Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/64829d-a344-44d2-9e9d-1dd67c32b06a/1/Qjb8KKp9Ah9sz3YTCH8igfrwe2E.roa
File: Qjb8KKp9Ah9sz3YTCH8igfrwe2E.roa (raw, json)
Hash identifier: ph80CJV2s6EUlD1K7Ts5iFrp8Te9DiUxfJ9FvSaq7jA=
Subject key identifier: 42:36:FC:28:AA:7D:02:1F:6C:CF:76:13:08:7F:22:81:FA:F0:7B:61
Certificate issuer: /CN=85b8b21e4f5fbfdeb714d3e1b38a53817b5729ed
Certificate serial: 01856C65CD3E08062A6F4FA063FD4337F1E7
Authority key identifier: 85:B8:B2:1E:4F:5F:BF:DE:B7:14:D3:E1:B3:8A:53:81:7B:57:29:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbiyHk9fv963FNPhs4pTgXtXKe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/64829d-a344-44d2-9e9d-1dd67c32b06a/1/Qjb8KKp9Ah9sz3YTCH8igfrwe2E.roa
Signing time: Sun 01 Jan 2023 08:14:48 +0000
ROA not before: Sun 01 Jan 2023 08:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 185.212.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:cd:3e:08:06:2a:6f:4f:a0:63:fd:43:37:f1:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b8b21e4f5fbfdeb714d3e1b38a53817b5729ed
Validity
Not Before: Jan 1 08:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4236fc28aa7d021f6ccf7613087f2281faf07b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a7:08:72:79:7e:9b:89:0e:90:f4:93:26:cb:
a4:64:9e:70:34:e3:0a:2f:31:b2:34:ee:ea:0d:6b:
ec:86:3f:0d:da:ec:0a:cf:99:a7:55:ba:66:67:0b:
0c:73:15:00:4a:80:f5:17:bb:6d:5d:23:6d:ca:df:
4f:ed:5d:78:e4:0a:3e:3d:d4:fa:df:9d:ee:6b:f2:
8a:17:6e:4e:1f:83:42:83:84:78:1d:1c:77:71:96:
46:e0:61:ba:ee:79:9d:67:1b:f2:52:5b:c3:9d:68:
82:9d:42:93:94:14:7a:2c:b4:b1:f5:a2:f7:eb:e2:
12:e5:1a:f0:df:9b:e0:55:8a:c2:77:44:4f:16:25:
fd:97:76:2f:6f:c9:c6:be:3d:19:84:55:ba:29:f5:
4d:57:f7:c9:a7:1e:15:d3:08:39:9c:6c:32:74:5b:
6a:24:20:22:d9:7e:ef:6f:23:2d:bf:5a:60:8a:a0:
d5:6c:22:9e:4c:78:63:9c:20:52:87:53:a9:3c:09:
d5:6a:76:e8:37:7f:8c:7a:53:4d:74:a3:8f:ee:ec:
f6:b8:85:cf:4c:21:20:27:5c:97:b5:b9:04:f3:9b:
6d:89:b6:53:03:de:51:34:57:60:07:ef:f0:f8:f6:
5d:88:5e:11:78:83:c6:0e:f2:c8:a6:21:da:8b:81:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:36:FC:28:AA:7D:02:1F:6C:CF:76:13:08:7F:22:81:FA:F0:7B:61
X509v3 Authority Key Identifier:
keyid:85:B8:B2:1E:4F:5F:BF:DE:B7:14:D3:E1:B3:8A:53:81:7B:57:29:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbiyHk9fv963FNPhs4pTgXtXKe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/64829d-a344-44d2-9e9d-1dd67c32b06a/1/Qjb8KKp9Ah9sz3YTCH8igfrwe2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/64829d-a344-44d2-9e9d-1dd67c32b06a/1/hbiyHk9fv963FNPhs4pTgXtXKe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.115.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:3a:31:82:7b:77:8f:f6:4b:ba:be:00:13:ed:94:62:4e:f9:
