Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/9iP7WJpaeB_-buLXK8znbS1Ia3M.roa
File: 9iP7WJpaeB_-buLXK8znbS1Ia3M.roa (raw, json)
Hash identifier: WfmJ7gmjlOFm1xY2ae1k54FPRmlhbu8yzibRgq+Obrw=
Subject key identifier: F6:23:FB:58:9A:5A:78:1F:FE:6E:E2:D7:2B:CC:E7:6D:2D:48:6B:73
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 019427B5AE1460DFBAE43F0949359CE51B3F
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/9iP7WJpaeB_-buLXK8znbS1Ia3M.roa
Signing time: Thu 02 Jan 2025 15:50:05 +0000
ROA not before: Thu 02 Jan 2025 15:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44583
IP address blocks: 85.118.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:ae:14:60:df:ba:e4:3f:09:49:35:9c:e5:1b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 2 15:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f623fb589a5a781ffe6ee2d72bcce76d2d486b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:35:96:ca:15:e6:1e:20:7b:39:9c:07:90:ae:
e2:04:94:89:33:a1:85:70:c0:24:d1:27:36:57:c4:
63:58:bd:9d:7d:67:1f:1e:db:c2:97:17:f8:95:94:
63:71:a2:dc:63:02:72:e7:a9:c8:b1:2d:38:b9:24:
12:5e:69:56:2c:df:e0:2b:0b:24:64:c2:10:ad:bf:
10:46:58:4b:e2:e0:b9:b9:0c:2c:6b:b8:c0:c4:60:
72:7e:d7:b9:b2:40:75:ee:dd:31:62:60:6e:fb:6b:
f1:78:64:1d:9a:d6:a2:4a:82:09:39:ac:95:60:12:
59:b6:dc:1e:81:74:ff:80:5d:dd:ad:c4:04:ef:85:
73:d4:42:e9:c9:35:4b:e0:4e:c6:05:84:95:be:4e:
18:08:9c:03:dc:a3:b2:23:ce:8a:7d:27:ea:98:1e:
6f:04:8a:cf:87:27:67:f6:4c:ed:6d:25:87:9b:aa:
77:d1:d5:16:fd:90:a0:93:97:88:e1:a5:dd:b6:92:
d5:87:82:a4:0c:d7:d4:2d:fc:4e:f5:2f:bf:83:c6:
90:98:59:01:ff:bc:63:43:5a:11:2e:1c:e0:40:90:
56:3d:ac:e9:df:d3:5f:f0:81:53:78:9a:9a:c1:0c:
66:f7:37:e5:99:74:d3:0f:51:10:dd:2c:0c:99:1f:
20:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:23:FB:58:9A:5A:78:1F:FE:6E:E2:D7:2B:CC:E7:6D:2D:48:6B:73
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/9iP7WJpaeB_-buLXK8znbS1Ia3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.42.0/24
Signature Algorithm: sha256WithRSAEncryption
02:91:5b:49:d9:39:e7:71:6d:d4:14:24:06:7f:cb:09:68:a4:
04:ad:c4:f0:42:68:fe:92:79:a5:5e:83:83:bb:56:70:4d:a8:
f0:80:33:dd:4a:0f:03:03:d9:80:ea:b7:78:95:47:70:d4:9d:
54:60:35:a9:e3:3b:59:83:ec:b0:78:8d:97:23:2f:1c:86:42:
d5:d0:6f:55:07:f3:d2:25:d5:0b:20:df:29:9f:5a:6a:9f:a9:
e8:ae:4a:ca:8a:25:67:28:9c:07:a9:e2:df:fb:e5:11:61:4a:
de:fc:00:a7:3c:c2:44:c4:4e:71:1d:e4:d6:5c:81:48:3f:85:
3d:26:b1:e7:27:18:08:57:d8:de:d8:3e:91:14:f8:5f:1c:c8:
a3:fa:42:59:36:d7:8d:6e:e3:ec:83:ff:f7:ae:59:c0:33:8e:
3c:a2:89:2a:d9:89:b2:bc:8e:31:40:49:0c:e2:65:77:f5:64:
d8:bc:c3:f9:ce:0a:74:cb:36:ac:4b:c7:f8:c3:ad:16:d6:97:
fb:eb:69:f1:8d:4e:89:6f:b7:13:6e:9a:30:68:26:b7:82:60:
78:b8:37:e9:81:bd:1f:cf:f9:e7:e3:d1:fc:4e:e4:f1:59:62:
bf:e4:51:ab:8d:cb:17:75:f3:b8:b5:d4:5b:95:f9:63:cc:08:
28:f3:c4:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnta4UYN+65D8JSTWc5Rs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjUwMTAyMTU1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjIzZmI1ODlhNWE3ODFmZmU2ZWUyZDcyYmNjZTc2ZDJkNDg2YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TWWyhXmHiB7OZwHkK7iBJSJM6GF
cMAk0Sc2V8RjWL2dfWcfHtvClxf4lZRjcaLcYwJy56nIsS04uSQSXmlWLN/gKwsk
ZMIQrb8QRlhL4uC5uQwsa7jAxGByfte5skB17t0xYmBu+2vxeGQdmtaiSoIJOayV
YBJZttwegXT/gF3drcQE74Vz1ELpyTVL4E7GBYSVvk4YCJwD3KOyI86KfSfqmB5v
BIrPhydn9kztbSWHm6p30dUW/ZCgk5eI4aXdtpLVh4KkDNfULfxO9S+/g8aQmFkB
/7xjQ1oRLhzgQJBWPazp39Nf8IFTeJqawQxm9zflmXTTD1EQ3SwMmR8guQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPYj+1iaWngf/m7i1yvM520tSGtzMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvOWlQN1dKcGFlQl8tYnVMWEs4em5iUzFJYTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXYqMA0G
CSqGSIb3DQEBCwUAA4IBAQACkVtJ2TnncW3UFCQGf8sJaKQErcTwQmj+knmlXoOD
u1ZwTajwgDPdSg8DA9mA6rd4lUdw1J1UYDWp4ztZg+yweI2XIy8chkLV0G9VB/PS
JdULIN8pn1pqn6norkrKiiVnKJwHqeLf++URYUre/ACnPMJExE5xHeTWXIFIP4U9
JrHnJxgIV9je2D6RFPhfHMij+kJZNteNbuPsg//3rlnAM448ookq2YmyvI4xQEkM
4mV39WTYvMP5zgp0yzasS8f4w60W1pf762nxjU6Jb7cTbpowaCa3gmB4uDfpgb0f
z/nn49H8TuTxWWK/5FGrjcsXdfO4tdRblfljzAgo88Q3
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:13:01 2025 by rpki-client