Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/r-imVOZ1MKVCPTmznPktWbUEqW8.roa
File: r-imVOZ1MKVCPTmznPktWbUEqW8.roa (raw, json)
Hash identifier: cRIVP2Lam6u4TX8QNidArFda2a92J/ptBDkcqev/q4k=
Subject key identifier: AF:E8:A6:54:E6:75:30:A5:42:3D:39:B3:9C:F9:2D:59:B5:04:A9:6F
Certificate issuer: /CN=3b477a62607fb94c8e23b5a062c78d93df9cbd69
Certificate serial: 019423D7D6B926AB9CC3D3DBD00D562F17AE
Authority key identifier: 3B:47:7A:62:60:7F:B9:4C:8E:23:B5:A0:62:C7:8D:93:DF:9C:BD:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0d6YmB_uUyOI7WgYseNk9-cvWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/r-imVOZ1MKVCPTmznPktWbUEqW8.roa
Signing time: Wed 01 Jan 2025 21:48:55 +0000
ROA not before: Wed 01 Jan 2025 21:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57495
IP address blocks: 85.158.220.0/24 maxlen: 24
85.158.221.0/24 maxlen: 24
91.231.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d6:b9:26:ab:9c:c3:d3:db:d0:0d:56:2f:17:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b477a62607fb94c8e23b5a062c78d93df9cbd69
Validity
Not Before: Jan 1 21:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afe8a654e67530a5423d39b39cf92d59b504a96f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9f:19:1e:0f:4f:97:61:ef:36:31:89:0e:24:
1f:7d:61:8a:1e:ac:8a:7c:fa:d2:62:70:8a:9b:84:
3c:cd:1e:e9:fa:d3:41:68:65:37:d8:d0:2e:e4:66:
d9:38:c8:5f:f1:47:cd:03:67:3f:83:78:95:e4:61:
69:6d:91:5c:65:e4:07:22:af:32:3b:9f:b3:5a:7e:
2f:87:04:36:1d:09:62:d7:70:3c:e4:c4:16:a5:cc:
44:46:9d:15:b9:81:41:08:12:9e:ef:ea:b4:ce:dc:
8c:29:bf:96:31:7d:3a:a9:76:ff:bd:cb:2e:06:9f:
31:d4:b6:d0:d6:d8:86:dd:3a:c9:b7:f9:a1:7b:9f:
f0:56:dc:e6:cb:0f:8a:f6:7c:4f:da:f0:59:0d:42:
67:67:51:ff:a4:3d:0b:83:3c:9c:af:71:26:d2:9a:
05:73:ec:e2:b3:12:3c:1c:ef:2b:f2:a9:be:4e:25:
90:84:78:86:bc:14:92:7e:85:32:36:59:8c:32:e6:
c7:0e:dd:6c:74:8d:66:13:d9:51:4d:34:c1:e4:42:
ff:1f:d4:02:6b:71:47:ed:5c:66:87:d5:b0:02:e6:
f6:e8:9d:37:13:f9:76:b1:30:37:59:43:a9:4f:f9:
d6:07:a4:cf:c9:66:44:82:eb:3a:eb:7e:18:bf:59:
0e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E8:A6:54:E6:75:30:A5:42:3D:39:B3:9C:F9:2D:59:B5:04:A9:6F
X509v3 Authority Key Identifier:
keyid:3B:47:7A:62:60:7F:B9:4C:8E:23:B5:A0:62:C7:8D:93:DF:9C:BD:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0d6YmB_uUyOI7WgYseNk9-cvWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/r-imVOZ1MKVCPTmznPktWbUEqW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/O0d6YmB_uUyOI7WgYseNk9-cvWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.220.0/23
91.231.0.0/24
