Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/K2099PO4iAtvBzGlnwl1axWP2hE.roa
File: K2099PO4iAtvBzGlnwl1axWP2hE.roa (raw, json)
Hash identifier: 6aTZlr/sfRYyJqs+vE8kRpR5W2QDPbSiPNBoLmmWJlA=
Subject key identifier: 2B:6D:3D:F4:F3:B8:88:0B:6F:07:31:A5:9F:09:75:6B:15:8F:DA:11
Certificate issuer: /CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Certificate serial: 019425FDA7946312F64CDFA55F26669DC450
Authority key identifier: 85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/K2099PO4iAtvBzGlnwl1axWP2hE.roa
Signing time: Thu 02 Jan 2025 07:49:27 +0000
ROA not before: Thu 02 Jan 2025 07:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 83.143.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a7:94:63:12:f6:4c:df:a5:5f:26:66:9d:c4:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Validity
Not Before: Jan 2 07:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b6d3df4f3b8880b6f0731a59f09756b158fda11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:9e:38:05:97:fd:e8:f4:c6:49:b8:32:83:
5f:7e:51:10:8d:d9:2b:44:29:2c:08:bd:bf:75:8d:
aa:1b:79:65:b8:f2:61:61:21:fa:de:73:44:e6:7d:
27:e2:6c:bd:dc:a2:8d:60:09:08:9c:75:4f:6a:62:
9b:d5:a1:a5:a8:39:1d:97:86:c4:f5:03:ab:b0:50:
85:4a:28:21:97:c5:6e:c8:34:ed:c9:19:26:63:88:
cd:d0:ce:af:f6:0b:c2:2e:83:1c:2b:10:ea:5d:d4:
52:64:a5:c6:74:e1:f1:b0:c2:82:4b:11:b9:37:09:
93:3c:bb:13:12:3f:d0:11:e0:9c:8e:3f:30:49:07:
5c:50:56:04:d5:1b:8c:da:49:ec:29:f1:3b:90:c2:
1d:53:d2:32:f1:87:7b:41:48:d3:e8:dc:92:1c:78:
7e:b0:58:bc:2a:da:7a:72:d6:62:a1:b1:25:1d:28:
c5:c8:cd:1a:9d:f4:06:61:ea:1c:c1:22:c2:d4:d2:
d8:22:88:b8:27:72:2c:6e:30:c8:08:08:b5:c9:77:
d4:68:d1:9c:bc:91:69:ba:c5:98:69:2b:91:6f:2a:
45:b4:a7:df:97:dc:0e:0e:cb:bd:f3:4f:a5:eb:08:
ce:9b:a5:10:81:a8:04:97:e1:7d:de:40:f0:e7:86:
79:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6D:3D:F4:F3:B8:88:0B:6F:07:31:A5:9F:09:75:6B:15:8F:DA:11
X509v3 Authority Key Identifier:
keyid:85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/K2099PO4iAtvBzGlnwl1axWP2hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.16.0/21
Signature Algorithm: sha256WithRSAEncryption
71:c8:8d:9a:28:29:f5:f5:90:23:5f:a6:94:ee:b3:3f:c2:58:
b1:73:86:02:41:79:04:fb:7d:f6:d0:c7:3b:9f:fe:da:13:41:
77:3f:c9:e5:2d:9b:1e:f6:49:f1:14:8a:84:ad:93:5c:09:fa:
bc:f3:d5:16:ce:7b:e9:49:cd:7e:bc:fb:92:2f:cd:10:bc:89:
bd:d6:f8:10:28:18:8e:0f:39:5c:f3:7a:44:1a:57:5b:43:eb:
92:27:5b:6b:fe:2d:1a:45:91:83:68:37:5d:16:da:c4:39:9d:
a0:c6:3c:83:c3:1b:46:d6:ae:46:e0:bd:90:06:9d:28:3a:97:
7b:ef:ec:32:bd:eb:c6:0c:6a:ec:5d:03:d5:d3:b1:32:73:72:
1c:f0:cf:86:b0:15:e8:99:95:24:7e:31:a3:db:30:08:2f:80:
12:b0:08:40:d0:20:2a:fa:0d:d2:7f:dc:d2:25:23:de:32:0b:
07:72:7b:21:1b:90:ba:99:c5:a8:c8:9d:dc:10:ee:a9:6e:2a:
17:06:35:a6:64:9f:73:a0:5c:4a:79:06:f8:24:13:fb:d7:d4:
2a:34:45:cc:d0:fb:32:84:47:34:e4:d8:31:9c:78:ff:5d:c9:
43:b8:c8:0e:87:ce:e9:98:47:00:8f:37:ad:b6:a5:d5:55:a5:
7a:90:8a:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/aeUYxL2TN+lXyZmncRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmI4NWFkZDA5ZjQ4NzZlYTZhYWE4OGQ0ZDg4YzgxY2Ni
NmIxMGEwHhcNMjUwMTAyMDc0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZkM2RmNGYzYjg4ODBiNmYwNzMxYTU5ZjA5NzU2YjE1OGZkYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/yeOAWX/ej0xkm4MoNfflEQjdkr
RCksCL2/dY2qG3lluPJhYSH63nNE5n0n4my93KKNYAkInHVPamKb1aGlqDkdl4bE
9QOrsFCFSighl8VuyDTtyRkmY4jN0M6v9gvCLoMcKxDqXdRSZKXGdOHxsMKCSxG5
NwmTPLsTEj/QEeCcjj8wSQdcUFYE1RuM2knsKfE7kMIdU9Iy8Yd7QUjT6NySHHh+
sFi8Ktp6ctZiobElHSjFyM0anfQGYeocwSLC1NLYIoi4J3IsbjDICAi1yXfUaNGc
vJFpusWYaSuRbypFtKffl9wODsu980+l6wjOm6UQgagEl+F93kDw54Z5SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCttPfTzuIgLbwcxpZ8JdWsVj9oRMB8GA1UdIwQY
MBaAFIX7ha3Qn0h26mqqiNTYjIHMtrEKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2It
YzYxNjFjZTM5NWFmLzEvSzIwOTlQTzRpQXR2QnpHbG53bDFheFdQMmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2ItYzYxNjFjZTM5NWFm
LzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU48QMA0G
CSqGSIb3DQEBCwUAA4IBAQBxyI2aKCn19ZAjX6aU7rM/wlixc4YCQXkE+3320Mc7
n/7aE0F3P8nlLZse9knxFIqErZNcCfq889UWznvpSc1+vPuSL80QvIm91vgQKBiO
Dzlc83pEGldbQ+uSJ1tr/i0aRZGDaDddFtrEOZ2gxjyDwxtG1q5G4L2QBp0oOpd7
7+wyvevGDGrsXQPV07Eyc3Ic8M+GsBXomZUkfjGj2zAIL4ASsAhA0CAq+g3Sf9zS
JSPeMgsHcnshG5C6mcWoyJ3cEO6pbioXBjWmZJ9zoFxKeQb4JBP719QqNEXM0Psy
hEc05NgxnHj/XclDuMgOh87pmEcAjzettqXVVaV6kIoP
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:28:33 2025 by rpki-client