Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Dv3CuakJT-Du9wYEWeu6yiSy0c0.roa
File: Dv3CuakJT-Du9wYEWeu6yiSy0c0.roa (raw, json)
Hash identifier: me0Yl86ThovaL8vbtd9UUzYLaL82Axaz0epad9L/B14=
Subject key identifier: 0E:FD:C2:B9:A9:09:4F:E0:EE:F7:06:04:59:EB:BA:CA:24:B2:D1:CD
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 0185724C9226011431BD04391D7B4DC68840
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Dv3CuakJT-Du9wYEWeu6yiSy0c0.roa
Signing time: Mon 02 Jan 2023 11:44:58 +0000
ROA not before: Mon 02 Jan 2023 11:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44821
IP address blocks: 85.118.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:92:26:01:14:31:bd:04:39:1d:7b:4d:c6:88:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 2 11:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0efdc2b9a9094fe0eef7060459ebbaca24b2d1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7a:04:e8:d8:1f:fe:79:c3:09:a9:f7:27:b0:
61:0b:47:67:cc:0a:f1:e2:08:e0:be:e3:a4:67:33:
94:c5:88:54:35:97:c2:28:df:53:85:bd:71:cf:f7:
89:84:85:bc:db:d8:d6:36:fd:a6:92:ef:9f:41:92:
75:f0:bf:0e:08:8b:5e:32:2c:ba:bf:e6:cf:a6:a7:
fe:9b:2a:38:92:89:5f:36:1c:8f:36:70:d7:17:87:
a4:90:f9:8d:58:76:fa:0d:3e:a3:96:34:d2:ef:aa:
f0:81:01:62:06:e8:b2:69:93:78:71:04:25:68:af:
30:2a:f8:c2:01:5a:57:77:40:31:c6:ad:39:c8:97:
c9:0c:e1:b5:a7:4f:bf:f5:cd:a3:5d:e0:ee:1d:06:
6b:76:be:f2:98:cd:45:f5:18:44:d0:e4:7b:a4:d5:
d8:e6:02:ab:fd:73:7b:51:f0:ba:36:d4:c8:37:1c:
f3:79:5a:13:86:70:4b:83:1d:e5:e8:06:4f:ff:cd:
63:68:3e:61:e7:25:1f:94:06:0d:00:3b:00:3e:d9:
d0:18:84:35:46:85:aa:06:af:e5:df:86:7d:40:5d:
f1:aa:56:a9:82:db:de:9b:d6:03:eb:20:97:af:97:
6a:be:55:0e:b9:8f:e5:1a:34:07:9b:3f:59:58:26:
09:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:FD:C2:B9:A9:09:4F:E0:EE:F7:06:04:59:EB:BA:CA:24:B2:D1:CD
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Dv3CuakJT-Du9wYEWeu6yiSy0c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.52.0/22
Signature Algorithm: sha256WithRSAEncryption
51:5e:e8:05:51:4a:80:f5:04:d5:1d:3b:03:a8:ff:c9:ba:58:
3a:aa:d4:5f:9f:1e:af:d3:3d:51:21:c2:d4:53:1f:2f:8e:e8:
7d:61:51:09:eb:3b:77:2b:e7:0b:a8:df:b2:cb:ff:9b:94:fb:
70:47:45:36:4b:f7:e8:ce:3b:b6:3b:07:c6:ce:83:52:18:db:
6f:bb:3e:25:89:6c:87:9b:2c:6f:f9:2e:07:df:05:d4:1b:f3:
c5:b0:63:3e:dc:f5:22:7c:6c:50:8e:15:0c:91:f6:06:63:7a:
fd:01:5b:a1:99:f8:b1:60:b9:40:c2:bd:9d:74:58:4e:b5:05:
6d:d2:6b:64:53:6c:c5:8d:a5:48:18:28:13:46:39:e0:59:f4:
86:ee:d4:58:d4:ef:4e:48:00:54:e0:af:6d:85:76:7e:b2:79:
06:87:48:a0:8b:d2:cf:c4:07:34:f3:4f:95:69:6f:cf:be:6c:
4e:82:b2:a0:1e:2e:c5:18:df:ed:93:d8:14:60:17:f7:bb:3a:
0f:be:0d:d0:16:5a:0a:bb:75:ff:80:2e:53:ff:3f:43:a3:c7:
d0:1c:3e:5a:0d:07:99:14:cb:c4:f1:46:51:ca:82:57:df:c1:
53:81:82:62:8c:ea:d4:b6:f3:54:d6:53:20:61:eb:c5:d0:da:
c7:5d:e3:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTJImARQxvQQ5HXtNxohAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjMwMTAyMTE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWZkYzJiOWE5MDk0ZmUwZWVmNzA2MDQ1OWViYmFjYTI0YjJkMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3oE6Ngf/nnDCan3J7BhC0dnzArx
4gjgvuOkZzOUxYhUNZfCKN9Thb1xz/eJhIW829jWNv2mku+fQZJ18L8OCIteMiy6
v+bPpqf+myo4kolfNhyPNnDXF4ekkPmNWHb6DT6jljTS76rwgQFiBuiyaZN4cQQl
aK8wKvjCAVpXd0Axxq05yJfJDOG1p0+/9c2jXeDuHQZrdr7ymM1F9RhE0OR7pNXY
5gKr/XN7UfC6NtTINxzzeVoThnBLgx3l6AZP/81jaD5h5yUflAYNADsAPtnQGIQ1
RoWqBq/l34Z9QF3xqlapgtvem9YD6yCXr5dqvlUOuY/lGjQHmz9ZWCYJcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA79wrmpCU/g7vcGBFnrusokstHNMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvRHYzQ3Vha0pULUR1OXdZRVdldTZ5aVN5MGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVXY0MA0G
CSqGSIb3DQEBCwUAA4IBAQBRXugFUUqA9QTVHTsDqP/Julg6qtRfnx6v0z1RIcLU
Ux8vjuh9YVEJ6zt3K+cLqN+yy/+blPtwR0U2S/fozju2OwfGzoNSGNtvuz4liWyH
myxv+S4H3wXUG/PFsGM+3PUifGxQjhUMkfYGY3r9AVuhmfixYLlAwr2ddFhOtQVt
0mtkU2zFjaVIGCgTRjngWfSG7tRY1O9OSABU4K9thXZ+snkGh0igi9LPxAc080+V
aW/PvmxOgrKgHi7FGN/tk9gUYBf3uzoPvg3QFloKu3X/gC5T/z9Do8fQHD5aDQeZ
FMvE8UZRyoJX38FTgYJijOrUtvNU1lMgYevF0NrHXeOK
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:55:37 2025 by rpki-client