Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/izHeVyFS4WbLRyo8FTznYPNwZZE.roa
File: izHeVyFS4WbLRyo8FTznYPNwZZE.roa (raw, json)
Hash identifier: m5MVTeGYoJ1hrY6MFNoE65pfVzmIP+sCRtQ+2dh74mY=
Subject key identifier: 8B:31:DE:57:21:52:E1:66:CB:47:2A:3C:15:3C:E7:60:F3:70:65:91
Certificate issuer: /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial: 01856C5CA0667AB4A946771566BF936C7C8F
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/izHeVyFS4WbLRyo8FTznYPNwZZE.roa
Signing time: Sun 01 Jan 2023 08:04:47 +0000
ROA not before: Sun 01 Jan 2023 08:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 86.62.31.0/24 maxlen: 24
185.81.126.0/24 maxlen: 24
194.107.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:a0:66:7a:b4:a9:46:77:15:66:bf:93:6c:7c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Validity
Not Before: Jan 1 08:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b31de572152e166cb472a3c153ce760f3706591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:df:7d:1e:f7:ba:69:e3:d0:cf:75:f8:f2:37:
d5:68:d0:17:f3:50:1c:1c:51:21:05:ba:c5:8d:45:
82:34:bb:a2:7e:ff:41:d4:0d:9a:77:c3:8e:71:a6:
fe:5e:2b:76:09:87:14:c7:45:20:8c:57:12:54:82:
0b:12:d3:46:53:9d:70:d0:92:74:30:51:0d:c7:56:
0f:3b:b1:a6:db:f8:3e:ab:eb:a5:cb:9a:f4:45:9f:
89:6b:b5:98:bc:b2:d8:fe:d4:ac:91:c3:92:bd:9e:
69:40:8a:27:a5:6a:02:2e:b8:8c:d5:3e:6a:22:a0:
39:3a:bb:f3:77:6a:ef:15:94:7a:ce:28:82:83:2b:
1a:07:bf:ef:d0:66:ba:01:b2:07:e4:59:48:00:ef:
c7:86:3b:8f:65:c3:31:74:cd:db:59:d2:e5:9e:ac:
26:97:15:ed:4d:f9:0c:4b:4b:1b:87:21:03:fe:09:
ef:53:64:3b:59:b4:ad:58:18:c6:eb:36:38:64:ce:
59:df:95:fb:10:69:44:8b:48:be:b9:34:6b:48:b3:
26:76:2a:9d:63:80:8d:d7:94:61:a2:d1:28:e7:fa:
5c:9c:dd:f1:7e:85:db:4c:a2:7d:c7:af:0e:6e:01:
e7:e7:5d:7b:9c:c1:00:46:ba:ba:77:7b:08:b4:8b:
83:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:31:DE:57:21:52:E1:66:CB:47:2A:3C:15:3C:E7:60:F3:70:65:91
X509v3 Authority Key Identifier:
keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/izHeVyFS4WbLRyo8FTznYPNwZZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.31.0/24
185.81.126.0/24
194.107.163.0/24
Signature Algorithm: sha256WithRSAEncryption
57:06:fa:39:c0:6a:31:51:1a:ad:56:86:67:8d:57:f8:01:ac:
cd:f5:b7:6a:2c:e4:ed:7e:67:43:fe:42:1e:e6:56:55:13:0a:
65:a8:46:59:f1:43:84:d3:64:fd:d2:ae:b1:9a:b8:b1:e3:94:
ed:8f:38:00:8c:f3:cc:b5:94:c5:8e:98:cd:a0:0f:53:8c:db:
7b:47:47:a9:ca:d9:6b:63:dd:29:28:5a:ef:44:49:91:98:cd:
e3:ae:89:50:38:2c:65:52:26:87:28:5a:64:92:9d:54:f8:9c:
5e:02:eb:fb:65:7d:b3:52:2f:5a:3a:33:9b:1d:9c:eb:82:02:
7f:a1:93:85:94:0d:11:16:5f:54:44:76:7f:fd:3b:c7:7e:c6:
95:be:95:5a:66:e1:be:ff:52:b8:46:ac:5c:ee:47:54:d1:98:
85:0f:1b:12:1c:cd:9b:39:31:b4:4e:38:1f:94:57:90:e9:8c:
79:81:ad:e1:5b:af:c5:a2:75:e4:0a:0a:a6:6b:17:74:8e:81:
cd:f1:e4:9a:30:d7:19:48:f7:f2:62:48:1a:4d:12:98:69:ab:
ad:13:e6:34:1d:55:50:ef:58:1e:c6:96:b5:c7:fa:70:5d:23:
17:4c:a7:e3:37:6d:46:63:48:d0:48:54:e4:dd:2c:43:a6:90:
30:ab:c6:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsXKBmerSpRncVZr+TbHyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMwMTAxMDgwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMxZGU1NzIxNTJlMTY2Y2I0NzJhM2MxNTNjZTc2MGYzNzA2NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd99Hve6aePQz3X48jfVaNAX81Ac
HFEhBbrFjUWCNLuifv9B1A2ad8OOcab+Xit2CYcUx0UgjFcSVIILEtNGU51w0JJ0
MFENx1YPO7Gm2/g+q+uly5r0RZ+Ja7WYvLLY/tSskcOSvZ5pQIonpWoCLriM1T5q
IqA5Orvzd2rvFZR6ziiCgysaB7/v0Ga6AbIH5FlIAO/HhjuPZcMxdM3bWdLlnqwm
lxXtTfkMS0sbhyED/gnvU2Q7WbStWBjG6zY4ZM5Z35X7EGlEi0i+uTRrSLMmdiqd
Y4CN15RhotEo5/pcnN3xfoXbTKJ9x68ObgHn5117nMEARrq6d3sItIuDcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIsx3lchUuFmy0cqPBU852DzcGWRMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvaXpIZVZ5RlM0V2JMUnlvOEZUem5ZUE53WlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVj4fAwQA
uVF+AwQAwmujMA0GCSqGSIb3DQEBCwUAA4IBAQBXBvo5wGoxURqtVoZnjVf4AazN
9bdqLOTtfmdD/kIe5lZVEwplqEZZ8UOE02T90q6xmrix45TtjzgAjPPMtZTFjpjN
oA9TjNt7R0epytlrY90pKFrvREmRmM3jrolQOCxlUiaHKFpkkp1U+JxeAuv7ZX2z
Ui9aOjObHZzrggJ/oZOFlA0RFl9URHZ//TvHfsaVvpVaZuG+/1K4Rqxc7kdU0ZiF
DxsSHM2bOTG0TjgflFeQ6Yx5ga3hW6/FonXkCgqmaxd0joHN8eSaMNcZSPfyYkga
TRKYaautE+Y0HVVQ71gexpa1x/pwXSMXTKfjN21GY0jQSFTk3SxDppAwq8bp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:07 2025 by rpki-client