Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/768241-7adf-4c25-97ce-338975829e8b/1/ITvafiNBv4ylSij6nbuKyZmdE8k.roa
File: ITvafiNBv4ylSij6nbuKyZmdE8k.roa (raw, json)
Hash identifier: eQlQlT15GdOmzPkZPFcmwxbiVSUvzPGQ2MQSNNK3BEo=
Subject key identifier: 21:3B:DA:7E:23:41:BF:8C:A5:4A:28:FA:9D:BB:8A:C9:99:9D:13:C9
Certificate issuer: /CN=93dc75e61e483f0d479221f3ca75fc722096a7ed
Certificate serial: 01942068759F06B6076C006AB8B72E20966C
Authority key identifier: 93:DC:75:E6:1E:48:3F:0D:47:92:21:F3:CA:75:FC:72:20:96:A7:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k9x15h5IPw1HkiHzynX8ciCWp-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/768241-7adf-4c25-97ce-338975829e8b/1/ITvafiNBv4ylSij6nbuKyZmdE8k.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207029
IP address blocks: 185.85.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:75:9f:06:b6:07:6c:00:6a:b8:b7:2e:20:96:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93dc75e61e483f0d479221f3ca75fc722096a7ed
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=213bda7e2341bf8ca54a28fa9dbb8ac9999d13c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a1:22:89:f5:c2:ea:c9:5e:c2:bb:8c:c5:84:
a0:7f:d4:35:30:1f:01:09:ef:f3:90:c1:ec:1e:4b:
9a:ef:1b:a0:67:a5:49:2a:96:23:56:e6:43:5b:57:
d7:85:cb:6b:a4:e7:0b:5e:67:f9:26:fa:92:f3:85:
d5:10:e1:71:2d:d6:e6:62:e3:de:92:c6:a3:06:8d:
04:7f:7c:d8:b3:45:95:d3:cc:ed:0e:28:b6:73:1f:
9f:d4:52:77:e2:bf:31:cd:e8:93:4b:4e:6a:b2:c3:
f6:4d:5c:f0:7b:e5:60:02:82:db:37:ad:b4:41:f4:
30:d2:7e:13:b3:bb:83:f3:6b:c0:36:05:85:f0:84:
62:23:4e:7b:22:b6:f0:9e:b2:2a:d9:eb:38:ed:0a:
1f:1e:e7:db:9f:ff:9d:c8:02:6e:29:63:c9:40:3a:
d5:6d:6d:5a:47:28:6d:9d:a3:06:80:d2:57:cd:bc:
39:02:d1:e5:f2:2a:be:a7:47:d5:b8:a4:a2:7c:eb:
f0:8c:ec:3c:6a:a2:74:83:91:0b:a3:99:f0:12:58:
91:d7:96:d8:77:47:5a:b3:19:2e:89:c6:ab:c6:7f:
51:1e:86:61:25:c2:51:c7:34:8d:23:d5:e9:5d:5e:
c3:7e:e6:5a:ac:79:47:39:91:9a:68:5b:ec:94:61:
cf:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3B:DA:7E:23:41:BF:8C:A5:4A:28:FA:9D:BB:8A:C9:99:9D:13:C9
X509v3 Authority Key Identifier:
keyid:93:DC:75:E6:1E:48:3F:0D:47:92:21:F3:CA:75:FC:72:20:96:A7:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k9x15h5IPw1HkiHzynX8ciCWp-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/768241-7adf-4c25-97ce-338975829e8b/1/ITvafiNBv4ylSij6nbuKyZmdE8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/768241-7adf-4c25-97ce-338975829e8b/1/k9x15h5IPw1HkiHzynX8ciCWp-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.20.0/24
