Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/jsnJD8YZHBZw61CLy70JBCj6D68.roa
File: jsnJD8YZHBZw61CLy70JBCj6D68.roa (raw, json)
Hash identifier: XN6TwLyx32ADpliGXWrncT442E9gz3JKJet/e40oNxQ=
Subject key identifier: 8E:C9:C9:0F:C6:19:1C:16:70:EB:50:8B:CB:BD:09:04:28:FA:0F:AF
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747D4481626B938ED511AC8DA21C6D7
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/jsnJD8YZHBZw61CLy70JBCj6D68.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208992
IP address blocks: 85.158.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d4:48:16:26:b9:38:ed:51:1a:c8:da:21:c6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ec9c90fc6191c1670eb508bcbbd090428fa0faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:b7:f5:fd:b5:a7:b0:c0:cc:9f:d2:66:29:
cb:56:34:49:b6:94:1b:cf:eb:52:52:1e:f8:97:45:
44:5b:a2:a3:76:25:57:fe:96:81:c8:27:17:f0:27:
e1:2a:c2:e3:12:73:92:09:f2:89:0a:87:e5:32:26:
76:8f:28:e9:0e:23:84:a1:4e:ad:29:81:b9:06:fa:
29:f4:bf:57:d9:c1:3c:fe:24:f4:3e:a4:76:f5:ff:
97:f3:81:02:5a:f2:82:5e:81:56:85:71:a9:5d:bf:
bd:01:7b:40:23:c4:cf:d3:32:38:5c:20:34:1c:53:
1d:5a:e7:0d:f6:3b:4d:37:fc:bf:27:f9:58:86:1e:
4a:08:e7:05:de:96:ee:d4:7b:fa:e3:88:27:ae:35:
11:b7:f7:cb:86:0d:7e:33:62:35:32:64:45:01:95:
3a:cb:f8:db:84:ba:b9:2f:f1:44:0e:6b:7c:73:e7:
4e:6f:aa:0a:d7:2d:fa:dc:7e:b1:a1:3d:54:88:15:
18:a2:92:8e:1f:41:3f:c6:f2:69:9e:68:38:9e:40:
43:ee:1d:6d:f5:ac:be:57:80:0e:26:0f:ba:d7:52:
c6:18:eb:5d:0a:d7:4f:b2:30:a0:e0:61:c9:37:9e:
5b:a4:00:fc:fc:c1:7b:8c:3f:ab:fa:be:ec:e7:dd:
52:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C9:C9:0F:C6:19:1C:16:70:EB:50:8B:CB:BD:09:04:28:FA:0F:AF
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/jsnJD8YZHBZw61CLy70JBCj6D68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.184.0/24
Signature Algorithm: sha256WithRSAEncryption
01:bb:e0:a5:d8:23:bb:94:37:6e:b4:c0:fe:d7:79:53:f1:cd:
a5:01:a1:4d:8e:ea:20:d7:8d:58:f0:0d:3a:02:c5:00:c7:33:
ef:bf:84:6c:75:84:ff:4c:46:83:07:72:20:02:1f:0d:62:54:
be:3a:9c:ec:ad:da:6b:4c:8a:12:47:70:87:e3:71:94:91:24:
f8:b7:c1:4d:d6:fb:3d:a0:02:26:bf:0c:c6:9e:6d:09:f8:cf:
45:52:73:ee:fe:7a:d6:98:82:b7:9e:f1:13:2a:95:3e:78:ca:
e5:c3:ba:7c:84:93:fb:c0:e6:6d:d2:96:de:8a:bc:ec:09:01:
1b:77:f5:a7:7c:f5:72:12:bf:9b:16:fc:6a:17:28:46:b2:32:
52:e2:b5:86:ab:71:e6:6e:4d:d6:19:29:d1:72:f0:6e:4d:88:
3e:87:34:21:5a:ab:d6:b4:7c:97:ef:ab:17:83:5f:44:05:c9:
b9:50:c6:71:0b:6c:f8:34:6d:c6:22:8f:b1:3d:90:9f:d9:ed:
58:dd:4b:74:ab:5f:4b:bf:af:46:09:e5:bd:c6:94:ec:dc:2f:
f1:db:2a:ed:43:f9:06:49:19:35:d6:73:57:1a:38:86:50:a4:
41:49:4c:f2:4d:59:4c:fe:dc:da:af:8b:a7:27:33:6b:3b:99:
90:83:e9:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR9RIFia5OO1RGsjaIcbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWM5YzkwZmM2MTkxYzE2NzBlYjUwOGJjYmJkMDkwNDI4ZmEwZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVy39f21p7DAzJ/SZinLVjRJtpQb
z+tSUh74l0VEW6KjdiVX/paByCcX8CfhKsLjEnOSCfKJCoflMiZ2jyjpDiOEoU6t
KYG5Bvop9L9X2cE8/iT0PqR29f+X84ECWvKCXoFWhXGpXb+9AXtAI8TP0zI4XCA0
HFMdWucN9jtNN/y/J/lYhh5KCOcF3pbu1Hv644gnrjURt/fLhg1+M2I1MmRFAZU6
y/jbhLq5L/FEDmt8c+dOb6oK1y363H6xoT1UiBUYopKOH0E/xvJpnmg4nkBD7h1t
9ay+V4AOJg+611LGGOtdCtdPsjCg4GHJN55bpAD8/MF7jD+r+r7s591SDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7JyQ/GGRwWcOtQi8u9CQQo+g+vMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvanNuSkQ4WVpIQlp3NjFDTHk3MEpCQ2o2RDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZ64MA0G
CSqGSIb3DQEBCwUAA4IBAQABu+Cl2CO7lDdutMD+13lT8c2lAaFNjuog141Y8A06
AsUAxzPvv4RsdYT/TEaDB3IgAh8NYlS+OpzsrdprTIoSR3CH43GUkST4t8FN1vs9
oAImvwzGnm0J+M9FUnPu/nrWmIK3nvETKpU+eMrlw7p8hJP7wOZt0pbeirzsCQEb
d/WnfPVyEr+bFvxqFyhGsjJS4rWGq3Hmbk3WGSnRcvBuTYg+hzQhWqvWtHyX76sX
g19EBcm5UMZxC2z4NG3GIo+xPZCf2e1Y3Ut0q19Lv69GCeW9xpTs3C/x2yrtQ/kG
SRk11nNXGjiGUKRBSUzyTVlM/tzar4unJzNrO5mQg+ko
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:58:23 2025 by rpki-client