Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/hQ0YApu5WoWTzplsx3kGPjllB5U.roa
File: hQ0YApu5WoWTzplsx3kGPjllB5U.roa (raw, json)
Hash identifier: MrhVyy2x/tGhHNT3G0aFPVlRe4+Ks+ecN8Tl4xwUj4o=
Subject key identifier: 85:0D:18:02:9B:B9:5A:85:93:CE:99:6C:C7:79:06:3E:39:65:07:95
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019421B26EEA94E906A7CCA5569747E37FB0
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/hQ0YApu5WoWTzplsx3kGPjllB5U.roa
Signing time: Wed 01 Jan 2025 11:48:49 +0000
ROA not before: Wed 01 Jan 2025 11:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 85.142.88.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:6e:ea:94:e9:06:a7:cc:a5:56:97:47:e3:7f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=850d18029bb95a8593ce996cc779063e39650795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c1:38:0e:b6:a8:52:81:42:42:d8:37:85:e7:
9a:04:a5:42:0f:e2:ec:bc:cd:5a:cb:0f:ca:8d:ef:
41:67:fd:3b:a8:cf:e5:05:58:b8:5d:bf:df:f4:d8:
01:9a:28:d6:c3:21:13:49:96:9c:03:79:cc:c5:11:
f8:7f:00:33:27:19:b8:60:d5:2c:41:4f:62:27:7f:
4e:38:9c:b3:e9:95:11:40:df:61:22:4a:ec:93:9b:
c8:97:d9:ec:2c:a3:ab:af:61:98:47:c0:55:97:da:
fb:08:99:bb:4c:7f:40:b4:40:d6:a4:9f:d6:78:f3:
5a:8b:8c:5f:c1:96:89:f5:5f:11:0d:83:c5:40:7a:
21:9b:4f:7f:b8:30:c8:b2:67:53:93:ab:45:05:3e:
c5:f5:e9:54:fa:1a:d1:89:fd:7b:7a:54:6b:40:dd:
27:6d:70:2a:b3:32:59:81:f9:f0:8e:74:3e:d8:31:
b0:8a:26:62:8b:93:c6:22:c1:1f:d6:ff:19:e5:2b:
85:bc:7f:44:ba:33:c7:47:ab:f2:51:b6:b4:6b:a1:
31:1f:e6:03:84:87:47:db:18:9e:61:33:5b:3e:85:
d8:62:e0:54:96:87:51:f0:01:47:e2:26:20:69:6f:
11:44:6c:9f:ea:28:0d:9e:2d:fa:bc:e5:6d:eb:e8:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0D:18:02:9B:B9:5A:85:93:CE:99:6C:C7:79:06:3E:39:65:07:95
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/hQ0YApu5WoWTzplsx3kGPjllB5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.88.0/21
Signature Algorithm: sha256WithRSAEncryption
7e:22:01:8c:67:99:f6:e5:5a:38:ad:26:09:f5:85:de:b4:fe:
e9:66:25:f6:43:16:d9:27:53:ee:41:aa:d9:76:d3:cc:77:20:
be:ed:11:92:5a:5a:33:db:05:54:bb:4f:fc:04:6b:a6:6c:26:
c0:7d:ae:28:f0:c0:c2:0d:da:68:66:a1:11:15:28:1e:75:f0:
59:47:8a:ae:e4:68:c8:9e:61:cf:61:dc:78:55:87:d8:4f:cd:
40:4e:65:e8:92:30:4d:0c:80:c3:f2:26:67:f3:37:b3:d4:61:
10:8b:da:dd:fb:9a:b4:68:9e:31:be:52:3b:90:ff:36:97:20:
03:96:be:87:bf:89:63:d6:17:b7:77:54:3a:39:17:7d:f8:90:
22:ad:92:c6:0b:46:ff:ba:4a:10:6b:be:31:28:2c:aa:2c:1e:
7a:9d:b7:2d:9d:15:a1:61:ed:32:ec:e3:cd:60:39:de:f4:c5:
d5:89:8d:d1:83:fc:81:34:a0:dc:16:70:f2:3f:66:34:ff:c9:
f4:25:81:fe:bb:7f:77:fd:9e:37:a1:9f:53:d8:eb:9f:24:23:
7a:b6:c6:7b:aa:c7:f2:7f:2a:ee:f2:50:9a:fb:f3:74:bf:c7:
74:5c:d9:1c:c9:5c:a9:d6:4b:9d:4c:d5:5e:85:12:cd:62:a6:
bc:15:eb:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsm7qlOkGp8ylVpdH43+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjUwMTAxMTE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTBkMTgwMjliYjk1YTg1OTNjZTk5NmNjNzc5MDYzZTM5NjUwNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvME4DraoUoFCQtg3heeaBKVCD+Ls
vM1ayw/Kje9BZ/07qM/lBVi4Xb/f9NgBmijWwyETSZacA3nMxRH4fwAzJxm4YNUs
QU9iJ39OOJyz6ZURQN9hIkrsk5vIl9nsLKOrr2GYR8BVl9r7CJm7TH9AtEDWpJ/W
ePNai4xfwZaJ9V8RDYPFQHohm09/uDDIsmdTk6tFBT7F9elU+hrRif17elRrQN0n
bXAqszJZgfnwjnQ+2DGwiiZii5PGIsEf1v8Z5SuFvH9EujPHR6vyUba0a6ExH+YD
hIdH2xieYTNbPoXYYuBUlodR8AFH4iYgaW8RRGyf6igNni36vOVt6+gRywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUNGAKbuVqFk86ZbMd5Bj45ZQeVMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvaFEwWUFwdTVXb1dUenBsc3gza0dQamxsQjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVY5YMA0G
CSqGSIb3DQEBCwUAA4IBAQB+IgGMZ5n25Vo4rSYJ9YXetP7pZiX2QxbZJ1PuQarZ
dtPMdyC+7RGSWloz2wVUu0/8BGumbCbAfa4o8MDCDdpoZqERFSgedfBZR4qu5GjI
nmHPYdx4VYfYT81ATmXokjBNDIDD8iZn8zez1GEQi9rd+5q0aJ4xvlI7kP82lyAD
lr6Hv4lj1he3d1Q6ORd9+JAirZLGC0b/ukoQa74xKCyqLB56nbctnRWhYe0y7OPN
YDne9MXViY3Rg/yBNKDcFnDyP2Y0/8n0JYH+u393/Z43oZ9T2OufJCN6tsZ7qsfy
fyru8lCa+/N0v8d0XNkcyVyp1kudTNVehRLNYqa8FetV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:34 2025 by rpki-client