50:dd:8e:4a:6b:8f:a3:1d:6f:39:6b:54:19:13:8d:93:dc:1d:
e7:5c:6b:0d:8c:6c:a5:20:1b:3a:78:59:cc:ab:96:f9:39:d3:
72:6b:7a:ca:7b:0d:ed:f7:af:b7:c8:9c:24:10:8f:f3:df:2e:
ab:5d:47:5e:15:c7:03:8d:e2:1d:8a:e7:b6:a3:97:65:67:11:
6b:fa:90:69:d5:c4:10:07:d4:d6:71:73:a1:fa:96:ac:35:cd:
bb:e2:a8:79:ea:41:0c:cd:38:33:1a:08:d0:93:3c:a6:a0:75:
d3:15:01:b7:81:2d:c7:6d:58:e5:8a:f3:7c:9d:c3:bd:4d:23:
60:3e:60:78:79:08:ec:fc:29:e9:b0:07:26:a6:bc:6e:83:78:
b9:5b:4a:30:e3:d5:b7:91:fc:b9:f2:52:fb:5b:cd:10:2d:7f:
cb:ac:0c:6c:d2:51:fd:f8:a7:b1:e8:80:5f:d6:70:81:07:3f:
f0:e7:20:83:6c:34:9c:ec:39:43:01:e6:d8:50:bc:ed:e1:1d:
78:21:b7:09:e4:d2:3f:1f:84:d1:fb:d4:ba:5d:06:ad:68:d7:
c0:9e:65:51:cb:68:ae:9a:c7:9c:23:1f:9b:c6:d4:65:fd:0c:
3a:7d:5d:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZc0+CAYqb0+gY/1DN/HnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjhiMjFlNGY1ZmJmZGViNzE0ZDNlMWIzOGE1MzgxN2I1
NzI5ZWQwHhcNMjMwMTAxMDgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjM2ZmMyOGFhN2QwMjFmNmNjZjc2MTMwODdmMjI4MWZhZjA3YjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKcIcnl+m4kOkPSTJsukZJ5wNOMK
LzGyNO7qDWvshj8N2uwKz5mnVbpmZwsMcxUASoD1F7ttXSNtyt9P7V145Ao+PdT6
353ua/KKF25OH4NCg4R4HRx3cZZG4GG67nmdZxvyUlvDnWiCnUKTlBR6LLSx9aL3
6+IS5Rrw35vgVYrCd0RPFiX9l3Yvb8nGvj0ZhFW6KfVNV/fJpx4V0wg5nGwydFtq
JCAi2X7vbyMtv1pgiqDVbCKeTHhjnCBSh1OpPAnVanboN3+MelNNdKOP7uz2uIXP
TCEgJ1yXtbkE85ttibZTA95RNFdgB+/w+PZdiF4ReIPGDvLIpiHai4F2/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEI2/CiqfQIfbM92Ewh/IoH68HthMB8GA1UdIwQY
MBaAFIW4sh5PX7/etxTT4bOKU4F7VyntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJpeUhrOWZ2OTYzRk5QaHM0cFRnWHRYS2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS82NDgyOWQtYTM0NC00NGQyLTllOWQt
MWRkNjdjMzJiMDZhLzEvUWpiOEtLcDlBaDlzejNZVENIOGlnZnJ3ZTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS82NDgyOWQtYTM0NC00NGQyLTllOWQtMWRkNjdjMzJiMDZh
LzEvaGJpeUhrOWZ2OTYzRk5QaHM0cFRnWHRYS2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudRzMA0G
CSqGSIb3DQEBCwUAA4IBAQCLOjGCe3eP9ku6vgAT7ZRiTvlQ3Y5Ka4+jHW85a1QZ
E42T3B3nXGsNjGylIBs6eFnMq5b5OdNya3rKew3t96+3yJwkEI/z3y6rXUdeFccD
jeIdiue2o5dlZxFr+pBp1cQQB9TWcXOh+pasNc274qh56kEMzTgzGgjQkzymoHXT
FQG3gS3HbVjlivN8ncO9TSNgPmB4eQjs/CnpsAcmprxug3i5W0ow49W3kfy58lL7
W80QLX/LrAxs0lH9+Kex6IBf1nCBBz/w5yCDbDSc7DlDAebYULzt4R14IbcJ5NI/
H4TR+9S6XQataNfAnmVRy2iumsecIx+bxtRl/Qw6fV3t
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:21 2025 by rpki-client