Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/jio6jEY5B8BXZ8p890vxk3E3x7M.roa
File: jio6jEY5B8BXZ8p890vxk3E3x7M.roa (raw, json)
Hash identifier: vfQG/IH0WguU8YSNyeCx2kD2zKSNFEUzJddXH6WIK6o=
Subject key identifier: 8E:2A:3A:8C:46:39:07:C0:57:67:CA:7C:F7:4B:F1:93:71:37:C7:B3
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 0194236A2DCCA1E83DA3021B75F13876DE6F
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/jio6jEY5B8BXZ8p890vxk3E3x7M.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48473
IP address blocks: 85.248.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2d:cc:a1:e8:3d:a3:02:1b:75:f1:38:76:de:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e2a3a8c463907c05767ca7cf74bf1937137c7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8e:f8:89:1c:3a:e1:e0:f0:d2:24:7d:95:d9:
ab:0a:7f:62:c0:20:84:cf:31:35:dc:93:03:55:20:
f8:24:2f:6e:01:e5:e9:33:df:a8:95:72:36:e5:0a:
4e:bf:cc:79:f2:43:6b:1b:76:c7:2f:e2:3b:a6:39:
68:3c:bf:de:13:67:2c:6c:11:cd:70:e8:78:22:18:
d1:63:24:dc:fc:99:65:4c:cc:45:ae:4d:22:97:98:
8b:3e:2a:34:2c:83:c6:3e:4c:36:2f:2c:d5:25:0d:
d3:34:d9:91:17:8f:75:0f:56:0b:58:39:08:33:7c:
d6:92:17:6c:04:25:eb:d6:dd:7c:43:e0:2c:28:90:
30:cc:58:b0:8f:44:97:9e:69:b2:c0:71:17:e2:f3:
83:f7:26:51:bc:91:db:be:8f:7c:49:87:12:e3:73:
ca:ec:0c:26:96:e2:65:a5:10:a7:ee:e1:4a:73:84:
e6:ec:46:cd:cd:98:92:cc:0b:0e:1a:58:3b:7b:5e:
7b:b2:e0:24:81:62:ca:c6:7e:5b:0e:24:a2:26:da:
41:e4:9d:19:6a:d7:51:ab:f9:e9:db:f3:84:8b:1a:
a8:4f:31:4d:a9:1e:6d:40:88:eb:a8:41:3a:10:0e:
1f:78:0f:a0:a2:c5:c0:ce:9e:73:aa:d3:10:0a:87:
ed:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2A:3A:8C:46:39:07:C0:57:67:CA:7C:F7:4B:F1:93:71:37:C7:B3
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/jio6jEY5B8BXZ8p890vxk3E3x7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.248.152.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:27:ae:aa:4f:fa:d7:38:70:ba:48:26:e8:a5:a2:c1:be:78:
e7:e5:4d:9d:2f:67:0d:db:0d:07:9f:fa:36:3a:8d:8a:1b:fa:
d5:f0:74:ff:fa:53:07:c3:4c:8a:87:41:a9:21:80:9a:e7:a3:
2f:7a:e2:12:21:c3:ed:71:14:9b:da:2f:a4:b3:96:89:1e:63:
fb:68:a4:c6:6a:fa:94:74:fd:3c:80:48:9f:e8:67:0a:10:cd:
be:28:1b:f8:77:61:06:69:ab:2c:a7:a5:a0:9a:c4:a6:43:65:
d8:8a:de:5f:4d:c8:10:02:ab:63:0a:de:74:83:43:73:06:a8:
f4:28:bf:2a:8e:85:54:de:6c:e3:95:d6:f9:89:e9:2a:24:11:
29:f7:2a:9c:b0:f1:68:cc:ef:04:21:8b:44:63:b1:1d:9d:e1:
a5:50:49:e6:38:1e:14:74:d7:46:0a:51:d0:47:99:29:34:e4:
23:75:bb:cc:9e:57:39:13:27:df:8c:29:1a:d0:f3:35:23:85:
2f:3b:24:d7:4c:74:3d:c3:fb:16:d6:b6:31:d6:29:b9:1a:ea:
c3:6c:df:5f:cd:42:14:a2:b4:22:d8:a4:1e:a2:12:05:ef:c4:
47:8a:f6:c2:51:1e:61:70:63:98:b4:ae:38:7a:c8:e9:c4:cb:
ef:8a:7b:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjai3Moeg9owIbdfE4dt5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTJhM2E4YzQ2MzkwN2MwNTc2N2NhN2NmNzRiZjE5MzcxMzdjN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo74iRw64eDw0iR9ldmrCn9iwCCE
zzE13JMDVSD4JC9uAeXpM9+olXI25QpOv8x58kNrG3bHL+I7pjloPL/eE2csbBHN
cOh4IhjRYyTc/JllTMxFrk0il5iLPio0LIPGPkw2LyzVJQ3TNNmRF491D1YLWDkI
M3zWkhdsBCXr1t18Q+AsKJAwzFiwj0SXnmmywHEX4vOD9yZRvJHbvo98SYcS43PK
7AwmluJlpRCn7uFKc4Tm7EbNzZiSzAsOGlg7e157suAkgWLKxn5bDiSiJtpB5J0Z
atdRq/np2/OEixqoTzFNqR5tQIjrqEE6EA4feA+gosXAzp5zqtMQCoftBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4qOoxGOQfAV2fKfPdL8ZNxN8ezMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvamlvNmpFWTVCOEJYWjhwODkwdnhrM0UzeDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVfiYMA0G
CSqGSIb3DQEBCwUAA4IBAQBuJ66qT/rXOHC6SCbopaLBvnjn5U2dL2cN2w0Hn/o2
Oo2KG/rV8HT/+lMHw0yKh0GpIYCa56MveuISIcPtcRSb2i+ks5aJHmP7aKTGavqU
dP08gEif6GcKEM2+KBv4d2EGaassp6WgmsSmQ2XYit5fTcgQAqtjCt50g0NzBqj0
KL8qjoVU3mzjldb5iekqJBEp9yqcsPFozO8EIYtEY7EdneGlUEnmOB4UdNdGClHQ
R5kpNOQjdbvMnlc5EyffjCka0PM1I4UvOyTXTHQ9w/sW1rYx1im5GurDbN9fzUIU
orQi2KQeohIF78RHivbCUR5hcGOYtK44esjpxMvvinuD
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:49 2025 by rpki-client