Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Iz0OKJRfyer26_x0SY8wqmCTEJs.roa
File: Iz0OKJRfyer26_x0SY8wqmCTEJs.roa (raw, json)
Hash identifier: HkA+qgxdvNNdPmwk6Y1yGdSU/udB+TT9eU5dbnjc99g=
Subject key identifier: 23:3D:0E:28:94:5F:C9:EA:F6:EB:FC:74:49:8F:30:AA:60:93:10:9B
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 019423D6E686B0CAC96FF0DACC6FC03E385A
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Iz0OKJRfyer26_x0SY8wqmCTEJs.roa
Signing time: Wed 01 Jan 2025 21:47:53 +0000
ROA not before: Wed 01 Jan 2025 21:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 85.11.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e6:86:b0:ca:c9:6f:f0:da:cc:6f:c0:3e:38:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: Jan 1 21:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=233d0e28945fc9eaf6ebfc74498f30aa6093109b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:07:4a:f0:16:b0:1d:cd:2c:ea:2d:e0:34:3c:
55:24:25:10:cd:a0:a3:57:e2:7a:a8:56:61:6c:63:
7f:bc:50:1f:a3:cc:fd:a6:23:e5:ae:f9:f1:0c:2d:
3c:e4:6e:b2:4f:e8:f2:e6:9c:86:08:e8:3d:81:52:
51:f0:10:36:09:34:79:c9:ed:27:f6:54:39:4f:bd:
8e:05:4f:b6:a9:3d:4f:db:b7:9d:1d:09:15:22:81:
0f:25:30:af:f8:3b:e5:38:fa:ae:3a:c8:f0:1b:5f:
9d:74:0c:7a:aa:c5:71:0f:fd:80:0e:65:61:46:d0:
2d:49:1d:af:fa:ad:08:ea:23:80:fe:52:10:af:7f:
2c:c2:3e:20:1e:1f:b8:38:3e:b5:04:d8:16:95:eb:
44:6e:db:3f:68:5f:7b:ad:0a:85:d7:f6:49:b6:84:
58:fa:e9:42:43:a2:da:32:05:74:0b:d3:c1:41:d8:
13:84:b5:cd:cf:27:6f:da:25:70:03:81:64:ce:a0:
12:e0:d6:4b:bc:08:99:3e:21:b5:17:14:9c:be:60:
44:6c:da:25:1e:c8:f9:59:5b:21:85:74:dd:50:9c:
72:cf:13:87:2a:4e:55:d0:e7:93:c2:9f:9b:bd:77:
e4:88:be:da:75:1f:f2:5f:c2:8b:d2:c3:8f:7b:e2:
e6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3D:0E:28:94:5F:C9:EA:F6:EB:FC:74:49:8F:30:AA:60:93:10:9B
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Iz0OKJRfyer26_x0SY8wqmCTEJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.190.0/24
Signature Algorithm: sha256WithRSAEncryption
02:89:8b:60:ba:df:7a:5a:06:8d:cd:55:42:02:bc:9d:18:e0:
71:6d:ed:92:8f:56:68:50:52:d1:bf:f7:de:cb:e1:c1:78:d2:
c6:4b:8f:84:0e:e3:7b:3a:17:00:b1:0c:04:98:f2:ff:9a:77:
e7:a3:d0:b6:f7:b9:ca:fa:ea:d3:77:48:50:45:2d:5b:a4:1f:
71:b2:01:31:a2:66:a3:29:ad:c6:8f:c3:88:f5:c2:2b:3e:67:
d8:7d:33:8e:83:31:b2:df:07:52:5a:a8:8b:68:cb:05:01:d9:
65:14:97:85:2d:98:06:e0:e6:6a:b0:75:16:d4:91:08:d0:79:
3a:6c:73:50:44:9f:78:3f:ae:94:9b:cf:fa:8d:9a:cb:c4:08:
9b:c0:89:2b:25:2f:4a:fe:9d:66:9e:91:2f:39:1c:d5:5b:01:
d2:4a:e0:23:df:e5:2a:dc:cf:e0:82:d6:18:e7:b9:53:dd:bf:
c2:c0:38:46:36:51:03:49:cf:76:a2:b4:64:23:43:3c:1a:3f:
c9:18:25:54:61:b5:43:45:88:88:9b:4a:4c:02:4d:1d:8a:a7:
d8:c4:c1:b0:83:1e:3f:54:30:cb:d9:99:b3:b6:ec:34:9d:5c:
83:d1:58:61:c8:0f:4f:7c:0b:ec:81:2e:fc:1c:f8:3a:18:23:
d0:49:5b:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1uaGsMrJb/DazG/APjhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjUwMTAxMjE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNkMGUyODk0NWZjOWVhZjZlYmZjNzQ0OThmMzBhYTYwOTMxMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwdK8BawHc0s6i3gNDxVJCUQzaCj
V+J6qFZhbGN/vFAfo8z9piPlrvnxDC085G6yT+jy5pyGCOg9gVJR8BA2CTR5ye0n
9lQ5T72OBU+2qT1P27edHQkVIoEPJTCv+DvlOPquOsjwG1+ddAx6qsVxD/2ADmVh
RtAtSR2v+q0I6iOA/lIQr38swj4gHh+4OD61BNgWletEbts/aF97rQqF1/ZJtoRY
+ulCQ6LaMgV0C9PBQdgThLXNzydv2iVwA4FkzqAS4NZLvAiZPiG1FxScvmBEbNol
Hsj5WVshhXTdUJxyzxOHKk5V0OeTwp+bvXfkiL7adR/yX8KL0sOPe+LmcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCM9DiiUX8nq9uv8dEmPMKpgkxCbMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvSXowT0tKUmZ5ZXIyNl94MFNZOHdxbUNURUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVQu+MA0G
CSqGSIb3DQEBCwUAA4IBAQACiYtgut96WgaNzVVCArydGOBxbe2Sj1ZoUFLRv/fe
y+HBeNLGS4+EDuN7OhcAsQwEmPL/mnfno9C297nK+urTd0hQRS1bpB9xsgExomaj
Ka3Gj8OI9cIrPmfYfTOOgzGy3wdSWqiLaMsFAdllFJeFLZgG4OZqsHUW1JEI0Hk6
bHNQRJ94P66Um8/6jZrLxAibwIkrJS9K/p1mnpEvORzVWwHSSuAj3+Uq3M/ggtYY
57lT3b/CwDhGNlEDSc92orRkI0M8Gj/JGCVUYbVDRYiIm0pMAk0diqfYxMGwgx4/
VDDL2Zmztuw0nVyD0VhhyA9PfAvsgS78HPg6GCPQSVto
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:30:53 2025 by rpki-client