Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/X8FEaa20-Sqz6ws1Uiv4ajF756g.roa
File: X8FEaa20-Sqz6ws1Uiv4ajF756g.roa (raw, json)
Hash identifier: JF44HmA8rgE4h+7cf6oqq4NIaDcoSwH2mguFXFpItlk=
Subject key identifier: 5F:C1:44:69:AD:B4:F9:2A:B3:EB:0B:35:52:2B:F8:6A:31:7B:E7:A8
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5C78E4A7DD9F81E25DF7C81142FF2
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/X8FEaa20-Sqz6ws1Uiv4ajF756g.roa
Signing time: Wed 01 Jan 2025 07:47:48 +0000
ROA not before: Wed 01 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39134
IP address blocks: 85.8.185.0/24 maxlen: 24
185.184.53.0/24 maxlen: 24
193.47.42.0/24 maxlen: 24
193.47.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c7:8e:4a:7d:d9:f8:1e:25:df:7c:81:14:2f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fc14469adb4f92ab3eb0b35522bf86a317be7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4a:c4:af:50:8f:0d:75:9f:6c:71:67:f2:43:
72:8c:82:49:35:04:a1:18:52:1d:a3:9f:09:82:8d:
2f:14:12:ed:80:8f:55:32:cc:37:ef:77:ae:91:d3:
b9:79:8c:fb:64:57:28:ec:17:00:75:a7:99:ed:e7:
36:31:59:35:62:d4:c5:6f:bd:c4:3d:fb:1d:b4:7e:
29:a9:86:e0:67:b9:1b:62:49:eb:64:25:2f:80:f3:
ab:fb:21:c8:d6:65:80:8c:4e:33:5b:00:9d:10:23:
01:da:59:14:e3:03:aa:56:3a:78:61:1d:b5:c5:94:
ab:1a:11:c6:84:ca:bd:b8:6f:3d:ac:a9:58:77:12:
73:85:63:94:77:e1:a9:ac:26:81:cb:d5:53:86:0c:
3c:87:83:1a:be:81:d5:37:dd:cf:a1:9a:cd:01:a7:
e5:c7:9c:34:84:7a:4d:0f:cf:97:3f:cf:c0:3d:de:
b4:bf:6f:37:46:14:ff:03:e3:ae:65:23:cb:ae:c5:
a9:b8:e7:55:c9:c6:28:a7:79:35:44:3f:7c:b6:d2:
f8:7e:47:18:04:3b:11:70:3f:14:42:41:7a:24:0e:
78:e1:d4:ac:16:eb:77:98:1a:5a:99:08:bd:20:be:
78:8c:e5:29:b9:6d:0b:9f:79:ef:42:6f:58:5b:ee:
5d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C1:44:69:AD:B4:F9:2A:B3:EB:0B:35:52:2B:F8:6A:31:7B:E7:A8
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/X8FEaa20-Sqz6ws1Uiv4ajF756g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.185.0/24
185.184.53.0/24
193.47.42.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:6d:00:c8:77:8d:6e:a6:0d:36:a1:ca:a2:b7:96:37:87:6f:
33:6c:f0:21:f8:62:88:bf:ea:74:93:0f:86:00:0a:dd:b6:ac:
c6:2a:51:26:97:64:5a:40:ad:43:69:db:cc:73:0a:9e:ca:90:
a8:10:79:80:e2:ca:85:bd:97:7d:d5:70:13:4b:ba:fb:9e:b4:
15:d6:6f:b2:0f:d0:93:80:fa:41:04:5b:e3:83:5d:2e:85:ba:
72:d7:f4:87:cc:5f:5b:a5:82:ae:cb:dc:37:8c:7e:b6:33:e5:
7e:6f:c4:78:6f:a8:da:b4:ac:7a:e5:11:db:16:9a:1a:a4:ae:
d2:99:bb:7c:17:e9:03:ac:31:66:ef:d6:5e:89:07:eb:5c:45:
bf:73:61:9e:8b:0d:d7:8d:2d:09:c7:d1:b0:b5:6a:5f:17:2c:
8a:87:34:06:22:89:c5:ba:ea:f9:ea:d1:6d:c9:b4:db:51:56:
82:1e:8d:a0:17:3a:3a:ae:cd:24:c7:b9:bd:42:af:33:ef:52:
03:25:46:3a:cb:fa:c0:07:d4:0d:91:2f:3a:76:4b:27:fd:f5:
d1:1e:e9:17:18:e3:d8:fe:18:c6:31:de:12:e0:c0:4a:66:c7:
37:7d:84:a4:73:72:35:83:88:c6:13:71:d1:dc:88:fe:0c:71:
95:12:c4:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1ceOSn3Z+B4l33yBFC/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmMxNDQ2OWFkYjRmOTJhYjNlYjBiMzU1MjJiZjg2YTMxN2JlN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30rEr1CPDXWfbHFn8kNyjIJJNQSh
GFIdo58Jgo0vFBLtgI9VMsw373eukdO5eYz7ZFco7BcAdaeZ7ec2MVk1YtTFb73E
PfsdtH4pqYbgZ7kbYknrZCUvgPOr+yHI1mWAjE4zWwCdECMB2lkU4wOqVjp4YR21
xZSrGhHGhMq9uG89rKlYdxJzhWOUd+GprCaBy9VThgw8h4MavoHVN93PoZrNAafl
x5w0hHpND8+XP8/APd60v283RhT/A+OuZSPLrsWpuOdVycYop3k1RD98ttL4fkcY
BDsRcD8UQkF6JA544dSsFut3mBpamQi9IL54jOUpuW0Ln3nvQm9YW+5dIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF/BRGmttPkqs+sLNVIr+Goxe+eoMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvWDhGRWFhMjAtU3F6NndzMVVpdjRhakY3NTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVQi5AwQA
ubg1AwQBwS8qMA0GCSqGSIb3DQEBCwUAA4IBAQA9bQDId41upg02ocqit5Y3h28z
bPAh+GKIv+p0kw+GAArdtqzGKlEml2RaQK1DadvMcwqeypCoEHmA4sqFvZd91XAT
S7r7nrQV1m+yD9CTgPpBBFvjg10uhbpy1/SHzF9bpYKuy9w3jH62M+V+b8R4b6ja
tKx65RHbFpoapK7Smbt8F+kDrDFm79ZeiQfrXEW/c2Geiw3XjS0Jx9GwtWpfFyyK
hzQGIonFuur56tFtybTbUVaCHo2gFzo6rs0kx7m9Qq8z71IDJUY6y/rAB9QNkS86
dksn/fXRHukXGOPY/hjGMd4S4MBKZsc3fYSkc3I1g4jGE3HR3Ij+DHGVEsRX
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:58:10 2025 by rpki-client