Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/4lZvMeffb2D-rfjDW18O9zcC2KM.roa
File: 4lZvMeffb2D-rfjDW18O9zcC2KM.roa (raw, json)
Hash identifier: MqGd63EgMS9hKxIZxB3ViGECYql4dsA5hK34hosRG7o=
Subject key identifier: E2:56:6F:31:E7:DF:6F:60:FE:AD:F8:C3:5B:5F:0E:F7:37:02:D8:A3
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01954330BEA2A76B6FDB76488A304CBC73AE
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/4lZvMeffb2D-rfjDW18O9zcC2KM.roa
Signing time: Wed 26 Feb 2025 16:57:02 +0000
ROA not before: Wed 26 Feb 2025 16:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62300
IP address blocks: 85.8.185.0/24 maxlen: 24
185.184.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:30:be:a2:a7:6b:6f:db:76:48:8a:30:4c:bc:73:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Feb 26 16:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2566f31e7df6f60feadf8c35b5f0ef73702d8a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3a:fe:b9:ac:14:a8:0a:23:1e:97:46:4f:32:
32:37:33:c5:18:b3:ca:f2:52:93:9d:18:ee:98:8c:
f9:31:46:3d:e0:b7:91:35:af:e0:e2:e2:52:fc:be:
5f:41:14:60:a8:7e:07:ee:c6:cb:89:9f:58:9b:1d:
df:a9:a5:e5:ae:5b:c0:06:66:c2:6c:69:67:3d:a5:
62:9c:fd:4a:a8:d4:9e:ed:85:81:27:1c:4e:16:17:
b5:7b:d3:5b:57:7f:49:cd:38:4c:ed:89:4a:3a:b8:
c7:54:e4:b3:41:c1:79:86:38:bd:39:75:8b:b0:ec:
c1:be:07:eb:f1:01:f1:00:d0:6c:b3:ec:18:6c:98:
05:24:b8:f9:aa:27:85:ec:16:40:21:20:79:c0:63:
df:12:0c:3e:da:99:90:9c:13:a4:b0:f8:27:16:4f:
ea:db:0e:fa:d8:fe:31:1f:cb:82:90:7b:19:de:17:
e0:d0:50:61:5f:0c:e0:45:9a:06:ca:51:eb:59:5f:
93:fe:80:6a:69:7f:8d:33:55:67:1b:57:20:92:9c:
ec:0d:5b:74:d2:12:72:a0:37:bc:d8:30:e5:ec:74:
44:e5:7d:6d:0e:07:09:84:d2:1f:d8:1c:c1:02:e5:
34:dc:4d:19:e5:02:f0:a0:4b:c6:53:0c:1e:62:c6:
a3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:56:6F:31:E7:DF:6F:60:FE:AD:F8:C3:5B:5F:0E:F7:37:02:D8:A3
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/4lZvMeffb2D-rfjDW18O9zcC2KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.185.0/24
185.184.53.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0f:96:1e:e2:bb:2c:e7:54:75:ef:79:10:31:d1:35:dc:c6:
14:41:06:d8:9b:4a:7f:d0:b9:6f:67:c6:df:a3:de:60:b0:98:
27:10:e8:16:9c:78:e0:2f:9a:b3:42:cd:e4:a4:4b:1d:b7:62:
85:c3:41:35:a8:f6:44:47:8f:bd:ec:07:ad:c8:eb:7a:22:10:
d9:45:49:95:14:a0:71:72:06:76:bb:1c:8a:68:b2:80:b4:7a:
bc:4c:47:81:ec:c4:30:c5:69:31:91:45:62:47:a2:81:0d:ff:
ef:df:f4:72:41:8a:bd:91:67:c0:f2:ed:23:1d:98:7d:56:7c:
a5:91:30:c8:a6:18:8d:8a:f7:f3:dd:ac:8d:6a:5c:ed:ee:c9:
93:45:99:59:e1:a9:c3:e3:b6:b5:04:c8:1d:91:ba:62:04:1b:
95:81:59:fa:73:6d:f6:d4:21:d9:b5:ba:2d:3b:d9:e2:ed:b1:
64:8e:e8:74:73:07:dc:a4:3c:45:1e:33:a5:95:5e:aa:18:99:
55:20:7c:15:4d:66:db:91:d1:b2:e2:c8:78:5a:a1:8b:ac:76:
58:4d:96:2c:79:0b:82:fb:34:76:69:10:bc:83:8d:1f:f4:f0:
67:c5:87:28:62:02:af:a9:3e:71:e6:e3:a9:ff:e4:b7:87:24:
f5:68:4b:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVDML6ip2tv23ZIijBMvHOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMjI2MTY1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjU2NmYzMWU3ZGY2ZjYwZmVhZGY4YzM1YjVmMGVmNzM3MDJkOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszr+uawUqAojHpdGTzIyNzPFGLPK
8lKTnRjumIz5MUY94LeRNa/g4uJS/L5fQRRgqH4H7sbLiZ9Ymx3fqaXlrlvABmbC
bGlnPaVinP1KqNSe7YWBJxxOFhe1e9NbV39JzThM7YlKOrjHVOSzQcF5hji9OXWL
sOzBvgfr8QHxANBss+wYbJgFJLj5qieF7BZAISB5wGPfEgw+2pmQnBOksPgnFk/q
2w762P4xH8uCkHsZ3hfg0FBhXwzgRZoGylHrWV+T/oBqaX+NM1VnG1cgkpzsDVt0
0hJyoDe82DDl7HRE5X1tDgcJhNIf2BzBAuU03E0Z5QLwoEvGUwweYsajqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOJWbzHn329g/q34w1tfDvc3AtijMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvNGxadk1lZmZiMkQtcmZqRFcxOE85emNDMktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVQi5AwQA
ubg1MA0GCSqGSIb3DQEBCwUAA4IBAQBmD5Ye4rss51R173kQMdE13MYUQQbYm0p/
0LlvZ8bfo95gsJgnEOgWnHjgL5qzQs3kpEsdt2KFw0E1qPZER4+97AetyOt6IhDZ
RUmVFKBxcgZ2uxyKaLKAtHq8TEeB7MQwxWkxkUViR6KBDf/v3/RyQYq9kWfA8u0j
HZh9VnylkTDIphiNivfz3ayNalzt7smTRZlZ4anD47a1BMgdkbpiBBuVgVn6c232
1CHZtbotO9ni7bFkjuh0cwfcpDxFHjOllV6qGJlVIHwVTWbbkdGy4sh4WqGLrHZY
TZYseQuC+zR2aRC8g40f9PBnxYcoYgKvqT5x5uOp/+S3hyT1aEud
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:37:59 2025 by rpki-client