Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/V0lHMTRNh6Z9X9abKSEIj6P9raU.roa
File: V0lHMTRNh6Z9X9abKSEIj6P9raU.roa (raw, json)
Hash identifier: oljkCUdyMsQrd7hyLC/crb+L0ZBGknvkLRO3oauiPiY=
Subject key identifier: 57:49:47:31:34:4D:87:A6:7D:5F:D6:9B:29:21:08:8F:A3:FD:AD:A5
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228DB1BC32E9D2E155767D4850AD2670
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/V0lHMTRNh6Z9X9abKSEIj6P9raU.roa
Signing time: Wed 01 Jan 2025 15:48:18 +0000
ROA not before: Wed 01 Jan 2025 15:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211996
IP address blocks: 85.153.135.0/24 maxlen: 24
85.153.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b1:bc:32:e9:d2:e1:55:76:7d:48:50:ad:26:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57494731344d87a67d5fd69b2921088fa3fdada5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:b9:7d:31:fb:31:c7:4b:3f:83:81:54:39:
fd:1b:fc:bc:a8:00:03:69:5d:b2:28:67:d6:c6:d1:
06:94:17:a1:12:5f:bf:4f:21:c5:5b:ec:60:c8:b4:
30:2d:80:61:20:3d:01:71:91:d6:74:52:64:36:23:
e8:9d:03:84:56:50:bf:dd:81:ef:cd:5e:ae:da:aa:
df:9e:4e:eb:d3:18:6d:ef:bc:2d:02:95:f6:b3:e4:
46:66:b8:58:4b:77:1d:ad:ec:ba:da:ba:be:96:e0:
dc:0e:50:ca:da:4b:aa:b0:6f:4d:46:61:a6:21:88:
5a:64:4f:66:26:75:15:93:d2:89:61:1d:1d:9d:d3:
3f:72:0b:52:b8:30:0b:5c:4f:58:f1:aa:70:8e:32:
36:b8:f5:c0:74:34:29:48:a7:c3:71:66:c5:6a:74:
cd:5c:24:2d:40:b8:ad:9e:dd:9f:bc:41:9c:69:39:
19:04:b6:bd:84:d0:b1:fb:79:2d:11:9b:a8:d3:fd:
59:f8:be:a9:a0:96:8b:4e:57:ec:13:62:8e:dd:b3:
fd:7e:68:49:6e:e6:85:bd:13:cd:7b:fb:13:7c:1f:
f1:40:41:0d:13:89:07:5e:a8:1a:d1:ec:09:7d:5f:
56:21:f5:c4:7a:9e:63:5b:11:0d:bb:12:97:bd:d2:
af:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:49:47:31:34:4D:87:A6:7D:5F:D6:9B:29:21:08:8F:A3:FD:AD:A5
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/V0lHMTRNh6Z9X9abKSEIj6P9raU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.135.0/24
85.153.140.0/24
Signature Algorithm: sha256WithRSAEncryption
88:2a:a2:c3:48:ec:75:10:bb:6e:6e:84:ad:a1:05:87:77:5f:
b8:1e:da:bb:9d:eb:8f:61:90:35:cd:59:d8:34:16:78:62:ab:
d2:ce:14:84:ed:59:21:e0:05:0f:68:35:d2:84:4b:47:c8:a0:
03:ac:05:47:01:62:07:a0:a7:cd:64:43:d3:45:b1:8a:00:4f:
d7:2c:00:0c:4c:ce:5b:1d:19:67:49:7d:0a:bd:88:63:ae:96:
17:e4:d2:35:2f:b0:e6:2d:e1:ce:cc:0e:59:9b:72:1a:4f:ea:
d0:6a:7f:88:ff:17:e3:c6:08:5c:26:5f:3f:a5:83:57:9d:81:
52:82:dd:f6:ea:f9:d6:c6:3e:c6:72:fa:29:b1:b0:8d:72:58:
96:04:72:0d:37:74:db:cf:39:b6:9f:ce:ce:19:41:1e:1a:8c:
95:78:74:28:11:98:28:47:e1:45:91:55:17:d1:96:72:ea:36:
6a:bc:03:a3:09:47:07:88:29:ec:49:c7:84:fe:e2:ff:99:37:
82:ae:f0:87:16:4b:ea:bd:c6:7f:d6:20:7d:22:11:b3:45:ff:
0b:19:3f:11:3f:19:41:9c:1f:f4:41:d8:b4:ea:5d:6e:8b:e0:
40:72:f1:64:5c:12:a4:93:f8:41:9c:d0:13:1d:31:b4:4e:af:
ae:12:58:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijbG8MunS4VV2fUhQrSZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzQ5NDczMTM0NGQ4N2E2N2Q1ZmQ2OWIyOTIxMDg4ZmEzZmRhZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGK5fTH7McdLP4OBVDn9G/y8qAAD
aV2yKGfWxtEGlBehEl+/TyHFW+xgyLQwLYBhID0BcZHWdFJkNiPonQOEVlC/3YHv
zV6u2qrfnk7r0xht77wtApX2s+RGZrhYS3cdrey62rq+luDcDlDK2kuqsG9NRmGm
IYhaZE9mJnUVk9KJYR0dndM/cgtSuDALXE9Y8apwjjI2uPXAdDQpSKfDcWbFanTN
XCQtQLitnt2fvEGcaTkZBLa9hNCx+3ktEZuo0/1Z+L6poJaLTlfsE2KO3bP9fmhJ
buaFvRPNe/sTfB/xQEENE4kHXqga0ewJfV9WIfXEep5jWxENuxKXvdKvpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFdJRzE0TYemfV/WmykhCI+j/a2lMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvVjBsSE1UUk5oNlo5WDlhYktTRUlqNlA5cmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZmHAwQA
VZmMMA0GCSqGSIb3DQEBCwUAA4IBAQCIKqLDSOx1ELtuboStoQWHd1+4Htq7neuP
YZA1zVnYNBZ4YqvSzhSE7Vkh4AUPaDXShEtHyKADrAVHAWIHoKfNZEPTRbGKAE/X
LAAMTM5bHRlnSX0KvYhjrpYX5NI1L7DmLeHOzA5Zm3IaT+rQan+I/xfjxghcJl8/
pYNXnYFSgt326vnWxj7GcvopsbCNcliWBHINN3Tbzzm2n87OGUEeGoyVeHQoEZgo
R+FFkVUX0ZZy6jZqvAOjCUcHiCnsSceE/uL/mTeCrvCHFkvqvcZ/1iB9IhGzRf8L
GT8RPxlBnB/0Qdi06l1ui+BAcvFkXBKkk/hBnNATHTG0Tq+uEliy
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:39:11 2025 by rpki-client