Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/39Bz52ELCw7-ugSWUI3vnSlzFNg.roa
File: 39Bz52ELCw7-ugSWUI3vnSlzFNg.roa (raw, json)
Hash identifier: rckVCS2UVoKbUdjWWt9CdJoQbIemzvnGfOdJDV2aAiA=
Subject key identifier: DF:D0:73:E7:61:0B:0B:0E:FE:BA:04:96:50:8D:EF:9D:29:73:14:D8
Certificate issuer: /CN=cc977e9d52afbc47799d3975fcee8ac51ca0cf6a
Certificate serial: 019427B5BDE5B69CCDCFFFD9B5DA6941854D
Authority key identifier: CC:97:7E:9D:52:AF:BC:47:79:9D:39:75:FC:EE:8A:C5:1C:A0:CF:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/39Bz52ELCw7-ugSWUI3vnSlzFNg.roa
Signing time: Thu 02 Jan 2025 15:50:09 +0000
ROA not before: Thu 02 Jan 2025 15:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 85.208.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:bd:e5:b6:9c:cd:cf:ff:d9:b5:da:69:41:85:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc977e9d52afbc47799d3975fcee8ac51ca0cf6a
Validity
Not Before: Jan 2 15:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfd073e7610b0b0efeba0496508def9d297314d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d2:8f:6a:f0:0e:b9:ba:d1:50:c3:74:ef:ff:
5f:b4:13:63:f3:74:f9:b0:7f:3e:b1:0b:6b:50:c5:
1f:05:07:37:48:30:8e:8e:47:bc:e2:38:78:4d:44:
71:c9:ca:15:0f:76:4b:f6:d2:3d:bd:83:bf:4d:b4:
16:9b:df:be:fa:fb:e4:aa:1b:21:d0:59:52:bc:9c:
e3:20:98:d1:10:c9:e0:34:07:98:a3:bc:91:73:bb:
35:31:03:4a:36:4a:2d:3a:40:6c:50:d9:cc:1e:c3:
e3:d4:7f:e2:c3:ae:48:f5:a8:9d:e6:7e:91:2c:c7:
04:27:73:21:24:42:cc:8f:55:2c:f3:c0:72:c9:ed:
8b:fa:91:a0:b7:f4:10:1b:b2:15:47:98:4e:0e:9c:
e1:65:bb:79:b0:39:c7:4e:64:6a:d3:00:17:44:4c:
a8:ae:dc:2e:a8:f0:b3:03:72:5e:c3:91:c5:7c:81:
25:82:39:d7:c6:29:92:7c:04:06:55:f7:77:7d:ce:
46:1c:59:8e:34:cc:50:97:51:ac:13:c8:4d:6e:0f:
fe:be:3b:c9:34:31:dc:93:d5:e4:8d:8d:95:6c:a9:
1f:e3:a4:84:59:d7:a0:7e:0e:c2:9f:cd:0c:b6:2b:
7c:87:d1:f4:98:90:0b:0f:d1:9b:3e:88:13:03:16:
9e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D0:73:E7:61:0B:0B:0E:FE:BA:04:96:50:8D:EF:9D:29:73:14:D8
X509v3 Authority Key Identifier:
keyid:CC:97:7E:9D:52:AF:BC:47:79:9D:39:75:FC:EE:8A:C5:1C:A0:CF:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/39Bz52ELCw7-ugSWUI3vnSlzFNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/zJd-nVKvvEd5nTl1_O6KxRygz2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.98.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c8:2d:d1:dd:40:e6:93:c2:2f:29:8a:60:ba:0e:8e:5b:d4:
