Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/e9kzaC5aK1AvC-cHsDdx9haP07k.roa
File: e9kzaC5aK1AvC-cHsDdx9haP07k.roa (raw, json)
Hash identifier: QuaA/YDvF9Gcy4o2L6hDN/avQ+2ifpi3IVCtvCyZW14=
Subject key identifier: 7B:D9:33:68:2E:5A:2B:50:2F:0B:E7:07:B0:37:71:F6:16:8F:D3:B9
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0194266C3F97633C9AE5C234B96D2EA1BC79
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/e9kzaC5aK1AvC-cHsDdx9haP07k.roa
Signing time: Thu 02 Jan 2025 09:50:15 +0000
ROA not before: Thu 02 Jan 2025 09:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201128
IP address blocks: 85.153.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3f:97:63:3c:9a:e5:c2:34:b9:6d:2e:a1:bc:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 2 09:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bd933682e5a2b502f0be707b03771f6168fd3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d5:f3:1a:fa:05:76:91:31:69:0c:8f:32:9f:
79:56:fe:72:a3:75:df:a2:ff:23:fe:6b:a0:19:b6:
e0:ce:c8:60:66:6b:a8:45:92:71:e2:d7:6b:f7:a0:
0f:e6:e6:2d:89:ce:e4:f0:83:43:a8:7f:9a:2c:ef:
c8:ee:3a:9d:65:1a:76:34:d3:8a:c0:7a:1d:d4:83:
af:ef:68:fa:ba:75:0a:fb:3b:64:00:49:b6:b7:9f:
8f:6f:9e:29:19:2d:ea:25:4c:a8:e2:16:9a:86:4d:
87:ef:80:ad:77:bf:f6:e1:61:d5:df:de:f6:64:ea:
50:de:3c:a9:44:ea:58:af:1a:91:89:7a:ba:18:05:
34:a0:ef:7a:da:f2:08:03:f5:92:28:3d:6e:5a:23:
55:cf:e0:06:4c:6b:cf:4b:c2:24:4c:57:d8:5f:31:
1e:1e:44:75:8a:41:f5:80:bc:a2:e7:f9:ea:d7:6f:
cc:c3:66:16:ee:6e:72:25:56:59:60:da:ff:d5:7f:
1e:cd:7e:53:96:14:cd:64:fa:6d:28:ed:ca:b0:f2:
6e:71:11:52:0e:58:a1:41:40:19:96:37:8c:fd:6e:
27:30:13:db:77:ad:b0:87:9d:07:cd:78:37:21:38:
1d:ba:24:dd:1c:50:87:a2:7f:d9:eb:c3:97:c1:5c:
6b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D9:33:68:2E:5A:2B:50:2F:0B:E7:07:B0:37:71:F6:16:8F:D3:B9
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/e9kzaC5aK1AvC-cHsDdx9haP07k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.64.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c0:62:2c:3f:85:bb:8b:bf:c3:e4:3d:ed:b9:54:93:03:ad:
ec:c3:d1:fc:de:86:51:3e:ad:8e:f0:41:07:7a:ac:c8:38:a4:
70:06:91:7e:79:91:bf:61:5e:aa:78:d6:97:f4:5c:af:98:02:
a3:5a:bc:7a:c1:a5:b2:9b:5d:e9:4c:c9:8d:56:01:6a:61:04:
1d:68:87:82:da:1a:2d:c4:d4:62:8b:ca:bb:dc:e5:f5:5e:c7:
41:4d:ba:c0:b3:be:d8:6b:92:77:a8:3a:5a:6a:b8:f3:73:e7:
bd:52:6c:8d:e4:05:c2:d7:58:ad:18:c8:34:a2:c7:f3:e6:97:
13:a6:0e:41:e5:65:32:df:08:8f:0a:67:f4:16:cb:af:48:e8:
c0:92:df:9a:88:99:b0:5e:05:f4:48:f1:05:00:e9:7d:68:f0:
46:75:83:60:f3:22:b2:31:5e:ce:4e:47:cd:bc:e5:66:4e:30:
9a:89:fe:68:17:26:f8:e8:aa:d9:ec:ef:a7:45:63:36:d5:d7:
80:08:85:ac:89:8a:04:98:07:86:ff:11:7b:54:94:0d:8b:10:
8f:5a:40:c6:5d:5c:9b:7a:d4:e8:69:d9:4b:13:bd:b4:29:c5:
81:0b:56:0a:ac:ee:7f:6c:5c:97:1a:72:66:dc:76:7d:9a:87:
17:af:c7:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbD+XYzya5cI0uW0uobx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjUwMTAyMDk1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQ5MzM2ODJlNWEyYjUwMmYwYmU3MDdiMDM3NzFmNjE2OGZkM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNXzGvoFdpExaQyPMp95Vv5yo3Xf
ov8j/mugGbbgzshgZmuoRZJx4tdr96AP5uYtic7k8INDqH+aLO/I7jqdZRp2NNOK
wHod1IOv72j6unUK+ztkAEm2t5+Pb54pGS3qJUyo4haahk2H74Ctd7/24WHV3972
ZOpQ3jypROpYrxqRiXq6GAU0oO962vIIA/WSKD1uWiNVz+AGTGvPS8IkTFfYXzEe
HkR1ikH1gLyi5/nq12/Mw2YW7m5yJVZZYNr/1X8ezX5TlhTNZPptKO3KsPJucRFS
DlihQUAZljeM/W4nMBPbd62wh50HzXg3ITgduiTdHFCHon/Z68OXwVxrewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvZM2guWitQLwvnB7A3cfYWj9O5MB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvZTlremFDNWFLMUF2Qy1jSHNEZHg5aGFQMDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZlAMA0G
CSqGSIb3DQEBCwUAA4IBAQAcwGIsP4W7i7/D5D3tuVSTA63sw9H83oZRPq2O8EEH
eqzIOKRwBpF+eZG/YV6qeNaX9FyvmAKjWrx6waWym13pTMmNVgFqYQQdaIeC2hot
xNRii8q73OX1XsdBTbrAs77Ya5J3qDpaarjzc+e9UmyN5AXC11itGMg0osfz5pcT
pg5B5WUy3wiPCmf0FsuvSOjAkt+aiJmwXgX0SPEFAOl9aPBGdYNg8yKyMV7OTkfN
vOVmTjCaif5oFyb46KrZ7O+nRWM21deACIWsiYoEmAeG/xF7VJQNixCPWkDGXVyb
etToadlLE720KcWBC1YKrO5/bFyXGnJm3HZ9mocXr8fz
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:57:54 2025 by rpki-client