Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/1-dvDKQatG6LmsS2Gtl2Z0jXN0q4.roa
File: 1-dvDKQatG6LmsS2Gtl2Z0jXN0q4.roa (raw, json)
Hash identifier: OCwcRLqLzU9MoTPH0YxVzqGg6rAnP7Th744fLfnYz98=
Subject key identifier: F9:DB:C3:29:06:AD:1B:A2:E6:B1:2D:86:B6:5D:99:D2:35:CD:D2:AE
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018CC7956A34583403E3353756C2E16FB8AC
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/1-dvDKQatG6LmsS2Gtl2Z0jXN0q4.roa
Signing time: Tue 02 Jan 2024 00:31:47 +0000
ROA not before: Tue 02 Jan 2024 00:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34804
IP address blocks: 85.159.224.0/24 maxlen: 24
85.159.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:6a:34:58:34:03:e3:35:37:56:c2:e1:6f:b8:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Jan 2 00:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9dbc32906ad1ba2e6b12d86b65d99d235cdd2ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:78:af:c7:77:fa:ed:cc:ef:79:ec:9d:19:f2:
ae:65:6d:f0:f8:a3:b7:f2:15:78:0f:8d:47:42:42:
5f:ab:0c:56:c9:ea:cf:0d:c4:78:10:71:ac:a6:82:
8e:71:8f:ed:fb:99:66:a8:34:fb:6f:c7:0b:4c:b5:
90:f1:29:8e:95:57:cc:de:51:19:20:2f:05:54:68:
45:08:f3:8f:28:19:1b:88:65:43:e4:1f:bb:88:0f:
b5:8c:ba:a3:7c:b8:2e:5e:f8:ec:43:ce:3c:2b:89:
35:8c:60:3f:c1:6c:e5:bd:c6:75:3e:fc:98:37:1b:
87:5f:5a:3e:3c:31:ce:5c:84:67:55:18:81:5b:49:
64:d7:d9:79:24:89:d1:20:eb:39:b5:40:67:61:7f:
70:45:03:86:0e:5f:2c:36:dc:72:3f:d9:ce:63:12:
97:90:37:12:5b:a4:0d:fc:99:8d:e3:49:09:02:3c:
18:45:ed:f2:a7:9d:12:f3:03:e3:02:e8:de:b8:e9:
f0:da:3f:ef:ca:fb:ee:67:d2:ac:a4:9b:11:92:bd:
3a:1c:83:bf:22:61:95:45:12:e4:f9:65:e9:59:70:
76:cb:e8:47:56:0c:1a:6b:35:37:21:5e:a2:a1:b0:
7e:eb:cc:81:23:82:ab:b6:0e:11:85:d3:16:42:00:
96:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DB:C3:29:06:AD:1B:A2:E6:B1:2D:86:B6:5D:99:D2:35:CD:D2:AE
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/1-dvDKQatG6LmsS2Gtl2Z0jXN0q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.224.0/24
85.159.227.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6e:39:64:10:a0:7b:b7:6d:a4:7a:73:d4:ac:59:c4:91:bf:
5b:77:d4:b2:27:0b:8e:25:16:4e:a3:e6:d7:8e:ed:d2:c2:b0:
40:6c:ae:47:e1:7b:1d:d9:b1:91:7b:cc:6c:1a:15:a8:34:12:
2a:75:50:90:d0:ee:5c:16:ac:59:d8:35:cd:f9:bb:f5:92:be:
7a:16:3f:aa:97:75:cc:98:e3:c6:1c:6e:fc:e6:82:59:69:4d:
79:03:b1:9e:84:a3:82:b8:64:0e:6c:e3:92:54:b5:a8:6c:6d:
7a:75:04:ac:b8:ec:e0:96:89:16:4f:9a:c7:53:73:f2:ea:e8:
f0:82:9b:cd:9d:4a:ad:18:2d:e0:35:cd:47:a3:cc:30:b3:a6:
4d:b7:d9:1b:5c:03:fd:b5:66:f2:3e:44:36:2c:79:2a:64:61:
e5:f0:c0:99:8f:fe:2b:d5:2d:d8:d0:fa:b1:58:c4:43:1e:2c:
2f:2f:da:85:d8:7e:36:a0:25:1f:f0:7b:59:59:95:90:f3:7a:
13:77:db:21:32:4e:a1:ed:ab:bc:de:b3:ed:84:4c:20:aa:c2:
7c:f4:53:3e:1b:08:e9:ee:3f:b3:92:f2:fe:85:96:01:4f:ab:
59:8e:98:48:73:ec:50:5e:3a:a5:8f:ce:c3:05:9e:92:1a:fa:
06:c1:81:a9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzHlWo0WDQD4zU3VsLhb7isMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjQwMTAyMDAzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRiYzMyOTA2YWQxYmEyZTZiMTJkODZiNjVkOTlkMjM1Y2RkMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3ivx3f67czveeydGfKuZW3w+KO3
8hV4D41HQkJfqwxWyerPDcR4EHGspoKOcY/t+5lmqDT7b8cLTLWQ8SmOlVfM3lEZ
IC8FVGhFCPOPKBkbiGVD5B+7iA+1jLqjfLguXvjsQ848K4k1jGA/wWzlvcZ1PvyY
NxuHX1o+PDHOXIRnVRiBW0lk19l5JInRIOs5tUBnYX9wRQOGDl8sNtxyP9nOYxKX
kDcSW6QN/JmN40kJAjwYRe3yp50S8wPjAujeuOnw2j/vyvvuZ9KspJsRkr06HIO/
ImGVRRLk+WXpWXB2y+hHVgwaazU3IV6iobB+68yBI4Krtg4RhdMWQgCWdQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPnbwykGrRui5rEthrZdmdI1zdKuMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvMS1kdkRLUWF0RzZMbXNTMkd0bDJaMGpYTjBxNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzcvNTllOGMzLTYyNmItNGVjZS04ZTM5LWRmNzkzYTk0MGJh
Yi8xL0hqYmVKNWRISjZvQVJyUHB5TkJpUm5SVUVsVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFWf4AME
AFWf4zANBgkqhkiG9w0BAQsFAAOCAQEAk245ZBCge7dtpHpz1KxZxJG/W3fUsicL
jiUWTqPm147t0sKwQGyuR+F7HdmxkXvMbBoVqDQSKnVQkNDuXBasWdg1zfm79ZK+
ehY/qpd1zJjjxhxu/OaCWWlNeQOxnoSjgrhkDmzjklS1qGxtenUErLjs4JaJFk+a
x1Nz8uro8IKbzZ1KrRgt4DXNR6PMMLOmTbfZG1wD/bVm8j5ENix5KmRh5fDAmY/+
K9Ut2ND6sVjEQx4sLy/ahdh+NqAlH/B7WVmVkPN6E3fbITJOoe2rvN6z7YRMIKrC
fPRTPhsI6e4/s5Ly/oWWAU+rWY6YSHPsUF46pY/OwwWekhr6BsGBqQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:05:42 2025 by rpki-client