Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/qiRFgTjVRdabsTRRM1YWXUGLw64.roa
File: qiRFgTjVRdabsTRRM1YWXUGLw64.roa (raw, json)
Hash identifier: lCjSoDx/oZnpAtqpweWxZW6jo+ICoZqCCQhV41u6/VM=
Subject key identifier: AA:24:45:81:38:D5:45:D6:9B:B1:34:51:33:56:16:5D:41:8B:C3:AE
Certificate issuer: /CN=85492f2a6910433c5bcd8269c440e8c1c7800d6b
Certificate serial: 019424B281E5C1AE5E10799445C198B5004B
Authority key identifier: 85:49:2F:2A:69:10:43:3C:5B:CD:82:69:C4:40:E8:C1:C7:80:0D:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/qiRFgTjVRdabsTRRM1YWXUGLw64.roa
Signing time: Thu 02 Jan 2025 01:47:45 +0000
ROA not before: Thu 02 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 85.208.248.0/24 maxlen: 24
85.208.249.0/24 maxlen: 24
85.208.250.0/24 maxlen: 24
85.208.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:81:e5:c1:ae:5e:10:79:94:45:c1:98:b5:00:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85492f2a6910433c5bcd8269c440e8c1c7800d6b
Validity
Not Before: Jan 2 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa24458138d545d69bb134513356165d418bc3ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:44:58:f3:1c:ee:53:75:f0:2b:5b:5e:42:48:
fe:a9:2b:5d:40:58:51:81:30:cd:9f:55:86:c8:64:
31:30:f1:fd:a3:81:73:d6:12:67:be:03:b1:f0:08:
46:f3:8f:c1:3d:48:da:4a:e2:9c:71:48:80:d1:19:
26:db:d2:23:a4:91:e5:89:44:0b:38:71:a4:6c:7e:
4e:2f:ce:28:90:65:44:79:26:9b:f1:68:53:54:d1:
20:5b:ef:cb:5e:26:b8:e2:34:d5:d4:2f:85:40:3d:
76:d1:92:af:cc:d9:f6:83:40:0c:8f:1d:a6:b1:91:
0c:12:75:81:25:ee:cc:55:09:6c:fb:f9:4f:cb:b6:
64:81:cd:46:04:47:3c:a5:4c:11:ec:2c:68:6b:c5:
50:b2:c3:a5:bf:95:fe:94:bb:6c:42:da:92:cd:18:
df:ec:b6:ae:6d:c2:96:c9:e7:e5:d1:97:e0:86:ee:
cb:4d:ca:1c:5d:39:e1:b5:71:a1:74:b5:25:63:a2:
c2:16:d9:95:57:73:aa:61:ee:4e:2e:1d:75:9b:41:
4e:80:4c:fa:3b:fc:60:73:a3:ae:89:65:7d:61:5f:
7b:04:a0:9b:8d:8a:7d:f9:dc:27:08:84:b9:f7:fc:
28:e2:aa:15:0d:6c:80:51:ec:cc:d4:09:84:5d:62:
7d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:24:45:81:38:D5:45:D6:9B:B1:34:51:33:56:16:5D:41:8B:C3:AE
X509v3 Authority Key Identifier:
keyid:85:49:2F:2A:69:10:43:3C:5B:CD:82:69:C4:40:E8:C1:C7:80:0D:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/qiRFgTjVRdabsTRRM1YWXUGLw64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/hUkvKmkQQzxbzYJpxEDowceADWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.248.0/22
Signature Algorithm: sha256WithRSAEncryption
96:65:64:71:a4:b4:33:8d:f3:9f:3b:fc:9e:17:20:40:ec:6f:
