Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/IlqD0ZJUtsFn58U2dcuGU6a9RLs.roa
File: IlqD0ZJUtsFn58U2dcuGU6a9RLs.roa (raw, json)
Hash identifier: nv6lASP4RMh3WPTVrl8wlGa1xmk+hjY0JDN9QOk2WZg=
Subject key identifier: 22:5A:83:D1:92:54:B6:C1:67:E7:C5:36:75:CB:86:53:A6:BD:44:BB
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B24635C9C53BE8AD6A93C66256D225
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/IlqD0ZJUtsFn58U2dcuGU6a9RLs.roa
Signing time: Wed 01 Jan 2025 11:48:38 +0000
ROA not before: Wed 01 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202673
IP address blocks: 85.208.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:46:35:c9:c5:3b:e8:ad:6a:93:c6:62:56:d2:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=225a83d19254b6c167e7c53675cb8653a6bd44bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bb:50:4d:80:a9:72:b1:d7:f8:27:49:c2:58:
1b:44:c7:70:07:ef:6e:4a:30:ff:ac:8b:2b:05:fb:
94:98:03:9d:ab:e8:41:78:bf:d3:e1:ab:1c:d4:c7:
7e:4a:87:76:b6:95:93:83:39:1c:08:56:2f:89:db:
57:42:1d:93:04:65:ed:7d:fd:95:4f:0f:0a:d8:ba:
55:70:70:f7:df:58:9e:bf:27:cc:79:51:73:33:61:
43:8c:25:1a:96:c4:ca:22:b0:4a:8d:3f:39:89:24:
29:bc:06:71:4d:2f:18:1f:c2:bb:c3:c2:f7:87:45:
55:c3:0c:7a:b3:62:42:ef:f8:8a:c9:5d:7a:08:ab:
e2:32:be:35:dc:53:aa:a5:ce:66:9b:9f:ef:01:db:
57:54:cd:89:85:57:04:84:5a:8e:06:86:88:c9:bc:
21:75:53:0e:08:30:88:d4:7c:a9:3e:79:35:b3:ec:
fe:63:bb:65:1c:f3:6e:3c:16:8d:b1:18:f1:67:f5:
ab:e7:f3:2c:01:78:5d:a9:33:f1:6c:f9:4c:76:8e:
67:05:b0:4f:64:b2:4e:d4:99:96:9d:d0:24:68:39:
ae:2c:23:e4:e8:b6:87:13:85:42:0a:fa:8a:f3:56:
91:c4:ab:4d:68:bd:c8:da:cb:55:ef:6d:00:d9:17:
41:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5A:83:D1:92:54:B6:C1:67:E7:C5:36:75:CB:86:53:A6:BD:44:BB
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/IlqD0ZJUtsFn58U2dcuGU6a9RLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.114.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:3f:a6:30:31:0d:47:8a:9b:19:a9:5f:10:92:fc:7d:f7:28:
13:91:ef:f5:6f:fc:76:f5:6e:32:32:9f:97:6b:7f:e3:51:6f:
75:f4:d2:2d:92:ee:7b:86:05:da:88:b2:cd:1f:52:1f:47:71:
eb:97:e6:69:65:3a:28:9b:93:73:e7:fa:bf:a5:43:f3:7f:01:
64:eb:9c:23:8d:73:37:86:04:48:10:47:39:5d:15:96:80:84:
7a:d1:71:8e:4b:e7:f5:4d:12:c9:80:45:7e:ba:83:ca:9f:50:
d4:e6:91:30:c0:ab:50:44:7b:e1:0f:d6:81:87:ee:80:a9:cf:
fe:d1:39:e5:ab:7f:a3:c4:e1:cc:11:94:74:d1:1d:3d:b0:bb:
ba:28:89:5f:ca:75:e5:e9:8a:3e:1e:55:1a:14:8e:19:b7:25:
52:00:73:49:46:cc:a0:fc:50:72:b8:56:3a:22:de:1b:9d:b7:
98:0c:99:4a:20:4f:e0:f5:e4:8f:a3:fd:00:7d:0b:a5:f0:7f:
90:fc:e9:e7:d5:fe:c4:98:00:24:6c:2c:eb:f3:e7:9e:86:94:
36:c6:39:69:5f:aa:2a:10:eb:23:5c:7f:07:72:b7:61:ad:4e:
68:94:22:e0:70:f1:57:ff:32:19:90:82:aa:44:dc:59:73:03:
7b:01:25:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhskY1ycU76K1qk8ZiVtIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjVhODNkMTkyNTRiNmMxNjdlN2M1MzY3NWNiODY1M2E2YmQ0NGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LtQTYCpcrHX+CdJwlgbRMdwB+9u
SjD/rIsrBfuUmAOdq+hBeL/T4asc1Md+Sod2tpWTgzkcCFYvidtXQh2TBGXtff2V
Tw8K2LpVcHD331ievyfMeVFzM2FDjCUalsTKIrBKjT85iSQpvAZxTS8YH8K7w8L3
h0VVwwx6s2JC7/iKyV16CKviMr413FOqpc5mm5/vAdtXVM2JhVcEhFqOBoaIybwh
dVMOCDCI1HypPnk1s+z+Y7tlHPNuPBaNsRjxZ/Wr5/MsAXhdqTPxbPlMdo5nBbBP
ZLJO1JmWndAkaDmuLCPk6LaHE4VCCvqK81aRxKtNaL3I2stV720A2RdBmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJag9GSVLbBZ+fFNnXLhlOmvUS7MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvSWxxRDBaSlV0c0ZuNThVMmRjdUdVNmE5UkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdByMA0G
CSqGSIb3DQEBCwUAA4IBAQDIP6YwMQ1HipsZqV8Qkvx99ygTke/1b/x29W4yMp+X
a3/jUW919NItku57hgXaiLLNH1IfR3Hrl+ZpZToom5Nz5/q/pUPzfwFk65wjjXM3
hgRIEEc5XRWWgIR60XGOS+f1TRLJgEV+uoPKn1DU5pEwwKtQRHvhD9aBh+6Aqc/+
0Tnlq3+jxOHMEZR00R09sLu6KIlfynXl6Yo+HlUaFI4ZtyVSAHNJRsyg/FByuFY6
It4bnbeYDJlKIE/g9eSPo/0AfQul8H+Q/Onn1f7EmAAkbCzr8+eehpQ2xjlpX6oq
EOsjXH8HcrdhrU5olCLgcPFX/zIZkIKqRNxZcwN7ASWW
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:43:46 2025 by rpki-client