Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/fknxfICmt3e0fbde1GqnA6RcLkw.roa
File: fknxfICmt3e0fbde1GqnA6RcLkw.roa (raw, json)
Hash identifier: C+gBvcHrpKr18zz+GYzEDy8tzQUDlryp3fWta0WVs4E=
Subject key identifier: 7E:49:F1:7C:80:A6:B7:77:B4:7D:B7:5E:D4:6A:A7:03:A4:5C:2E:4C
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 019423698D31FB4DFDE07737F26B026ABD03
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/fknxfICmt3e0fbde1GqnA6RcLkw.roa
Signing time: Wed 01 Jan 2025 19:48:27 +0000
ROA not before: Wed 01 Jan 2025 19:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34951
IP address blocks: 85.204.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8d:31:fb:4d:fd:e0:77:37:f2:6b:02:6a:bd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e49f17c80a6b777b47db75ed46aa703a45c2e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e8:a2:f0:fd:d1:34:ac:bd:f3:32:25:b0:31:
0d:6d:c2:f6:55:5d:47:9a:7a:f1:cb:84:d6:0e:f9:
86:36:b0:4d:85:50:c2:fe:4d:b9:1d:96:a5:87:11:
b9:f8:02:64:ba:1e:32:2f:52:bf:3c:7a:0c:09:7a:
70:e0:bf:ff:8e:1e:f8:ae:de:70:2a:06:e0:36:4a:
38:22:03:86:ee:48:96:f4:2b:7c:3e:fd:75:1a:24:
3d:8a:a2:7b:c5:cb:32:7e:e7:a8:28:1f:47:a9:c5:
7d:30:a7:d5:13:08:ef:91:03:4c:ff:be:ce:a1:f4:
99:59:ab:06:0f:64:4c:5e:d2:b6:e7:20:bf:26:5a:
f7:53:d8:9f:4b:a0:58:56:6f:e9:1b:77:be:46:a0:
9a:d8:2f:79:90:e8:de:52:c1:d1:5f:58:37:65:c2:
62:14:8d:0f:9f:46:0e:eb:87:15:0e:07:2a:48:3c:
5b:26:8e:8e:88:da:9d:86:d5:dd:fc:fc:5b:89:c0:
5a:b6:f8:16:ca:1a:d7:eb:25:93:70:a3:9a:43:38:
be:9e:f7:4d:1d:29:08:57:a1:8d:b2:95:89:3e:e0:
39:d8:78:53:81:7c:f9:0e:cd:05:1d:11:c6:2a:a0:
92:eb:60:c5:cf:ea:dd:de:7b:64:b3:f0:2d:43:7c:
0a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:49:F1:7C:80:A6:B7:77:B4:7D:B7:5E:D4:6A:A7:03:A4:5C:2E:4C
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/fknxfICmt3e0fbde1GqnA6RcLkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.199.0/24
Signature Algorithm: sha256WithRSAEncryption
f4:19:74:c6:84:d0:b4:1d:d2:20:38:b1:b7:b1:b8:9c:33:53:
59:cd:a2:4c:3f:e2:b4:2f:5a:71:b6:96:cb:3f:7e:75:03:0f:
cc:f5:19:a0:95:19:20:5f:6a:e3:ff:9c:26:40:18:2e:8b:ed:
7e:51:97:cd:d6:52:ce:f2:08:40:23:01:35:5a:23:b1:3d:06:
82:6e:16:3f:a2:b9:83:43:ea:cf:59:d0:de:0c:4f:30:e5:30:
28:3c:2d:2c:0b:cb:b8:a9:1d:ad:67:d1:fc:d8:1b:3c:8e:9a:
c2:18:91:b2:53:10:56:61:87:e9:57:d3:1d:a1:fa:0f:52:b0:
28:fe:a3:d0:19:1a:eb:fc:47:b5:26:be:ac:44:33:80:bb:f2:
24:42:48:e8:6e:bb:24:db:61:e9:19:5c:62:8b:47:91:d8:8c:
93:12:48:45:ad:b3:7e:df:3b:2b:92:f0:38:aa:77:34:b4:e3:
c1:21:7f:5d:ab:a6:3d:8b:ea:ec:f6:13:fe:bf:4e:0c:ed:cf:
34:aa:a1:c4:89:bd:56:c3:ad:68:d2:ee:9c:c9:e4:57:12:58:
ea:f2:8c:71:46:0c:d3:a2:1f:5c:b6:56:90:59:c9:54:8b:99:
4b:a0:31:82:7f:cc:89:d5:41:24:ad:73:30:26:54:fa:f5:75:
a7:3e:28:35
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaY0x+0394Hc38msCar0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQ5ZjE3YzgwYTZiNzc3YjQ3ZGI3NWVkNDZhYTcwM2E0NWMyZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eii8P3RNKy98zIlsDENbcL2VV1H
mnrxy4TWDvmGNrBNhVDC/k25HZalhxG5+AJkuh4yL1K/PHoMCXpw4L//jh74rt5w
KgbgNko4IgOG7kiW9Ct8Pv11GiQ9iqJ7xcsyfueoKB9HqcV9MKfVEwjvkQNM/77O
ofSZWasGD2RMXtK25yC/Jlr3U9ifS6BYVm/pG3e+RqCa2C95kOjeUsHRX1g3ZcJi
FI0Pn0YO64cVDgcqSDxbJo6OiNqdhtXd/PxbicBatvgWyhrX6yWTcKOaQzi+nvdN
HSkIV6GNspWJPuA52HhTgXz5Ds0FHRHGKqCS62DFz+rd3ntks/AtQ3wK+QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFH5J8XyAprd3tH23XtRqpwOkXC5MMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2ZrbnhmSUNtdDNlMGZiZGUxR3FuQTZSY0xrdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVzMcw
DQYJKoZIhvcNAQELBQADggEBAPQZdMaE0LQd0iA4sbexuJwzU1nNokw/4rQvWnG2
lss/fnUDD8z1GaCVGSBfauP/nCZAGC6L7X5Rl83WUs7yCEAjATVaI7E9BoJuFj+i
uYND6s9Z0N4MTzDlMCg8LSwLy7ipHa1n0fzYGzyOmsIYkbJTEFZhh+lX0x2h+g9S
sCj+o9AZGuv8R7UmvqxEM4C78iRCSOhuuyTbYekZXGKLR5HYjJMSSEWts37fOyuS
8DiqdzS048Ehf12rpj2L6uz2E/6/TgztzzSqocSJvVbDrWjS7pzJ5FcSWOryjHFG
DNOiH1y2VpBZyVSLmUugMYJ/zInVQSStczAmVPr1dac+KDU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:04 2025 by rpki-client