Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/8dBpzydREJ1oZE53NssBk-gVBS0.roa
File: 8dBpzydREJ1oZE53NssBk-gVBS0.roa (raw, json)
Hash identifier: k9xLfQtMw41BuiwtGd1AdNQy+Z6g+sTI8hIyAld5n6E=
Subject key identifier: F1:D0:69:CF:27:51:10:9D:68:64:4E:77:36:CB:01:93:E8:15:05:2D
Certificate issuer: /CN=64347465bc925c8e756ddfaa609eda02cc52d031
Certificate serial: 018F351AAF73130191D63618EB6F378C9699
Authority key identifier: 64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/8dBpzydREJ1oZE53NssBk-gVBS0.roa
Signing time: Wed 01 May 2024 17:01:32 +0000
ROA not before: Wed 01 May 2024 17:01:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60858
IP address blocks: 85.114.120.0/24 maxlen: 24
85.114.121.0/24 maxlen: 24
185.97.66.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:35:1a:af:73:13:01:91:d6:36:18:eb:6f:37:8c:96:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64347465bc925c8e756ddfaa609eda02cc52d031
Validity
Not Before: May 1 17:01:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1d069cf2751109d68644e7736cb0193e815052d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:90:33:f1:63:2c:82:0c:6b:51:e2:61:e2:2e:
2a:8b:c3:a4:db:ec:09:76:3c:f8:3d:fa:f6:03:ff:
15:71:41:61:25:57:c7:92:4c:76:2b:2c:38:c7:99:
21:b8:af:7f:71:eb:1c:65:8f:05:a3:a7:30:7c:c0:
d0:0d:56:fd:b5:5e:03:b6:13:41:86:f1:86:69:a7:
cc:2d:7a:b6:3e:25:79:60:22:d7:b0:96:69:a5:fc:
9f:16:9d:b5:bf:c7:96:54:70:2b:af:b0:2a:80:25:
5c:7d:e1:0b:99:11:c5:25:99:52:58:8d:c1:11:5e:
23:b3:0e:a4:58:81:fd:87:a5:96:25:a8:80:6d:0e:
63:99:33:85:4b:01:94:24:fb:45:62:da:b6:99:a0:
81:31:1f:32:5d:51:aa:e2:ab:ad:49:da:21:81:d2:
6c:a4:4a:00:51:02:74:6c:32:47:a5:ba:00:83:28:
1f:e0:78:3e:07:24:35:85:40:6a:2e:94:01:11:29:
8f:d3:16:a6:a5:70:3a:74:0f:9f:2a:20:55:e7:95:
60:b0:60:51:3d:10:95:6b:10:d8:59:12:aa:fb:dc:
25:77:94:58:c6:6c:bb:a4:4d:e5:fe:3f:7e:dd:b1:
35:9b:67:f2:95:7a:47:76:01:b8:ed:d1:1c:95:34:
ff:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D0:69:CF:27:51:10:9D:68:64:4E:77:36:CB:01:93:E8:15:05:2D
X509v3 Authority Key Identifier:
keyid:64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/8dBpzydREJ1oZE53NssBk-gVBS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.120.0/23
185.97.66.0/23
Signature Algorithm: sha256WithRSAEncryption
22:68:87:45:ea:58:56:55:ca:c7:30:49:1d:cd:a9:3c:be:f5:
f0:3b:df:e8:77:d3:7e:b9:26:0f:71:6b:82:c3:b6:4c:de:d4:
91:1d:06:3d:c1:54:26:1a:89:de:6d:b9:78:a7:27:18:ac:7e:
dd:ee:6b:18:ef:c0:4d:26:55:6b:76:00:4d:a0:d3:d9:b5:8a:
4b:42:02:f8:62:c3:82:0f:0a:52:c4:b1:b5:92:e6:dc:d5:64:
a8:36:10:b1:f1:d2:76:bd:9f:36:71:1e:9a:f9:3a:d6:e7:47:
68:c6:ec:e6:9f:08:39:4b:d8:65:a0:ee:85:3e:f8:e2:8a:0c:
e5:f6:97:10:21:a8:5f:e0:f1:ab:bb:cd:ac:a2:e2:a2:fc:9b:
e4:ea:39:37:d2:3a:ee:22:f6:77:3e:10:45:66:98:ef:0f:19:
ec:a5:6e:70:38:d0:d5:f4:4b:1f:19:6e:c6:71:a9:e9:7d:f8:
fb:f2:34:d0:91:87:8d:b5:8a:29:2a:07:3a:b7:18:b0:ff:50:
24:84:ff:6b:ea:20:b8:7f:ab:5f:49:8f:80:52:e6:69:4b:c7:
dc:b7:56:f9:0e:99:bc:aa:ea:ff:18:62:82:45:fe:a0:9a:e4:
12:87:36:ea:00:1f:be:8d:30:fb:c0:d9:50:17:a9:bf:88:7f:
c1:c7:1e:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY81Gq9zEwGR1jYY6283jJaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzQ3NDY1YmM5MjVjOGU3NTZkZGZhYTYwOWVkYTAyY2M1
MmQwMzEwHhcNMjQwNTAxMTcwMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQwNjljZjI3NTExMDlkNjg2NDRlNzczNmNiMDE5M2U4MTUwNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9pAz8WMsggxrUeJh4i4qi8Ok2+wJ
djz4Pfr2A/8VcUFhJVfHkkx2Kyw4x5khuK9/cescZY8Fo6cwfMDQDVb9tV4DthNB
hvGGaafMLXq2PiV5YCLXsJZppfyfFp21v8eWVHArr7AqgCVcfeELmRHFJZlSWI3B
EV4jsw6kWIH9h6WWJaiAbQ5jmTOFSwGUJPtFYtq2maCBMR8yXVGq4qutSdohgdJs
pEoAUQJ0bDJHpboAgygf4Hg+ByQ1hUBqLpQBESmP0xampXA6dA+fKiBV55VgsGBR
PRCVaxDYWRKq+9wld5RYxmy7pE3l/j9+3bE1m2fylXpHdgG47dEclTT/4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPHQac8nURCdaGROdzbLAZPoFQUtMB8GA1UdIwQY
MBaAFGQ0dGW8klyOdW3fqmCe2gLMUtAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQt
YzBhN2I3Mzc3ZWFiLzEvOGRCcHp5ZFJFSjFvWkU1M05zc0JrLWdWQlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQtYzBhN2I3Mzc3ZWFi
LzEvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVXJ4AwQB
uWFCMA0GCSqGSIb3DQEBCwUAA4IBAQAiaIdF6lhWVcrHMEkdzak8vvXwO9/od9N+
uSYPcWuCw7ZM3tSRHQY9wVQmGonebbl4pycYrH7d7msY78BNJlVrdgBNoNPZtYpL
QgL4YsOCDwpSxLG1kubc1WSoNhCx8dJ2vZ82cR6a+TrW50doxuzmnwg5S9hloO6F
Pvjiigzl9pcQIahf4PGru82souKi/Jvk6jk30jruIvZ3PhBFZpjvDxnspW5wONDV
9EsfGW7Gcanpffj78jTQkYeNtYopKgc6txiw/1AkhP9r6iC4f6tfSY+AUuZpS8fc
t1b5Dpm8qur/GGKCRf6gmuQShzbqAB++jTD7wNlQF6m/iH/Bxx6A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:22 2024 by rpki-client on console-fra.rpki-client.org