Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/k7ZKxdVx9_HpLEEXMgJ7VK0ot74.roa
File: k7ZKxdVx9_HpLEEXMgJ7VK0ot74.roa (raw, json)
Hash identifier: Jn0c0Y7u45CliHNs1mV0LEaHAyb9OLN6GTScJnODixs=
Subject key identifier: 93:B6:4A:C5:D5:71:F7:F1:E9:2C:41:17:32:02:7B:54:AD:28:B7:BE
Certificate issuer: /CN=36a4668ff83814af90a78b4fc8d262325058cbc6
Certificate serial: 01941F8C87CC4A9462D21D1ABD81C548479E
Authority key identifier: 36:A4:66:8F:F8:38:14:AF:90:A7:8B:4F:C8:D2:62:32:50:58:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/k7ZKxdVx9_HpLEEXMgJ7VK0ot74.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36916
IP address blocks: 85.235.76.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:87:cc:4a:94:62:d2:1d:1a:bd:81:c5:48:47:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36a4668ff83814af90a78b4fc8d262325058cbc6
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93b64ac5d571f7f1e92c411732027b54ad28b7be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:29:74:e3:cf:ff:f5:54:60:4c:4f:21:07:bb:
cc:47:df:99:1e:8d:19:b6:71:db:c0:30:7a:4c:56:
3d:e9:b4:c8:66:fc:58:c1:84:47:c4:6c:5d:36:33:
64:68:2f:ea:60:df:c6:23:38:ed:58:81:4b:27:85:
b5:a9:6f:c6:2c:7a:42:ac:78:37:c3:b3:6c:60:26:
01:f6:e5:ad:f2:d0:e7:ca:c6:c5:27:0f:f1:be:e3:
0e:6e:d4:ce:3d:b0:fd:a4:38:1e:98:16:60:b0:10:
15:de:dd:a0:58:2e:a8:0d:94:a1:13:54:ef:11:73:
e8:48:a6:b5:ef:23:44:f5:e5:2d:02:37:a8:b3:79:
f3:7a:1d:81:6d:08:f4:18:99:3f:95:4d:8a:08:e5:
34:f3:ff:f8:91:9b:cf:d9:82:e5:25:0d:57:eb:77:
3a:32:1b:75:7b:96:1f:5f:04:db:a4:9d:e9:ab:55:
fe:8c:84:9e:c3:df:cf:13:35:84:9b:b5:e7:61:a2:
46:67:8c:6a:11:f5:aa:55:43:c4:ea:95:b4:f3:b4:
c8:4f:d8:ac:e2:8f:cb:42:d6:8a:8f:73:f4:92:c8:
09:f8:8c:b5:de:b0:9a:ec:ea:56:ee:1d:9e:27:2b:
ef:58:1c:92:e6:77:2e:79:25:8a:60:e3:a0:97:e5:
74:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B6:4A:C5:D5:71:F7:F1:E9:2C:41:17:32:02:7B:54:AD:28:B7:BE
X509v3 Authority Key Identifier:
keyid:36:A4:66:8F:F8:38:14:AF:90:A7:8B:4F:C8:D2:62:32:50:58:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/k7ZKxdVx9_HpLEEXMgJ7VK0ot74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/031fcb-b74e-4e75-a7b9-90e65412252a/1/NqRmj_g4FK-Qp4tPyNJiMlBYy8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.76.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:8e:dd:5b:01:91:cd:0f:f2:5e:4f:d1:8c:a5:70:8b:db:b1:
67:a3:55:b2:dd:b6:88:1c:f6:05:7a:db:8b:4a:36:37:f1:22:
