Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/EpEgl8Kxd-dO1NZhOt33LvZOYlg.roa
File: EpEgl8Kxd-dO1NZhOt33LvZOYlg.roa (raw, json)
Hash identifier: 0vp1MG0L7d2i28gtDwHNw1p2q1MYdW3zyzFTZSJxrwM=
Subject key identifier: 12:91:20:97:C2:B1:77:E7:4E:D4:D6:61:3A:DD:F7:2E:F6:4E:62:58
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 0194236A3052813A899568F73BBC9F0A2C7F
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/EpEgl8Kxd-dO1NZhOt33LvZOYlg.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200055
IP address blocks: 85.248.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:30:52:81:3a:89:95:68:f7:3b:bc:9f:0a:2c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12912097c2b177e74ed4d6613addf72ef64e6258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f7:66:bf:b2:33:c7:bb:51:05:0c:32:ed:d9:
ea:af:1e:6c:1c:1e:c3:e4:2a:9c:c1:52:0f:71:85:
fd:02:2d:27:73:02:2d:70:ab:0f:f4:7b:24:7f:ec:
12:6e:0e:bf:11:11:29:5e:6f:79:2d:de:73:27:52:
44:7a:59:6c:f1:ad:db:6f:a8:37:09:bf:9b:b2:99:
bb:f8:d0:80:31:88:49:36:1a:c3:e5:e7:86:71:d9:
04:eb:7c:0e:c0:ff:1e:1d:81:15:82:1a:7b:08:37:
d5:9e:0a:a4:a0:09:74:86:d9:4a:1d:14:12:75:12:
38:32:e3:eb:ce:81:88:c7:cf:6e:dd:ef:fb:9d:b7:
9c:44:0a:ff:9b:43:72:61:13:e9:a0:f1:23:f3:5b:
9b:2a:c9:5f:2e:68:1f:7f:38:e3:18:a0:61:37:7a:
30:2b:82:a7:07:9d:97:e2:d0:76:ae:ed:36:64:c5:
0a:f0:e2:1a:f0:b6:31:01:48:62:8e:74:a0:16:3d:
aa:ab:f2:24:d9:c2:92:73:9b:64:f1:62:fd:cc:fc:
bc:6c:89:99:75:55:d0:8a:a5:1b:c5:85:89:d8:d8:
1f:34:de:5f:f2:14:f9:cd:dc:dd:f5:5b:02:8a:63:
26:3e:f4:58:22:eb:b8:bd:e4:09:b1:42:7b:1d:cf:
68:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:91:20:97:C2:B1:77:E7:4E:D4:D6:61:3A:DD:F7:2E:F6:4E:62:58
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/EpEgl8Kxd-dO1NZhOt33LvZOYlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.248.249.0/24
Signature Algorithm: sha256WithRSAEncryption
57:30:12:e8:90:ba:1b:ed:8d:c1:5e:46:5f:b8:c5:e6:1f:6e:
85:82:6b:16:d8:13:6f:33:14:68:e3:0a:13:cb:1e:f9:02:38:
50:17:7c:93:04:11:5f:b3:89:fb:27:be:0e:cc:ff:d5:72:74:
0b:d9:79:38:9a:02:d2:d3:ec:56:fc:56:c8:a1:9c:32:2e:04:
68:c1:bd:c8:84:a6:95:0c:2e:81:1b:be:de:da:9f:6f:76:f7:
5c:5f:f0:37:2c:65:ec:be:55:4d:f5:d3:3c:54:45:5c:56:17:
76:ad:4d:a1:97:e0:f9:00:af:50:3a:7d:fa:67:71:8d:22:28:
d4:da:c7:6d:43:49:d7:82:17:2c:90:6d:6b:a2:a9:92:2a:6f:
c2:59:9c:ff:c4:c7:a5:7a:3f:5b:17:80:72:df:a2:29:8d:13:
be:28:dd:2e:b3:b6:c4:b5:9a:5c:0c:0e:8f:46:ea:bb:dd:4c:
f6:55:67:a0:58:a1:d6:40:31:5a:4d:7b:c5:88:a1:a1:98:26:
b6:97:4e:73:49:1d:f1:56:70:58:28:f2:26:c4:28:bb:f4:74:
18:59:5c:77:09:e4:66:6e:87:8d:bb:54:4c:64:75:55:b6:ba:
c1:07:78:6c:1d:fc:bd:79:97:5e:24:fc:77:e8:c9:ce:e4:66:
a5:86:f2:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajBSgTqJlWj3O7yfCix/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjkxMjA5N2MyYjE3N2U3NGVkNGQ2NjEzYWRkZjcyZWY2NGU2MjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvdmv7Izx7tRBQwy7dnqrx5sHB7D
5CqcwVIPcYX9Ai0ncwItcKsP9Hskf+wSbg6/EREpXm95Ld5zJ1JEells8a3bb6g3
Cb+bspm7+NCAMYhJNhrD5eeGcdkE63wOwP8eHYEVghp7CDfVngqkoAl0htlKHRQS
dRI4MuPrzoGIx89u3e/7nbecRAr/m0NyYRPpoPEj81ubKslfLmgffzjjGKBhN3ow
K4KnB52X4tB2ru02ZMUK8OIa8LYxAUhijnSgFj2qq/Ik2cKSc5tk8WL9zPy8bImZ
dVXQiqUbxYWJ2NgfNN5f8hT5zdzd9VsCimMmPvRYIuu4veQJsUJ7Hc9oYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBKRIJfCsXfnTtTWYTrd9y72TmJYMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvRXBFZ2w4S3hkLWRPMU5aaE90MzNMdlpPWWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVfj5MA0G
CSqGSIb3DQEBCwUAA4IBAQBXMBLokLob7Y3BXkZfuMXmH26FgmsW2BNvMxRo4woT
yx75AjhQF3yTBBFfs4n7J74OzP/VcnQL2Xk4mgLS0+xW/FbIoZwyLgRowb3IhKaV
DC6BG77e2p9vdvdcX/A3LGXsvlVN9dM8VEVcVhd2rU2hl+D5AK9QOn36Z3GNIijU
2sdtQ0nXghcskG1roqmSKm/CWZz/xMelej9bF4By36IpjRO+KN0us7bEtZpcDA6P
Ruq73Uz2VWegWKHWQDFaTXvFiKGhmCa2l05zSR3xVnBYKPImxCi79HQYWVx3CeRm
boeNu1RMZHVVtrrBB3hsHfy9eZdeJPx36MnO5GalhvLQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:49 2025 by rpki-client