Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/tOlreYPe7u67idbXYncHUQK-mIo.roa
File: tOlreYPe7u67idbXYncHUQK-mIo.roa (raw, json)
Hash identifier: KU1u5Wpoy603w8tu9YwxwROqP4UYKqLHuGvfzTsDk/c=
Subject key identifier: B4:E9:6B:79:83:DE:EE:EE:BB:89:D6:D7:62:77:07:51:02:BE:98:8A
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 019427B5AD17FA52E74E9C0702AF162E4C69
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/tOlreYPe7u67idbXYncHUQK-mIo.roa
Signing time: Thu 02 Jan 2025 15:50:05 +0000
ROA not before: Thu 02 Jan 2025 15:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34783
IP address blocks: 85.118.48.0/23 maxlen: 23
85.118.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:ad:17:fa:52:e7:4e:9c:07:02:af:16:2e:4c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 2 15:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4e96b7983deeeeebb89d6d76277075102be988a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:95:ec:40:c8:44:3f:ee:0d:db:69:d2:92:b9:
c1:0f:6f:c7:39:86:b0:b4:fa:ef:fc:f0:c5:e8:58:
4e:9a:1a:1f:ba:9a:e6:7c:f0:b4:e0:c2:33:77:8a:
fb:89:3f:4f:49:30:b5:62:02:88:19:5e:a3:27:ec:
c7:fe:78:b7:7c:9f:a2:c4:88:dd:71:91:ad:62:6e:
dd:14:34:63:58:e2:3b:eb:ed:34:86:93:6e:b5:55:
36:b5:79:1a:e4:70:37:ed:fb:5a:75:16:fd:01:a2:
bc:5f:00:64:eb:7f:55:5b:4c:1b:8b:f3:33:01:d9:
18:f7:53:78:0a:4c:56:1b:b0:ab:8f:12:37:2e:bf:
6d:44:80:05:2b:a3:02:be:18:32:32:c6:1d:35:41:
f5:c8:89:2e:e7:8a:a8:8f:d6:59:63:b6:b6:ad:8b:
1b:ef:6f:5b:05:e7:c0:ec:19:18:8c:d1:6e:5b:4b:
e4:0e:1a:4b:11:87:eb:bf:ff:a8:e1:74:a0:0a:4a:
c7:91:56:dd:7e:21:f7:ef:3e:9f:e8:04:5a:20:72:
88:1e:c5:19:5d:71:72:b0:1d:d3:fc:bc:57:69:cf:
0d:ea:28:68:06:a7:dc:f2:d5:a3:e9:9e:ae:bf:de:
20:f4:fe:dd:74:a3:16:3a:eb:85:1d:04:9b:90:ab:
65:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E9:6B:79:83:DE:EE:EE:BB:89:D6:D7:62:77:07:51:02:BE:98:8A
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/tOlreYPe7u67idbXYncHUQK-mIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.48.0/23
85.118.60.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:83:09:7a:8d:67:f3:f2:94:52:44:0c:b9:f6:1f:b7:5c:de:
11:ab:4e:17:36:82:3a:32:7a:5b:d1:ea:03:45:82:66:07:56:
fd:95:af:b5:86:64:41:f3:30:be:ec:df:40:f3:e6:a0:53:19:
e2:4c:d9:c4:01:c7:34:15:e9:66:4f:f8:11:a9:a6:ec:f3:1c:
da:71:a4:2b:58:18:ec:b6:3d:bb:d9:0f:42:17:b3:75:02:21:
79:43:ee:56:67:ba:0d:0d:07:1c:73:ef:6a:e9:5c:b4:13:35:
17:98:ea:2d:69:1d:3a:0d:12:45:30:02:a9:3c:6a:f9:70:85:
f3:7a:b9:12:bf:f2:93:92:12:d9:e0:3f:2a:b6:48:b6:0f:19:
92:7d:f2:86:4f:e0:49:ac:95:a0:4b:99:cf:b3:19:e8:5d:fe:
ea:b4:a8:87:7f:a7:37:9b:de:90:41:e9:9b:a6:12:0f:ee:c7:
75:9c:eb:cb:1f:92:e2:f9:34:20:7b:f9:18:e7:b8:b2:92:dd:
99:78:39:90:c3:07:42:c2:51:df:3d:82:9a:88:2e:fd:ed:fb:
28:7e:1e:55:29:02:d1:75:6c:d4:2a:38:65:90:80:cb:d4:75:
ed:35:9e:91:f8:f4:23:7a:97:e9:08:6d:60:3e:0a:55:3c:1a:
9c:96:bf:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnta0X+lLnTpwHAq8WLkxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjUwMTAyMTU1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU5NmI3OTgzZGVlZWVlYmI4OWQ2ZDc2Mjc3MDc1MTAyYmU5ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpXsQMhEP+4N22nSkrnBD2/HOYaw
tPrv/PDF6FhOmhofuprmfPC04MIzd4r7iT9PSTC1YgKIGV6jJ+zH/ni3fJ+ixIjd
cZGtYm7dFDRjWOI76+00hpNutVU2tXka5HA37ftadRb9AaK8XwBk639VW0wbi/Mz
AdkY91N4CkxWG7CrjxI3Lr9tRIAFK6MCvhgyMsYdNUH1yIku54qoj9ZZY7a2rYsb
729bBefA7BkYjNFuW0vkDhpLEYfrv/+o4XSgCkrHkVbdfiH37z6f6ARaIHKIHsUZ
XXFysB3T/LxXac8N6ihoBqfc8tWj6Z6uv94g9P7ddKMWOuuFHQSbkKtlwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLTpa3mD3u7uu4nW12J3B1ECvpiKMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvdE9scmVZUGU3dTY3aWRiWFluY0hVUUstbUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVXYwAwQC
VXY8MA0GCSqGSIb3DQEBCwUAA4IBAQBsgwl6jWfz8pRSRAy59h+3XN4Rq04XNoI6
Mnpb0eoDRYJmB1b9la+1hmRB8zC+7N9A8+agUxniTNnEAcc0FelmT/gRqabs8xza
caQrWBjstj272Q9CF7N1AiF5Q+5WZ7oNDQccc+9q6Vy0EzUXmOotaR06DRJFMAKp
PGr5cIXzerkSv/KTkhLZ4D8qtki2DxmSffKGT+BJrJWgS5nPsxnoXf7qtKiHf6c3
m96QQembphIP7sd1nOvLH5Li+TQge/kY57iykt2ZeDmQwwdCwlHfPYKaiC797fso
fh5VKQLRdWzUKjhlkIDL1HXtNZ6R+PQjepfpCG1gPgpVPBqclr8r
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:38:55 2025 by rpki-client