Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Dfic0l92QgUiv58p28k74K4DPQI.roa
File: Dfic0l92QgUiv58p28k74K4DPQI.roa (raw, json)
Hash identifier: Dw8jFKgoCZFwjkiwico3L0P5aEd4mtxtXz7OW3PcEkA=
Subject key identifier: 0D:F8:9C:D2:5F:76:42:05:22:BF:9F:29:DB:C9:3B:E0:AE:03:3D:02
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B23B62D0CA5565A7A1AF05E178C4FB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Dfic0l92QgUiv58p28k74K4DPQI.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53363
IP address blocks: 85.208.108.0/24 maxlen: 24
171.22.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3b:62:d0:ca:55:65:a7:a1:af:05:e1:78:c4:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0df89cd25f76420522bf9f29dbc93be0ae033d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:79:df:74:61:fa:91:fc:19:9a:ca:84:10:37:
7f:40:9d:c2:d9:e7:dd:7a:01:54:bc:1c:19:03:e9:
d0:4b:cd:fe:62:51:4a:92:ef:85:f2:f4:10:8c:2e:
d7:f2:24:8a:fc:1f:fd:97:76:34:fb:e8:bd:57:e4:
6a:dd:f1:a6:76:c9:79:59:b5:55:0b:74:41:9a:88:
b1:c6:ad:bc:eb:81:74:3b:08:9c:a8:78:c0:e5:bd:
5b:b6:46:da:db:12:74:49:30:5c:03:ad:ce:6c:99:
ee:39:ba:e1:26:d3:98:b6:c5:7f:64:e1:f5:22:19:
f3:2c:de:cc:89:94:11:f6:3a:a6:fc:f7:07:9b:0e:
fc:9a:db:8b:6d:ad:5a:de:ce:e7:e8:a3:03:dc:c0:
a5:7c:55:35:ec:83:65:4e:29:96:68:85:d1:9d:59:
dc:40:8c:e2:d7:c9:50:00:68:82:84:4d:25:88:91:
67:b1:74:3d:a8:3e:02:87:58:3c:8e:39:c7:8d:30:
d7:7a:e1:8f:22:02:77:6a:9c:e9:a4:dd:d5:5c:03:
7d:b9:ba:9a:e3:40:8b:32:73:56:71:c5:ed:e3:46:
18:84:6a:46:2e:e1:54:15:87:73:f8:42:08:54:72:
08:48:d5:93:9b:be:40:0d:27:d3:6e:bc:66:5b:a6:
31:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F8:9C:D2:5F:76:42:05:22:BF:9F:29:DB:C9:3B:E0:AE:03:3D:02
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Dfic0l92QgUiv58p28k74K4DPQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.108.0/24
171.22.122.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:57:80:c0:bf:b0:e3:e4:37:9c:56:79:bd:42:f8:b0:09:13:
d3:95:d7:15:50:6f:03:6f:5f:7f:2f:c7:a0:4a:28:0f:e1:e0:
0d:0d:89:08:2d:58:61:24:95:63:65:d5:98:af:0c:74:d6:29:
63:d6:bc:a0:20:c5:08:aa:1d:cd:0f:6f:d1:70:e3:62:d8:20:
e0:21:a3:8f:5c:50:02:23:19:a3:4f:08:73:59:ff:cf:55:f1:
ce:dd:09:ce:5f:f9:1f:18:39:0e:31:18:13:a7:f9:c5:75:d0:
b7:bc:59:ef:d4:5e:aa:51:e5:99:65:26:ad:e7:af:d0:1d:5b:
4d:ca:13:fa:59:7f:32:d0:c9:be:74:33:5e:5a:eb:3c:8a:5d:
c6:7d:5e:a4:12:df:1d:7d:27:e9:2f:75:f0:31:b9:2b:e1:f0:
69:8a:59:98:78:8d:28:a7:7d:01:7d:bd:b4:fb:83:52:a0:26:
19:d2:47:6e:f6:c8:c4:29:a1:c6:2f:53:d5:53:8d:ca:53:c3:
6b:f8:df:49:9f:e1:9d:7c:e7:97:c4:38:7c:df:ce:1a:c2:a7:
cb:6b:5d:dc:ed:f7:ce:7a:b3:19:d7:e4:e4:66:1e:87:ee:f0:
b3:43:45:06:13:c8:2d:c6:f7:f8:4f:29:d2:a9:28:11:00:26:
fe:2c:ac:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsjti0MpVZaehrwXheMT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGY4OWNkMjVmNzY0MjA1MjJiZjlmMjlkYmM5M2JlMGFlMDMzZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnnfdGH6kfwZmsqEEDd/QJ3C2efd
egFUvBwZA+nQS83+YlFKku+F8vQQjC7X8iSK/B/9l3Y0++i9V+Rq3fGmdsl5WbVV
C3RBmoixxq2864F0OwicqHjA5b1btkba2xJ0STBcA63ObJnuObrhJtOYtsV/ZOH1
IhnzLN7MiZQR9jqm/PcHmw78mtuLba1a3s7n6KMD3MClfFU17INlTimWaIXRnVnc
QIzi18lQAGiChE0liJFnsXQ9qD4Ch1g8jjnHjTDXeuGPIgJ3apzppN3VXAN9ubqa
40CLMnNWccXt40YYhGpGLuFUFYdz+EIIVHIISNWTm75ADSfTbrxmW6YxPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA34nNJfdkIFIr+fKdvJO+CuAz0CMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRGZpYzBsOTJRZ1VpdjU4cDI4azc0SzREUFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVdBsAwQA
qxZ6MA0GCSqGSIb3DQEBCwUAA4IBAQA+V4DAv7Dj5DecVnm9QviwCRPTldcVUG8D
b19/L8egSigP4eANDYkILVhhJJVjZdWYrwx01ilj1rygIMUIqh3ND2/RcONi2CDg
IaOPXFACIxmjTwhzWf/PVfHO3QnOX/kfGDkOMRgTp/nFddC3vFnv1F6qUeWZZSat
56/QHVtNyhP6WX8y0Mm+dDNeWus8il3GfV6kEt8dfSfpL3XwMbkr4fBpilmYeI0o
p30Bfb20+4NSoCYZ0kdu9sjEKaHGL1PVU43KU8Nr+N9Jn+GdfOeXxDh8384awqfL
a13c7ffOerMZ1+TkZh6H7vCzQ0UGE8gtxvf4TynSqSgRACb+LKxn
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:38:39 2025 by rpki-client