Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/cC81DnwEjoaOoCfC5zH7ZNmy7Ig.roa
File: cC81DnwEjoaOoCfC5zH7ZNmy7Ig.roa (raw, json)
Hash identifier: +IkfhMpSnL6Neb/SldOS0fmec7gLDHuqEzjINlBPtfw=
Subject key identifier: 70:2F:35:0E:7C:04:8E:86:8E:A0:27:C2:E7:31:FB:64:D9:B2:EC:88
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 0194236A27F1C55D74F4B166627DF40B8118
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/cC81DnwEjoaOoCfC5zH7ZNmy7Ig.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34443
IP address blocks: 85.248.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:27:f1:c5:5d:74:f4:b1:66:62:7d:f4:0b:81:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=702f350e7c048e868ea027c2e731fb64d9b2ec88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e1:1e:94:b1:48:8f:27:d8:a0:c6:f5:51:7c:
b0:32:27:ba:99:6f:da:11:a3:c1:ff:cd:fa:89:35:
c2:aa:a6:46:2b:f9:7f:88:b8:19:9f:9b:10:85:6f:
ba:8d:e6:c9:0d:02:22:3a:c0:ad:b0:69:37:2f:fb:
6b:19:9d:09:99:b0:76:96:03:71:0d:ad:e4:9d:94:
8d:d7:13:2a:07:54:ac:b8:bc:fe:69:b1:f6:b9:14:
7d:10:48:f8:d5:54:e8:4c:1e:4c:4a:94:fd:c6:25:
c9:f1:ed:46:bf:54:55:1f:cf:9c:65:cc:3e:e1:3d:
14:5f:21:18:65:a9:5e:40:03:a0:6e:2d:b7:73:f8:
bf:97:c3:e4:cd:c6:ae:7f:ae:41:5f:c1:a2:78:5f:
80:14:8b:4b:0c:85:df:dd:e1:f1:a6:22:fb:8f:7f:
60:df:6b:05:96:59:a5:06:5a:97:de:a8:7c:e2:80:
f2:ce:2c:58:33:09:40:02:2c:ea:d8:c9:e7:f5:22:
ff:c6:e5:31:d1:75:51:54:1a:73:c5:bf:7f:0b:82:
b9:68:57:bb:18:93:25:58:db:75:35:b0:51:a7:57:
06:de:52:bc:c8:8b:a9:20:77:64:e6:79:d0:95:1e:
43:bc:26:52:8f:64:e0:28:b4:a0:5b:fa:4e:a8:b7:
53:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:2F:35:0E:7C:04:8E:86:8E:A0:27:C2:E7:31:FB:64:D9:B2:EC:88
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/cC81DnwEjoaOoCfC5zH7ZNmy7Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.248.235.0/24
Signature Algorithm: sha256WithRSAEncryption
46:12:0c:db:0f:fe:5a:b9:15:bf:2f:07:c7:47:57:39:23:47:
c5:ba:e3:fb:27:35:a0:3c:d4:d3:31:c4:89:60:f5:f8:1e:91:
7f:73:37:7a:b5:5c:f3:00:71:c3:69:db:3b:7f:69:97:88:10:
91:a5:b7:62:5d:d0:85:1c:5c:31:41:f9:10:76:ee:29:cd:6c:
57:e9:50:b1:09:30:ff:36:73:b1:80:f5:90:d1:42:4f:77:6a:
73:86:68:be:a9:6b:eb:20:75:fe:cd:8d:0b:6b:0f:de:b9:c2:
84:a4:f6:7b:cf:bd:1c:a9:67:a3:b4:49:41:5e:bf:dd:77:0a:
f0:21:d6:8d:0b:90:18:7e:f6:63:7a:83:19:82:c7:fa:35:b0:
71:a7:3b:a7:47:a7:0f:1f:50:e3:90:fb:7e:59:0a:5c:ea:2b:
3e:87:ab:6f:eb:c6:bb:c2:d8:93:f0:fe:34:ef:3f:ab:89:f6:
45:68:18:82:5b:0e:eb:b9:40:0f:43:2d:4b:fd:49:6a:4a:66:
2e:0b:de:35:f4:14:16:6b:40:ba:d3:f8:49:de:0c:56:bf:df:
16:43:ee:e3:a1:45:22:c1:c5:c2:9c:98:a5:d1:dd:1e:6c:1d:
1b:95:b0:bc:6d:3a:85:80:99:58:fb:5e:99:8f:cc:b0:45:ab:
82:c3:57:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaifxxV109LFmYn30C4EYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDJmMzUwZTdjMDQ4ZTg2OGVhMDI3YzJlNzMxZmI2NGQ5YjJlYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+EelLFIjyfYoMb1UXywMie6mW/a
EaPB/836iTXCqqZGK/l/iLgZn5sQhW+6jebJDQIiOsCtsGk3L/trGZ0JmbB2lgNx
Da3knZSN1xMqB1SsuLz+abH2uRR9EEj41VToTB5MSpT9xiXJ8e1Gv1RVH8+cZcw+
4T0UXyEYZaleQAOgbi23c/i/l8Pkzcauf65BX8GieF+AFItLDIXf3eHxpiL7j39g
32sFllmlBlqX3qh84oDyzixYMwlAAizq2Mnn9SL/xuUx0XVRVBpzxb9/C4K5aFe7
GJMlWNt1NbBRp1cG3lK8yIupIHdk5nnQlR5DvCZSj2TgKLSgW/pOqLdT3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHAvNQ58BI6GjqAnwucx+2TZsuyIMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvY0M4MURud0Vqb2FPb0NmQzV6SDdaTm15N0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVfjrMA0G
CSqGSIb3DQEBCwUAA4IBAQBGEgzbD/5auRW/LwfHR1c5I0fFuuP7JzWgPNTTMcSJ
YPX4HpF/czd6tVzzAHHDads7f2mXiBCRpbdiXdCFHFwxQfkQdu4pzWxX6VCxCTD/
NnOxgPWQ0UJPd2pzhmi+qWvrIHX+zY0Law/eucKEpPZ7z70cqWejtElBXr/ddwrw
IdaNC5AYfvZjeoMZgsf6NbBxpzunR6cPH1DjkPt+WQpc6is+h6tv68a7wtiT8P40
7z+rifZFaBiCWw7ruUAPQy1L/UlqSmYuC9419BQWa0C60/hJ3gxWv98WQ+7joUUi
wcXCnJil0d0ebB0blbC8bTqFgJlY+16Zj8ywRauCw1e0
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:28 2025 by rpki-client