aa:1a:b6:45:ce:57:61:56:08:ff:7f:c2:c9:64:9c:2d:23:25:
19:a1:62:ef:13:5f:b0:88:d4:e6:e7:b7:da:40:20:d3:64:1b:
0c:27:89:ff:7b:34:75:68:2b:be:7d:7b:cb:96:d2:e1:5c:96:
67:13:38:54:29:72:8f:44:19:63:de:14:21:fb:51:a6:39:85:
5c:8b:7e:f1:98:a9:2d:96:c1:83:5d:f4:83:79:fc:3f:fc:57:
bc:eb:b1:55:89:d4:d7:44:b2:dc:3c:ea:c1:df:c5:5a:52:35:
45:b7:b6:06:4d:42:c8:e5:42:bf:ec:3b:8f:7c:7e:78:06:34:
74:31:9c:10:8b:8e:83:bb:f8:49:be:8a:3b:47:95:03:08:d9:
c5:85:76:3a:52:b1:84:bc:c9:9d:4e:86:49:09:5b:a1:5e:8d:
42:6f:34:df:b8:bb:14:98:5c:48:60:4f:8c:74:9f:db:7c:12:
ed:27:c8:39:2c:d5:40:98:3e:7d:28:d9:e3:0a:c4:88:51:79:
8f:64:ab:81:a5:bf:dd:f4:2e:3f:ee:25:ce:d9:b9:76:44:66:
c9:91:f5:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIfMSpRi0h0avYHFSEeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YTQ2NjhmZjgzODE0YWY5MGE3OGI0ZmM4ZDI2MjMyNTA1
OGNiYzYwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2I2NGFjNWQ1NzFmN2YxZTkyYzQxMTczMjAyN2I1NGFkMjhiN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyl048//9VRgTE8hB7vMR9+ZHo0Z
tnHbwDB6TFY96bTIZvxYwYRHxGxdNjNkaC/qYN/GIzjtWIFLJ4W1qW/GLHpCrHg3
w7NsYCYB9uWt8tDnysbFJw/xvuMObtTOPbD9pDgemBZgsBAV3t2gWC6oDZShE1Tv
EXPoSKa17yNE9eUtAjeos3nzeh2BbQj0GJk/lU2KCOU08//4kZvP2YLlJQ1X63c6
Mht1e5YfXwTbpJ3pq1X+jISew9/PEzWEm7XnYaJGZ4xqEfWqVUPE6pW087TIT9is
4o/LQtaKj3P0ksgJ+Iy13rCa7OpW7h2eJyvvWByS5ncueSWKYOOgl+V0AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJO2SsXVcffx6SxBFzICe1StKLe+MB8GA1UdIwQY
MBaAFDakZo/4OBSvkKeLT8jSYjJQWMvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnFSbWpfZzRGSy1RcDR0UHlOSmlNbEJZeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8wMzFmY2ItYjc0ZS00ZTc1LWE3Yjkt
OTBlNjU0MTIyNTJhLzEvazdaS3hkVng5X0hwTEVFWE1nSjdWSzBvdDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8wMzFmY2ItYjc0ZS00ZTc1LWE3YjktOTBlNjU0MTIyNTJh
LzEvTnFSbWpfZzRGSy1RcDR0UHlOSmlNbEJZeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVetMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/jt1bAZHND/JeT9GMpXCL27Fno1Wy3baIHPYFetuL
SjY38SKqGrZFzldhVgj/f8LJZJwtIyUZoWLvE1+wiNTm57faQCDTZBsMJ4n/ezR1
aCu+fXvLltLhXJZnEzhUKXKPRBlj3hQh+1GmOYVci37xmKktlsGDXfSDefw//Fe8
67FVidTXRLLcPOrB38VaUjVFt7YGTULI5UK/7DuPfH54BjR0MZwQi46Du/hJvoo7
R5UDCNnFhXY6UrGEvMmdToZJCVuhXo1CbzTfuLsUmFxIYE+MdJ/bfBLtJ8g5LNVA
mD59KNnjCsSIUXmPZKuBpb/d9C4/7iXO2bl2RGbJkfVj
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:25:28 2025 by rpki-client