Signature Algorithm: sha256WithRSAEncryption
40:f7:1a:e3:2a:28:bc:b3:50:58:12:c5:12:a7:cf:7f:fa:0a:
b9:fa:0d:af:71:7f:f2:71:f1:bb:39:c7:b1:8b:de:77:fa:f7:
11:20:4e:ef:9f:06:13:c1:0e:98:3b:70:0c:68:b4:fb:03:99:
ff:98:18:e7:ea:fb:62:23:a5:c3:a2:4a:f7:2a:23:60:70:65:
65:de:c5:4a:df:dd:96:f8:b5:3f:b4:d7:db:10:a1:5c:34:d3:
c3:7e:f7:ff:8b:6c:f1:78:f9:ad:5a:8e:a9:dd:44:ed:01:f6:
5b:a7:77:62:97:20:04:7d:dc:98:c3:a6:0c:7a:4e:08:6d:18:
41:6c:e6:0e:1f:d0:f2:eb:30:a3:11:47:8c:6a:c8:f7:0b:dc:
08:ef:72:2c:cc:4d:54:9e:9a:a0:64:eb:65:19:85:9a:48:8f:
4c:dc:92:b9:9a:b8:2d:50:bb:cb:0a:d4:60:22:78:f2:15:39:
ca:b2:0a:e3:42:ec:a8:e7:c5:a2:6c:da:19:73:3f:1c:fc:b5:
68:21:f9:07:de:d8:2a:3e:d3:1b:d3:1f:fb:a5:21:39:0e:f0:
a4:ce:88:e5:c3:fb:df:e4:34:60:3e:d4:80:f5:e5:b7:64:b7:
e3:08:3f:5a:c2:d2:b8:1d:78:62:5f:49:9a:c2:51:32:f5:bc:
26:e0:e6:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj19a5Jqucw9Pb0A1WLxeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc3YTYyNjA3ZmI5NGM4ZTIzYjVhMDYyYzc4ZDkzZGY5
Y2JkNjkwHhcNMjUwMTAxMjE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmU4YTY1NGU2NzUzMGE1NDIzZDM5YjM5Y2Y5MmQ1OWI1MDRhOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA258ZHg9Pl2HvNjGJDiQffWGKHqyK
fPrSYnCKm4Q8zR7p+tNBaGU32NAu5GbZOMhf8UfNA2c/g3iV5GFpbZFcZeQHIq8y
O5+zWn4vhwQ2HQli13A85MQWpcxERp0VuYFBCBKe7+q0ztyMKb+WMX06qXb/vcsu
Bp8x1LbQ1tiG3TrJt/mhe5/wVtzmyw+K9nxP2vBZDUJnZ1H/pD0Lgzycr3Em0poF
c+zisxI8HO8r8qm+TiWQhHiGvBSSfoUyNlmMMubHDt1sdI1mE9lRTTTB5EL/H9QC
a3FH7Vxmh9WwAub26J03E/l2sTA3WUOpT/nWB6TPyWZEgus6634Yv1kOqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK/oplTmdTClQj05s5z5LVm1BKlvMB8GA1UdIwQY
MBaAFDtHemJgf7lMjiO1oGLHjZPfnL1pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkNlltQl91VXlPSTdXZ1lzZU5rOS1jdldrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9mMzMzNzktNjNkOS00ZjJiLThlNjUt
MzBhNmMzYWY5MDk1LzEvci1pbVZPWjFNS1ZDUFRtem5Qa3RXYlVFcVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9mMzMzNzktNjNkOS00ZjJiLThlNjUtMzBhNmMzYWY5MDk1
LzEvTzBkNlltQl91VXlPSTdXZ1lzZU5rOS1jdldrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVZ7cAwQA
W+cAMA0GCSqGSIb3DQEBCwUAA4IBAQBA9xrjKii8s1BYEsUSp89/+gq5+g2vcX/y
cfG7Ocexi953+vcRIE7vnwYTwQ6YO3AMaLT7A5n/mBjn6vtiI6XDokr3KiNgcGVl
3sVK392W+LU/tNfbEKFcNNPDfvf/i2zxePmtWo6p3UTtAfZbp3dilyAEfdyYw6YM
ek4IbRhBbOYOH9Dy6zCjEUeMasj3C9wI73IszE1UnpqgZOtlGYWaSI9M3JK5mrgt
ULvLCtRgInjyFTnKsgrjQuyo58WibNoZcz8c/LVoIfkH3tgqPtMb0x/7pSE5DvCk
zojlw/vf5DRgPtSA9eW3ZLfjCD9awtK4HXhiX0mawlEy9bwm4OZm
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:04 2025 by rpki-client