c2:e8:ee:85:1e:db:87:27:f3:54:62:aa:7c:7f:39:18:2b:34:
f6:7d:c6:25:36:77:06:e4:1e:f8:7f:54:36:da:95:a2:24:bb:
e2:77:31:65:75:2b:c8:4a:a1:ea:2b:d6:54:dd:bc:24:a0:4d:
fa:4c:53:ac:d3:63:6d:0b:5a:ad:03:46:b4:48:46:00:dd:33:
d7:78:de:1a:6c:b1:9e:db:63:3e:c2:b8:f6:cd:fb:f0:62:58:
cb:42:d6:f1:38:c0:91:e6:74:01:cd:ea:48:45:5e:ef:d4:d8:
ae:72:26:1b:cb:9d:e2:c6:7b:78:d4:37:92:15:4f:25:fd:43:
9f:d7:0e:70:14:12:a5:21:b4:89:55:84:28:9a:df:92:dc:f2:
0f:90:58:6a:38:11:9d:55:37:83:35:9b:99:90:fb:f6:8c:72:
53:d3:5b:39:9b:a7:59:13:7e:21:02:0e:c7:23:80:62:aa:bd:
30:d7:ae:23:e8:2f:61:57:50:80:f1:b7:d5:f8:89:f7:28:b7:
a0:37:99:e9:07:dc:1d:2b:9f:9d:5f:8f:2c:d1:66:42:c2:36:
4a:26:f2:32:9c:f2:52:b3:b1:fe:87:e5:13:e7:46:c8:f4:f2:
ae:14:5f:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntb3ltpzNz//ZtdppQYVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOTc3ZTlkNTJhZmJjNDc3OTlkMzk3NWZjZWU4YWM1MWNh
MGNmNmEwHhcNMjUwMTAyMTU1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQwNzNlNzYxMGIwYjBlZmViYTA0OTY1MDhkZWY5ZDI5NzMxNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtKPavAOubrRUMN07/9ftBNj83T5
sH8+sQtrUMUfBQc3SDCOjke84jh4TURxycoVD3ZL9tI9vYO/TbQWm9+++vvkqhsh
0FlSvJzjIJjREMngNAeYo7yRc7s1MQNKNkotOkBsUNnMHsPj1H/iw65I9aid5n6R
LMcEJ3MhJELMj1Us88Byye2L+pGgt/QQG7IVR5hODpzhZbt5sDnHTmRq0wAXREyo
rtwuqPCzA3Jew5HFfIElgjnXximSfAQGVfd3fc5GHFmONMxQl1GsE8hNbg/+vjvJ
NDHck9XkjY2VbKkf46SEWdegfg7Cn80Mtit8h9H0mJALD9GbPogTAxaeXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/Qc+dhCwsO/roEllCN750pcxTYMB8GA1UdIwQY
MBaAFMyXfp1Sr7xHeZ05dfzuisUcoM9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekpkLW5WS3Z2RWQ1blRsMV9PNkt4UnlnejJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85NWE1ZTYtNTU4My00Y2NlLTg2ZTkt
ZTIzMDQ2MmZjNTdiLzEvMzlCejUyRUxDdzctdWdTV1VJM3ZuU2x6Rk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85NWE1ZTYtNTU4My00Y2NlLTg2ZTktZTIzMDQ2MmZjNTdi
LzEvekpkLW5WS3Z2RWQ1blRsMV9PNkt4UnlnejJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBiMA0G
CSqGSIb3DQEBCwUAA4IBAQAjyC3R3UDmk8IvKYpgug6OW9TC6O6FHtuHJ/NUYqp8
fzkYKzT2fcYlNncG5B74f1Q22pWiJLvidzFldSvISqHqK9ZU3bwkoE36TFOs02Nt
C1qtA0a0SEYA3TPXeN4abLGe22M+wrj2zfvwYljLQtbxOMCR5nQBzepIRV7v1Niu
ciYby53ixnt41DeSFU8l/UOf1w5wFBKlIbSJVYQomt+S3PIPkFhqOBGdVTeDNZuZ
kPv2jHJT01s5m6dZE34hAg7HI4Biqr0w164j6C9hV1CA8bfV+In3KLegN5npB9wd
K5+dX48s0WZCwjZKJvIynPJSs7H+h+UT50bI9PKuFF9k
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:40:11 2025 by rpki-client