algorithm: sha256WithRSAEncryption
01:1a:13:46:09:6f:61:3a:90:97:bf:d6:5b:22:40:d3:12:df:
e0:9f:54:e2:32:27:65:a7:5f:a7:81:ca:9a:5e:ef:dc:c8:3b:
9b:cb:c1:a8:f4:bc:82:ca:98:aa:6c:bd:75:17:69:f6:28:ef:
ce:74:da:c2:2b:55:67:0a:71:92:e5:9a:94:83:1a:d0:86:1b:
17:0b:bd:d4:34:89:db:bf:a9:c8:01:f3:25:39:20:c6:84:04:
96:fd:42:ab:da:70:7a:6c:ba:22:fb:fe:f7:b5:08:ef:84:ee:
43:6e:e7:56:4f:c4:e6:23:cb:00:ab:a6:51:14:06:fe:1a:01:
b4:4c:f4:ea:17:37:15:0d:da:79:b0:db:da:2d:b2:72:7a:d7:
0b:d3:0e:bf:e8:be:18:df:59:db:c9:1a:75:10:d4:b5:8b:32:
db:14:03:04:cb:4d:b8:93:e7:a9:42:64:f0:38:81:3d:40:65:
30:21:7e:36:e3:b0:96:09:10:31:18:f9:cf:71:db:04:ef:35:
ba:61:6e:52:af:4e:11:06:4c:03:3b:32:8d:35:7e:f9:99:bd:
db:fd:0b:88:ca:8a:b5:9d:73:f8:ec:20:57:1d:44:d2:ed:26:
83:54:b7:be:6b:3b:c3:11:95:db:e2:7d:de:5d:30:71:e5:d5:
dc:60:53:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzQ7ABAub7PaamfzKlzWDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjdjNzcwOWVkNmJkYzNhMjk1YzczNTVhNTAzZWI4ZDYx
ZmQyMzIwHhcNMjMwMTAyMTYxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODgyZWI0ZDczNWExNTk4YTg3MGE3YzUwNzhhNmU4ZjFjNzc4YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnPCZJs6Zbbbg800l32DsFXVbEgo
76TDK/jeC0D/0yiTQvOyj5ElQbqwjZMvf8I2CGMX4pHR54HC8c0hYkqfP7giqZmL
6yBMTVLJWJv3ryarje9WM5md/Z8VBROS8GAzVLk748NFrfgVTM0+uHo7tERwlZTn
QW0Vf6ZCHyuLMaDRr+nW703cHAhz+qrTve1trHt6IR1nhiBUSV562h7btTWn+Bk9
GCmrfl0C3qBlByGn32lsKNyDblQgbnbZlQ1BAoC6BEx15nP0uhAy3inh2x7DCUBv
dezji4frWdGn/Pm+gaU/CesmWvK1KfRMR7ayoC1m/wTk12xf/sT66kefVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBiC601zWhWYqHCnxQeKbo8cd4pqMB8GA1UdIwQY
MBaAFFO3x3Ce1r3DopXHNVpQPrjWH9IyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdmSGNKN1d2Y09pbGNjMVdsQS11TllmMGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kN2FlZDgtNGE0MS00ZGYxLWFlODct
ZWUzNzBhYzYxOTBiLzEvR0lMclRYTmFGWmlvY0tmRkI0cHVqeHgzaW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kN2FlZDgtNGE0MS00ZGYxLWFlODctZWUzNzBhYzYxOTBi
LzEvVTdmSGNKN1d2Y09pbGNjMVdsQS11TllmMGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVQiYAwQA
VQibMA0GCSqGSIb3DQEBCwUAA4IBAQABGhNGCW9hOpCXv9ZbIkDTEt/gn1TiMidl
p1+ngcqaXu/cyDuby8Go9LyCypiqbL11F2n2KO/OdNrCK1VnCnGS5ZqUgxrQhhsX
C73UNInbv6nIAfMlOSDGhASW/UKr2nB6bLoi+/73tQjvhO5DbudWT8TmI8sAq6ZR
FAb+GgG0TPTqFzcVDdp5sNvaLbJyetcL0w6/6L4Y31nbyRp1ENS1izLbFAMEy024
k+epQmTwOIE9QGUwIX4247CWCRAxGPnPcdsE7zW6YW5Sr04RBkwDOzKNNX75mb3b
/QuIyoq1nXP47CBXHUTS7SaDVLe+azvDEZXb4n3eXTBx5dXcYFO3
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:04 2025 by rpki-client