Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/1-dPM2O3Cq9rlPw_b3Bu58i_7ZQ.roa
File: 1-dPM2O3Cq9rlPw_b3Bu58i_7ZQ.roa (raw, json)
Hash identifier: XqoYwMiUKjvv4+p3alYpBpdcCSNGWvnPPZeCLArAN1Y=
Subject key identifier: D7:E7:4F:33:63:B7:0A:AF:6B:94:FC:3F:6F:70:6E:E7:C8:BF:ED:94
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 01942143E80E623B73AA2E1EA353B8E6A9FD
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/1-dPM2O3Cq9rlPw_b3Bu58i_7ZQ.roa
Signing time: Wed 01 Jan 2025 09:48:05 +0000
ROA not before: Wed 01 Jan 2025 09:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202806
IP address blocks: 85.234.102.0/23 maxlen: 24
85.234.114.0/23 maxlen: 24
2a0a:6f40:2::/47 maxlen: 48
2a0a:6f40:4::/47 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e8:0e:62:3b:73:aa:2e:1e:a3:53:b8:e6:a9:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 1 09:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7e74f3363b70aaf6b94fc3f6f706ee7c8bfed94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:13:4b:0d:ee:b3:72:68:ac:84:33:c2:43:64:
48:67:98:07:36:38:61:a8:b1:7d:4c:c1:c7:75:fb:
5b:8f:8c:9f:bd:cc:d9:40:4d:41:8d:4e:25:50:e8:
f1:53:15:05:53:42:9b:2f:ae:19:28:dc:f4:19:40:
a4:e1:a4:a0:11:de:14:70:bd:3a:72:e0:63:ff:c6:
67:cf:20:3c:24:8c:1e:e2:b1:17:b1:89:52:27:a9:
55:7f:52:91:e6:d3:4d:ef:df:98:dd:1d:82:4e:32:
e4:c0:31:76:08:19:7c:19:42:55:39:92:3d:92:be:
ae:d3:49:93:33:72:ec:e0:d3:d0:4a:bc:b7:e4:68:
d0:4e:2d:94:cf:e9:b3:5d:bc:45:91:76:4b:15:e2:
f2:53:f9:5c:a5:cd:99:ea:04:ed:fd:a9:c1:aa:fa:
aa:27:57:b9:c5:ed:42:de:ac:8c:58:13:c7:e4:fb:
26:8f:59:bc:8a:ad:13:7f:59:fc:7a:c9:a0:0b:c0:
e5:2a:ac:ac:a8:0b:97:74:49:cf:ed:bd:bf:99:28:
2d:b8:71:99:29:2e:d0:8b:99:11:99:33:1b:5e:ed:
11:92:8e:64:dd:e4:48:5b:ce:5a:b7:d5:b9:7e:cc:
1c:f2:50:83:33:14:17:15:89:81:41:c6:63:de:b8:
ab:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E7:4F:33:63:B7:0A:AF:6B:94:FC:3F:6F:70:6E:E7:C8:BF:ED:94
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/1-dPM2O3Cq9rlPw_b3Bu58i_7ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.102.0/23
85.234.114.0/23
IPv6:
2a0a:6f40:2::-2a0a:6f40:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8e:86:b8:cb:12:a2:ff:66:e9:a7:16:c2:97:f3:52:fa:a2:03:
85:38:2b:f1:a9:8b:56:d0:d4:c5:99:d7:d5:2c:9d:a7:c8:5a:
cc:86:fb:39:cb:e9:8b:36:be:ab:42:fa:e2:59:d4:d1:d8:d7:
f9:7f:f9:b9:f9:1a:80:85:bb:a8:e2:c1:b9:4a:1c:d5:b6:c2:
7f:44:49:f4:44:00:ff:a9:11:e3:80:b8:13:49:b0:55:d4:f8:
e6:ae:e2:df:17:e7:e0:0c:83:9b:be:72:c6:b1:c9:43:25:07:
d5:57:c6:e0:80:a3:03:51:09:18:a2:09:3a:11:b9:90:cc:2d:
56:c1:bd:ce:64:9c:8d:bb:cd:e1:26:39:eb:12:27:6d:ad:76:
58:e1:ac:f9:10:30:c4:83:b6:e3:7f:0a:9f:c3:00:a4:c5:d9:
1d:50:6b:62:e9:a5:0d:5c:be:d7:cc:aa:8f:6a:65:a7:ba:10:
09:4c:46:70:fb:f3:8c:69:46:0d:d6:13:d2:b8:06:7e:fe:0e:
5b:60:47:17:74:80:b5:c3:58:6c:b1:dc:25:32:10:7e:35:b9:
6d:ca:e8:39:c5:9d:6e:a3:91:41:f3:43:52:94:a1:04:ed:8f:
85:99:f2:7e:dd:4a:73:bb:25:f5:68:83:33:5e:85:c8:85:09:
f5:a0:4d:c0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQhQ+gOYjtzqi4eo1O45qn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjUwMTAxMDk0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U3NGYzMzYzYjcwYWFmNmI5NGZjM2Y2ZjcwNmVlN2M4YmZlZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hNLDe6zcmishDPCQ2RIZ5gHNjhh
qLF9TMHHdftbj4yfvczZQE1BjU4lUOjxUxUFU0KbL64ZKNz0GUCk4aSgEd4UcL06
cuBj/8ZnzyA8JIwe4rEXsYlSJ6lVf1KR5tNN79+Y3R2CTjLkwDF2CBl8GUJVOZI9
kr6u00mTM3Ls4NPQSry35GjQTi2Uz+mzXbxFkXZLFeLyU/lcpc2Z6gTt/anBqvqq
J1e5xe1C3qyMWBPH5Psmj1m8iq0Tf1n8esmgC8DlKqysqAuXdEnP7b2/mSgtuHGZ
KS7Qi5kRmTMbXu0Rko5k3eRIW85at9W5fswc8lCDMxQXFYmBQcZj3rirJQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNfnTzNjtwqva5T8P29wbufIv+2UMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvMS1kUE0yTzNDcTlybFB3X2IzQnU1OGlfN1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQBVepmAwQB
VepyMBoEAgACMBQwEgMHASoKb0AAAgMHASoKb0AABDANBgkqhkiG9w0BAQsFAAOC
AQEAjoa4yxKi/2bppxbCl/NS+qIDhTgr8amLVtDUxZnX1Sydp8hazIb7Ocvpiza+
q0L64lnU0djX+X/5ufkagIW7qOLBuUoc1bbCf0RJ9EQA/6kR44C4E0mwVdT45q7i
3xfn4AyDm75yxrHJQyUH1VfG4ICjA1EJGKIJOhG5kMwtVsG9zmScjbvN4SY56xIn
ba12WOGs+RAwxIO2438Kn8MApMXZHVBrYumlDVy+18yqj2plp7oQCUxGcPvzjGlG
DdYT0rgGfv4OW2BHF3SAtcNYbLHcJTIQfjW5bcroOcWdbqORQfNDUpShBO2PhZny
ft1Kc7sl9WiDM16FyIUJ9aBNwA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:19:20 2025 by rpki-client