Signature Algorithm: sha256WithRSAEncryption
93:dc:33:cd:1d:f5:e3:51:5d:60:d8:09:5c:9e:c3:64:19:63:
db:54:2d:40:60:23:40:aa:11:6b:32:7a:ce:17:5f:ff:eb:79:
4a:e5:5c:5f:b5:e1:19:1a:a8:c7:9a:c2:19:65:c9:17:d7:d0:
9e:19:b5:fb:be:20:64:fd:6e:6e:2a:b0:a5:79:7d:68:39:5a:
98:e9:bc:bf:dc:a4:8e:f9:86:46:85:2f:7a:86:e2:d3:c3:2f:
9e:da:5c:eb:7e:64:ca:f2:0c:58:96:d9:4c:54:ee:0c:c4:2a:
06:2e:9c:2c:da:4b:f9:1f:8b:94:0e:b0:ae:f6:9b:e0:74:df:
c5:07:55:63:61:3f:42:f8:51:5c:cc:f3:51:91:49:ff:44:06:
f6:aa:19:63:48:aa:09:fa:40:4b:53:71:d9:40:e9:31:db:92:
39:97:eb:d5:29:69:79:c3:89:ac:c0:5a:8b:cc:7d:35:3a:bb:
14:b8:b4:ce:35:3d:03:31:09:46:80:e2:01:23:2e:96:62:68:
a2:2c:92:7f:0d:59:e7:97:4e:e2:94:e9:23:80:0c:aa:be:3b:
5e:58:98:da:47:d7:08:f6:12:a2:99:cd:24:e1:79:6b:4d:4f:
76:7a:85:7a:11:f6:a5:4a:48:bd:97:a5:c8:6e:b1:d9:14:33:
46:a0:51:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHWfBrYHbABquLcuIJZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZGM3NWU2MWU0ODNmMGQ0NzkyMjFmM2NhNzVmYzcyMjA5
NmE3ZWQwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNiZGE3ZTIzNDFiZjhjYTU0YTI4ZmE5ZGJiOGFjOTk5OWQxM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaEiifXC6slewruMxYSgf9Q1MB8B
Ce/zkMHsHkua7xugZ6VJKpYjVuZDW1fXhctrpOcLXmf5JvqS84XVEOFxLdbmYuPe
ksajBo0Ef3zYs0WV08ztDii2cx+f1FJ34r8xzeiTS05qssP2TVzwe+VgAoLbN620
QfQw0n4Ts7uD82vANgWF8IRiI057IrbwnrIq2es47QofHufbn/+dyAJuKWPJQDrV
bW1aRyhtnaMGgNJXzbw5AtHl8iq+p0fVuKSifOvwjOw8aqJ0g5ELo5nwEliR15bY
d0dasxkuicarxn9RHoZhJcJRxzSNI9XpXV7DfuZarHlHOZGaaFvslGHPOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCE72n4jQb+MpUoo+p27ismZnRPJMB8GA1UdIwQY
MBaAFJPcdeYeSD8NR5Ih88p1/HIglqftMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazl4MTVoNUlQdzFIa2lIenluWDhjaUNXcC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS83NjgyNDEtN2FkZi00YzI1LTk3Y2Ut
MzM4OTc1ODI5ZThiLzEvSVR2YWZpTkJ2NHlsU2lqNm5idUt5Wm1kRThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS83NjgyNDEtN2FkZi00YzI1LTk3Y2UtMzM4OTc1ODI5ZThi
LzEvazl4MTVoNUlQdzFIa2lIenluWDhjaUNXcC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVUUMA0G
CSqGSIb3DQEBCwUAA4IBAQCT3DPNHfXjUV1g2AlcnsNkGWPbVC1AYCNAqhFrMnrO
F1//63lK5VxfteEZGqjHmsIZZckX19CeGbX7viBk/W5uKrCleX1oOVqY6by/3KSO
+YZGhS96huLTwy+e2lzrfmTK8gxYltlMVO4MxCoGLpws2kv5H4uUDrCu9pvgdN/F
B1VjYT9C+FFczPNRkUn/RAb2qhljSKoJ+kBLU3HZQOkx25I5l+vVKWl5w4mswFqL
zH01OrsUuLTONT0DMQlGgOIBIy6WYmiiLJJ/DVnnl07ilOkjgAyqvjteWJjaR9cI
9hKimc0k4XlrTU92eoV6EfalSki9l6XIbrHZFDNGoFEp
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:56:41 2025 by rpki-client