Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/rroj_3kO6yNfrJrwx3Io-DVolb4.roa
File: rroj_3kO6yNfrJrwx3Io-DVolb4.roa (raw, json)
Hash identifier: lV24Yf89/MUqb6y8fA57xKM/EdhLo4FzyiURI/65fo4=
Subject key identifier: AE:BA:23:FF:79:0E:EB:23:5F:AC:9A:F0:C7:72:28:F8:35:68:95:BE
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01926E02D47779AD5BE4A1096FFCA5B22E0A
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/rroj_3kO6yNfrJrwx3Io-DVolb4.roa
Signing time: Tue 08 Oct 2024 21:22:12 +0000
ROA not before: Tue 08 Oct 2024 21:22:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 85.208.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6e:02:d4:77:79:ad:5b:e4:a1:09:6f:fc:a5:b2:2e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Oct 8 21:22:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aeba23ff790eeb235fac9af0c77228f8356895be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6a:24:a8:9b:d4:15:4f:ed:16:f9:d9:8c:0c:
36:8f:87:5e:5b:85:ac:24:50:46:a3:d6:e3:73:58:
8c:39:54:85:2b:cf:93:f8:3d:93:65:06:a9:df:2a:
47:29:a1:fd:09:12:9f:cd:e5:6e:26:99:32:dc:78:
1d:26:c2:2d:df:34:51:2e:0a:01:76:ce:59:6b:53:
cc:55:12:0e:80:c1:fc:10:6c:0e:72:3c:36:4f:5f:
af:eb:bf:f4:14:f1:3d:ca:13:26:41:4a:bb:fa:c0:
f0:d2:74:50:8e:a0:45:68:4a:98:8d:5e:9c:06:24:
07:9d:13:30:e1:91:15:9f:b9:b3:c1:59:fd:d7:4d:
56:41:68:85:2c:30:c5:df:43:2b:19:5b:08:72:1c:
4c:8a:61:5b:0a:ea:88:44:f5:8a:1f:7c:dc:01:4d:
67:ed:59:69:5c:5a:78:0c:a5:8e:16:10:ae:1b:25:
d2:08:64:18:88:aa:2d:e9:16:18:c2:39:41:75:35:
54:ff:1a:bb:b2:a2:84:1f:8c:d1:86:3a:bf:53:07:
52:01:00:19:54:14:ee:33:ff:a2:ba:61:52:b0:24:
c6:66:05:c7:73:58:74:0b:e3:9b:9a:af:ec:83:be:
26:c5:e6:1e:89:bd:e2:a8:cb:8a:3f:cc:f8:dc:38:
b6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BA:23:FF:79:0E:EB:23:5F:AC:9A:F0:C7:72:28:F8:35:68:95:BE
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/rroj_3kO6yNfrJrwx3Io-DVolb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.112.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:fe:35:d8:a2:6f:96:de:c2:00:f0:7f:37:5c:34:64:e2:91:
32:b5:95:d3:35:f4:45:57:f1:26:66:fc:6c:16:6b:18:59:2e:
63:ce:c7:b6:de:79:6e:07:0f:2b:54:ba:20:d4:90:64:33:49:
c0:b7:82:15:a6:41:3e:bb:69:f9:16:db:b0:db:91:b1:55:5c:
ba:69:8c:ad:4c:2c:66:f5:a5:20:06:0c:5f:77:06:a6:35:5c:
b8:3e:fe:71:3f:5a:1f:81:58:b9:da:f4:d2:3a:94:4f:58:d0:
a1:d9:34:d2:c2:5b:f7:bc:76:0b:8c:f2:4d:fb:55:b6:ef:6b:
86:7a:4b:53:b1:81:a5:34:d0:c5:8a:79:8f:32:d1:a0:df:33:
cd:24:73:7c:69:b1:65:78:69:61:5a:50:12:7f:3e:78:58:3d:
9c:b2:ab:4a:18:9a:ec:5c:d8:db:ce:b1:38:01:16:d8:77:75:
47:bc:e9:ff:0e:04:71:e5:33:b1:7e:0d:6a:bc:88:cb:9e:e8:
a9:7f:e4:c2:d6:aa:17:29:98:03:19:ed:23:6a:0c:4b:6e:c8:
6f:28:c3:aa:f1:a8:fe:51:98:4e:90:e3:0d:00:b5:32:3a:dd:
72:ed:7f:78:86:b0:5a:cb:29:81:5f:a7:f2:a9:8f:1a:9a:b7:
50:53:cf:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJuAtR3ea1b5KEJb/ylsi4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQxMDA4MjEyMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWJhMjNmZjc5MGVlYjIzNWZhYzlhZjBjNzcyMjhmODM1Njg5NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWokqJvUFU/tFvnZjAw2j4deW4Ws
JFBGo9bjc1iMOVSFK8+T+D2TZQap3ypHKaH9CRKfzeVuJpky3HgdJsIt3zRRLgoB
ds5Za1PMVRIOgMH8EGwOcjw2T1+v67/0FPE9yhMmQUq7+sDw0nRQjqBFaEqYjV6c
BiQHnRMw4ZEVn7mzwVn9101WQWiFLDDF30MrGVsIchxMimFbCuqIRPWKH3zcAU1n
7VlpXFp4DKWOFhCuGyXSCGQYiKot6RYYwjlBdTVU/xq7sqKEH4zRhjq/UwdSAQAZ
VBTuM/+iumFSsCTGZgXHc1h0C+Obmq/sg74mxeYeib3iqMuKP8z43Di2bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK66I/95DusjX6ya8MdyKPg1aJW+MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcnJval8za082eU5mckpyd3gzSW8tRFZvbGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBwMA0G
CSqGSIb3DQEBCwUAA4IBAQC//jXYom+W3sIA8H83XDRk4pEytZXTNfRFV/EmZvxs
FmsYWS5jzse23nluBw8rVLog1JBkM0nAt4IVpkE+u2n5Ftuw25GxVVy6aYytTCxm
9aUgBgxfdwamNVy4Pv5xP1ofgVi52vTSOpRPWNCh2TTSwlv3vHYLjPJN+1W272uG
ektTsYGlNNDFinmPMtGg3zPNJHN8abFleGlhWlASfz54WD2csqtKGJrsXNjbzrE4
ARbYd3VHvOn/DgRx5TOxfg1qvIjLnuipf+TC1qoXKZgDGe0jagxLbshvKMOq8aj+
UZhOkOMNALUyOt1y7X94hrBayymBX6fyqY8amrdQU8+3
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:46:22 2025 by rpki-client