36:3b:85:e8:b4:0d:34:eb:2e:4f:84:20:e5:65:8d:26:5e:93:
e4:99:08:2e:ab:75:ff:50:e8:22:b5:e3:6c:09:3a:a7:9c:a0:
b1:53:cf:5b:30:e4:75:ef:4c:44:b5:a6:5d:2d:93:7e:f1:18:
85:0b:5f:1a:74:03:38:f4:18:38:52:cb:42:36:1e:b2:46:42:
0d:a6:26:da:c8:82:46:7d:f9:5b:13:28:36:70:2d:a7:4e:ad:
20:8f:19:15:77:fc:63:4a:00:1b:bd:cc:4b:03:d3:b8:29:18:
6f:64:79:24:99:37:37:64:a9:40:16:e1:c5:a6:53:3b:a5:05:
49:5a:26:20:7b:da:f8:52:84:5c:25:66:d6:b4:59:e8:f9:e6:
34:88:60:68:d6:ac:fb:9c:8d:43:14:e1:0a:ef:fe:47:57:f2:
d1:a9:03:2b:1d:b8:28:94:40:38:fd:64:53:17:66:34:93:60:
a0:57:fb:c2:75:ed:c6:bf:b2:b7:f1:a0:d3:db:03:4e:87:7a:
9d:f1:7b:5a:95:63:8c:98:03:2d:78:77:03:03:dd:79:a8:ef:
b4:a7:9a:22:86:89:ff:ca:c5:f2:0f:3f:58:03:97:76:39:02:
ce:4a:02:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksoHlwa5eEHmURcGYtQBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDkyZjJhNjkxMDQzM2M1YmNkODI2OWM0NDBlOGMxYzc4
MDBkNmIwHhcNMjUwMTAyMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI0NDU4MTM4ZDU0NWQ2OWJiMTM0NTEzMzU2MTY1ZDQxOGJjM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyURY8xzuU3XwK1teQkj+qStdQFhR
gTDNn1WGyGQxMPH9o4Fz1hJnvgOx8AhG84/BPUjaSuKccUiA0Rkm29IjpJHliUQL
OHGkbH5OL84okGVEeSab8WhTVNEgW+/LXia44jTV1C+FQD120ZKvzNn2g0AMjx2m
sZEMEnWBJe7MVQls+/lPy7Zkgc1GBEc8pUwR7Cxoa8VQssOlv5X+lLtsQtqSzRjf
7LaubcKWyefl0Zfghu7LTcocXTnhtXGhdLUlY6LCFtmVV3OqYe5OLh11m0FOgEz6
O/xgc6OuiWV9YV97BKCbjYp9+dwnCIS59/wo4qoVDWyAUezM1AmEXWJ9PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKokRYE41UXWm7E0UTNWFl1Bi8OuMB8GA1UdIwQY
MBaAFIVJLyppEEM8W82CacRA6MHHgA1rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVrdktta1FRenhiellKcHhFRG93Y2VBRFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iMzgyMjgtMDg3NS00OTFjLTlkNGYt
ZDZhOWEyODI4NGNmLzEvcWlSRmdUalZSZGFic1RSUk0xWVdYVUdMdzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iMzgyMjgtMDg3NS00OTFjLTlkNGYtZDZhOWEyODI4NGNm
LzEvaFVrdktta1FRenhiellKcHhFRG93Y2VBRFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdD4MA0G
CSqGSIb3DQEBCwUAA4IBAQCWZWRxpLQzjfOfO/yeFyBA7G82O4XotA006y5PhCDl
ZY0mXpPkmQguq3X/UOgiteNsCTqnnKCxU89bMOR170xEtaZdLZN+8RiFC18adAM4
9Bg4UstCNh6yRkINpibayIJGfflbEyg2cC2nTq0gjxkVd/xjSgAbvcxLA9O4KRhv
ZHkkmTc3ZKlAFuHFplM7pQVJWiYge9r4UoRcJWbWtFno+eY0iGBo1qz7nI1DFOEK
7/5HV/LRqQMrHbgolEA4/WRTF2Y0k2CgV/vCde3Gv7K38aDT2wNOh3qd8XtalWOM
mAMteHcDA915qO+0p5oihon/ysXyDz9YA5d2OQLOSgIw
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:33 2025 by rpki-client