Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/X4123oCXQF1EDN-Y6f8DfloFFgE.roa
File: X4123oCXQF1EDN-Y6f8DfloFFgE.roa (raw, json)
Hash identifier: 3PybAP7UrVZVfFz7m7yBMJEFnpR4bWLQTZYEI4547uI=
Subject key identifier: 5F:8D:76:DE:80:97:40:5D:44:0C:DF:98:E9:FF:03:7E:5A:05:16:01
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01948311C2358D7F89A89BB39F086AFE8169
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/X4123oCXQF1EDN-Y6f8DfloFFgE.roa
Signing time: Mon 20 Jan 2025 09:36:06 +0000
ROA not before: Mon 20 Jan 2025 09:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12325
IP address blocks: 85.204.241.0/24 maxlen: 24
188.212.131.0/24 maxlen: 24
188.241.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:83:11:c2:35:8d:7f:89:a8:9b:b3:9f:08:6a:fe:81:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 20 09:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f8d76de8097405d440cdf98e9ff037e5a051601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:58:a3:34:75:1c:ad:f3:08:f6:ae:ff:5a:02:
8a:42:e9:3f:d6:cb:28:00:85:50:2d:8d:c3:5e:25:
3e:1f:af:d7:bb:64:67:95:5d:94:6f:7d:e1:1f:ff:
20:f9:5e:f2:da:ce:e5:ea:44:a2:b3:aa:7b:ed:50:
53:2b:2f:ef:15:46:53:b4:b2:6d:3e:07:99:3a:10:
49:6d:c7:7c:7a:4d:ad:c3:5e:a4:5c:44:71:a2:68:
46:81:ef:75:03:ad:27:27:53:3f:b9:bb:d0:17:48:
23:ef:6b:63:5a:3c:37:d8:28:99:de:24:79:b1:0d:
0c:c1:f0:b4:18:60:dd:ca:55:a5:cb:9b:3b:26:40:
f5:4c:66:b0:29:09:68:19:4e:30:e9:ee:a0:c3:86:
18:31:08:04:ae:0a:bb:78:23:2a:f0:9a:13:b0:9c:
21:3d:ce:4a:bb:51:bf:58:2f:f3:33:06:5e:ec:66:
4d:1f:4e:80:ed:f8:48:1d:1a:4d:55:c7:60:d7:e2:
aa:f7:f3:d9:30:e6:17:d5:75:59:9d:43:43:9d:39:
76:fd:f2:4c:cd:ab:b9:1f:b4:75:82:4a:ff:ec:51:
8c:92:5a:df:1f:1d:e5:f6:cc:db:84:91:6d:b2:af:
ca:7b:e6:3e:6b:58:12:41:0c:da:5d:3c:67:87:de:
fd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8D:76:DE:80:97:40:5D:44:0C:DF:98:E9:FF:03:7E:5A:05:16:01
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/X4123oCXQF1EDN-Y6f8DfloFFgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.241.0/24
188.212.131.0/24
188.241.127.0/24
Signature Algorithm: sha256WithRSAEncryption
52:2c:f6:89:2f:49:e9:f2:8d:d0:da:ab:04:e7:8b:0f:fc:71:
bb:0a:a3:9c:52:90:b8:e7:b5:bc:de:f4:ae:f8:71:36:b6:83:
ae:f5:96:f2:a1:95:f5:5a:cb:80:4e:cb:64:05:b6:c9:17:bd:
d2:58:52:2f:38:2d:89:3e:ae:4b:c8:b1:e4:ac:65:de:fa:6d:
67:be:8e:5e:7e:e8:74:97:bf:7b:a9:c2:f7:0a:38:4b:a3:77:
7f:b3:be:05:83:fd:80:bd:1c:5e:81:6b:54:b7:d7:bb:be:87:
2e:d9:73:57:7e:57:06:e8:00:77:e1:f8:4f:b7:fb:da:be:b7:
ff:da:46:e5:c1:b7:e4:27:b7:e1:e0:c1:da:24:01:8b:98:5e:
6e:ee:31:29:80:e8:11:03:1d:fb:fc:1e:66:3f:1e:eb:d9:b2:
e8:09:4f:0f:a2:1c:05:f5:f2:3b:43:f8:4b:41:a5:7d:c2:ea:
b1:5c:2c:d9:75:c3:25:06:13:74:d2:07:c3:6b:1c:4e:3e:92:
26:3b:ef:b9:ac:db:ee:3f:63:1d:6e:e2:60:cc:d1:3c:b7:e9:
98:53:eb:cd:2c:c9:a0:0f:40:16:8b:38:18:9a:5e:29:94:d9:
97:57:72:e6:3f:61:65:12:bc:ea:9c:86:73:26:61:5d:a4:5c:
28:fd:c0:56
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZSDEcI1jX+JqJuznwhq/oFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTIwMDkzNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjhkNzZkZTgwOTc0MDVkNDQwY2RmOThlOWZmMDM3ZTVhMDUxNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVijNHUcrfMI9q7/WgKKQuk/1sso
AIVQLY3DXiU+H6/Xu2RnlV2Ub33hH/8g+V7y2s7l6kSis6p77VBTKy/vFUZTtLJt
PgeZOhBJbcd8ek2tw16kXERxomhGge91A60nJ1M/ubvQF0gj72tjWjw32CiZ3iR5
sQ0MwfC0GGDdylWly5s7JkD1TGawKQloGU4w6e6gw4YYMQgErgq7eCMq8JoTsJwh
Pc5Ku1G/WC/zMwZe7GZNH06A7fhIHRpNVcdg1+Kq9/PZMOYX1XVZnUNDnTl2/fJM
zau5H7R1gkr/7FGMklrfHx3l9szbhJFtsq/Ke+Y+a1gSQQzaXTxnh9792QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF+Ndt6Al0BdRAzfmOn/A35aBRYBMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1g0MTIzb0NYUUYxRUROLVk2ZjhEZmxvRkZnRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABVzPED
BAC81IMDBAC88X8wDQYJKoZIhvcNAQELBQADggEBAFIs9okvSenyjdDaqwTniw/8
cbsKo5xSkLjntbze9K74cTa2g671lvKhlfVay4BOy2QFtskXvdJYUi84LYk+rkvI
seSsZd76bWe+jl5+6HSXv3upwvcKOEujd3+zvgWD/YC9HF6Ba1S317u+hy7Zc1d+
VwboAHfh+E+3+9q+t//aRuXBt+Qnt+HgwdokAYuYXm7uMSmA6BEDHfv8HmY/HuvZ
sugJTw+iHAX18jtD+EtBpX3C6rFcLNl1wyUGE3TSB8NrHE4+kiY777ms2+4/Yx1u
4mDM0Ty36ZhT680syaAPQBaLOBiaXimU2ZdXcuY/YWUSvOqchnMmYV2kXCj9wFY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:17 2025 by rpki-client