Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/Vr7IufA3C9NGikBSGaXPWfPn02s.roa
File: Vr7IufA3C9NGikBSGaXPWfPn02s.roa (raw, json)
Hash identifier: X+swUdsmsoD9I6W5uD/P9WRwAMBsf3kXls0seEffEoQ=
Subject key identifier: 56:BE:C8:B9:F0:37:0B:D3:46:8A:40:52:19:A5:CF:59:F3:E7:D3:6B
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 01942143E6827E4206B55E1046572D83C5E5
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/Vr7IufA3C9NGikBSGaXPWfPn02s.roa
Signing time: Wed 01 Jan 2025 09:48:05 +0000
ROA not before: Wed 01 Jan 2025 09:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50538
IP address blocks: 85.234.108.0/24 maxlen: 24
85.234.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e6:82:7e:42:06:b5:5e:10:46:57:2d:83:c5:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 1 09:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56bec8b9f0370bd3468a405219a5cf59f3e7d36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ca:09:bc:8c:a7:2d:ee:c0:68:1a:57:63:29:
1e:fc:00:ce:0a:1a:e4:aa:1e:7b:c9:d4:22:35:90:
e9:49:c8:f9:58:95:ad:74:f0:60:fa:59:e1:54:e4:
db:9b:26:47:5a:5d:fc:fc:27:cf:a9:b0:1a:be:c4:
17:4c:ac:b7:4e:bd:70:e9:08:59:9f:21:bf:34:c8:
af:b0:f5:dc:a1:f8:da:ab:46:3b:54:cf:a7:d8:35:
8a:66:d7:a6:7b:1e:26:15:c4:d6:68:0c:9e:9b:17:
1b:f4:04:8c:23:45:25:d2:e4:a0:73:96:5e:ff:e5:
9e:9a:c6:d7:42:6a:69:d7:c8:aa:9b:c4:42:e1:d4:
0e:ef:75:c4:03:96:e9:0d:67:7b:54:cb:f5:16:5e:
e6:0a:22:27:a4:40:9b:29:2d:49:4c:f9:d9:17:0e:
df:41:48:32:68:99:9e:28:80:ef:ff:b8:ba:79:36:
f7:c5:2f:e6:a2:22:5e:37:25:82:92:57:05:6c:39:
3c:3c:c2:c8:07:77:ed:c8:05:93:40:6b:88:c6:fa:
9e:9e:ce:67:4a:c5:2a:40:29:9f:89:f3:0c:b4:78:
95:29:f7:52:a6:df:e9:32:56:f5:4b:d7:43:c2:0f:
a8:c3:9a:ca:cb:cf:14:e8:6e:53:a4:38:ab:b5:7f:
30:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BE:C8:B9:F0:37:0B:D3:46:8A:40:52:19:A5:CF:59:F3:E7:D3:6B
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/Vr7IufA3C9NGikBSGaXPWfPn02s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.108.0/23
Signature Algorithm: sha256WithRSAEncryption
15:f9:b4:8d:c9:40:c9:a8:73:a0:96:8e:c7:b9:2a:3f:f6:c9:
3e:12:8e:d8:8c:1e:48:4e:cd:f5:04:63:55:3a:5d:22:7f:6f:
b7:b4:e5:da:81:b2:2a:a9:d4:e7:fe:62:1d:37:53:8c:d1:57:
e1:07:16:37:75:ce:38:9d:13:6b:86:37:e7:53:89:0c:33:04:
6a:b8:6d:9c:3b:92:60:1c:96:34:bb:7a:8d:1b:de:a2:00:c2:
31:29:2f:80:fd:ba:5b:e8:de:97:2d:c1:f4:d9:ba:b7:6f:29:
6f:fc:25:92:01:f8:75:e5:bf:ed:17:ef:2c:fb:7c:1b:20:29:
d0:98:58:27:b4:e4:39:05:5a:79:09:69:66:1a:d6:1a:ec:26:
17:5f:93:97:04:7b:bf:17:0f:f0:33:35:e6:d9:4d:4d:3a:15:
f7:91:fa:75:df:ba:eb:de:62:5d:76:fa:77:c7:8f:92:5b:66:
8a:8e:0b:e9:97:15:0f:d5:46:ef:ae:2f:66:37:da:c3:59:39:
22:58:71:3d:20:58:b2:a9:8f:91:a4:97:6c:db:b8:e5:68:10:
27:1e:ff:52:12:4e:66:a5:05:99:0a:9d:90:a5:fd:97:ce:11:
1c:78:1f:49:00:db:28:6d:97:84:cc:27:6c:08:44:26:56:41:
60:fe:4b:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+aCfkIGtV4QRlctg8XlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjUwMTAxMDk0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmJlYzhiOWYwMzcwYmQzNDY4YTQwNTIxOWE1Y2Y1OWYzZTdkMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MoJvIynLe7AaBpXYyke/ADOChrk
qh57ydQiNZDpScj5WJWtdPBg+lnhVOTbmyZHWl38/CfPqbAavsQXTKy3Tr1w6QhZ
nyG/NMivsPXcofjaq0Y7VM+n2DWKZtemex4mFcTWaAyemxcb9ASMI0Ul0uSgc5Ze
/+WemsbXQmpp18iqm8RC4dQO73XEA5bpDWd7VMv1Fl7mCiInpECbKS1JTPnZFw7f
QUgyaJmeKIDv/7i6eTb3xS/moiJeNyWCklcFbDk8PMLIB3ftyAWTQGuIxvqens5n
SsUqQCmfifMMtHiVKfdSpt/pMlb1S9dDwg+ow5rKy88U6G5TpDirtX8w7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFa+yLnwNwvTRopAUhmlz1nz59NrMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvVnI3SXVmQTNDOU5HaWtCU0dhWFBXZlBuMDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVepsMA0G
CSqGSIb3DQEBCwUAA4IBAQAV+bSNyUDJqHOglo7HuSo/9sk+Eo7YjB5ITs31BGNV
Ol0if2+3tOXagbIqqdTn/mIdN1OM0VfhBxY3dc44nRNrhjfnU4kMMwRquG2cO5Jg
HJY0u3qNG96iAMIxKS+A/bpb6N6XLcH02bq3bylv/CWSAfh15b/tF+8s+3wbICnQ
mFgntOQ5BVp5CWlmGtYa7CYXX5OXBHu/Fw/wMzXm2U1NOhX3kfp137rr3mJddvp3
x4+SW2aKjgvplxUP1Ubvri9mN9rDWTkiWHE9IFiyqY+RpJds27jlaBAnHv9SEk5m
pQWZCp2Qpf2XzhEceB9JANsobZeEzCdsCEQmVkFg/ksO
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:16 2025 by rpki-client