Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/H2cnGkpHBPqjHRGhcHPHqWhpLu8.roa
File: H2cnGkpHBPqjHRGhcHPHqWhpLu8.roa (raw, json)
Hash identifier: oHqCaOHDy7adycxKsgn/iaFXF2yuhzvyHsMV1zyHAAw=
Subject key identifier: 1F:67:27:1A:4A:47:04:FA:A3:1D:11:A1:70:73:C7:A9:68:69:2E:EF
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 01941F8C1C48B0D50EA907C55749E5B45B89
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/H2cnGkpHBPqjHRGhcHPHqWhpLu8.roa
Signing time: Wed 01 Jan 2025 01:47:43 +0000
ROA not before: Wed 01 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 85.116.28.0/24 maxlen: 24
85.116.29.0/24 maxlen: 24
85.116.30.0/24 maxlen: 24
85.116.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1c:48:b0:d5:0e:a9:07:c5:57:49:e5:b4:5b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Jan 1 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f67271a4a4704faa31d11a17073c7a968692eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ce:53:02:a0:13:49:72:6f:d8:ba:48:47:dd:
7c:6b:d5:6a:75:5a:3e:4c:f1:88:06:86:71:3a:87:
02:55:cc:4e:1c:ee:30:64:77:e5:be:a9:e0:00:83:
16:21:33:e4:7e:8c:67:10:9e:68:39:07:d8:ab:05:
90:db:b3:c4:89:65:dc:91:50:55:19:ed:ae:97:ca:
50:b3:0d:69:70:af:6b:7b:ff:42:f7:d3:ff:92:03:
d5:79:11:88:83:4d:36:e3:9f:01:32:56:e5:df:70:
82:c5:8f:e9:63:70:56:88:cf:9c:43:31:a6:df:38:
26:15:61:40:f5:b6:b7:82:27:74:81:40:50:c0:67:
ae:3d:c5:11:68:b7:e4:e7:fd:1e:e4:a7:80:05:f7:
85:5f:0a:59:d0:91:37:df:b3:5b:b9:6f:52:1a:ac:
63:1a:84:4d:29:dd:de:7c:44:59:7c:b8:fe:59:47:
ee:e1:65:95:11:d4:71:23:ff:e6:8c:2d:12:18:ef:
b6:bf:66:b8:cc:12:13:36:9a:16:4b:46:22:32:d1:
09:15:62:ab:8a:da:5a:bb:51:f9:41:bd:dd:c2:39:
e6:c5:5c:db:c2:13:95:9f:47:0b:64:26:c2:a7:62:
fb:3c:df:f5:25:5d:f6:0e:59:1e:06:92:43:87:cd:
e2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:67:27:1A:4A:47:04:FA:A3:1D:11:A1:70:73:C7:A9:68:69:2E:EF
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/H2cnGkpHBPqjHRGhcHPHqWhpLu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.28.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:c6:1a:0a:4d:af:58:85:9b:cc:80:75:c0:37:49:33:7f:24:
5a:4e:ba:77:07:a6:2c:17:ae:05:a7:da:bb:8b:83:2b:48:c7:
9b:ce:c1:ff:65:9b:33:01:3a:de:73:ae:e2:39:5c:90:dc:8c:
d3:0e:9c:54:bd:5d:e0:d3:d2:6a:b3:94:33:10:e3:02:26:55:
05:7b:e0:ba:00:32:d1:8b:8d:2f:74:68:1a:c2:0e:18:07:e5:
8b:2c:d3:f3:a2:f4:6f:e6:67:d5:b5:1f:cd:6b:d4:07:9f:73:
ff:0f:1d:13:ae:ed:12:fb:39:08:06:06:2a:ca:01:5d:d5:46:
0d:03:cd:e5:ed:a7:8f:ba:49:08:8a:5f:64:77:0b:8e:4d:46:
16:4b:37:26:4f:b0:fd:08:08:53:6c:b0:c1:3c:d9:da:71:68:
e6:ce:a1:c5:3f:11:f7:b2:31:5d:4a:54:65:0b:38:35:f8:6f:
a8:b4:00:10:b7:4c:12:f4:8a:c8:8b:7c:44:16:e4:94:ef:06:
6a:b0:53:67:03:b9:b1:dc:15:40:1c:d1:c4:a5:2b:96:d1:3a:
b8:e5:95:2b:aa:0f:de:ab:a2:5f:27:1c:7b:e8:47:6f:de:92:
3d:49:35:31:49:3a:be:18:86:b4:39:48:0e:39:60:ba:bf:77:
41:09:76:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjBxIsNUOqQfFV0nltFuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjUwMTAxMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY3MjcxYTRhNDcwNGZhYTMxZDExYTE3MDczYzdhOTY4NjkyZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc5TAqATSXJv2LpIR918a9VqdVo+
TPGIBoZxOocCVcxOHO4wZHflvqngAIMWITPkfoxnEJ5oOQfYqwWQ27PEiWXckVBV
Ge2ul8pQsw1pcK9re/9C99P/kgPVeRGIg002458BMlbl33CCxY/pY3BWiM+cQzGm
3zgmFWFA9ba3gid0gUBQwGeuPcURaLfk5/0e5KeABfeFXwpZ0JE337NbuW9SGqxj
GoRNKd3efERZfLj+WUfu4WWVEdRxI//mjC0SGO+2v2a4zBITNpoWS0YiMtEJFWKr
itpau1H5Qb3dwjnmxVzbwhOVn0cLZCbCp2L7PN/1JV32DlkeBpJDh83iUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9nJxpKRwT6ox0RoXBzx6loaS7vMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvSDJjbkdrcEhCUHFqSFJHaGNIUEhxV2hwTHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVXQcMA0G
CSqGSIb3DQEBCwUAA4IBAQAbxhoKTa9YhZvMgHXAN0kzfyRaTrp3B6YsF64Fp9q7
i4MrSMebzsH/ZZszATrec67iOVyQ3IzTDpxUvV3g09Jqs5QzEOMCJlUFe+C6ADLR
i40vdGgawg4YB+WLLNPzovRv5mfVtR/Na9QHn3P/Dx0Tru0S+zkIBgYqygFd1UYN
A83l7aePukkIil9kdwuOTUYWSzcmT7D9CAhTbLDBPNnacWjmzqHFPxH3sjFdSlRl
Czg1+G+otAAQt0wS9IrIi3xEFuSU7wZqsFNnA7mx3BVAHNHEpSuW0Tq45ZUrqg/e
q6JfJxx76Edv3pI9STUxSTq+GIa0OUgOOWC6v3dBCXZC
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:47:14 2025 by rpki-client