Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/U2afBikHEgYlEBtyOQCYzl0sfIA.roa
File: U2afBikHEgYlEBtyOQCYzl0sfIA.roa (raw, json)
Hash identifier: V9NvtY0Wrid1NObg5qZ6wyYCBFEEcAwWNDaJ+TpaGh4=
Subject key identifier: 53:66:9F:06:29:07:12:06:25:10:1B:72:39:00:98:CE:5D:2C:7C:80
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 0194258F0A6B28831C3C84BF720D6E38F537
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/U2afBikHEgYlEBtyOQCYzl0sfIA.roa
Signing time: Thu 02 Jan 2025 05:48:38 +0000
ROA not before: Thu 02 Jan 2025 05:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207879
IP address blocks: 85.187.45.0/24 maxlen: 24
185.242.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:0a:6b:28:83:1c:3c:84:bf:72:0d:6e:38:f5:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 05:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53669f062907120625101b72390098ce5d2c7c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2c:e8:4d:37:69:44:ef:7a:bb:35:2f:3d:67:
3c:7c:dd:03:07:74:8b:50:33:a7:98:b1:18:01:d7:
39:28:fd:99:cc:43:9a:d5:a2:8d:a5:83:3e:3b:85:
eb:7a:b0:8b:e4:48:87:d3:4a:d7:cf:93:f2:a9:b9:
2a:ce:1f:d8:1f:79:84:92:8d:61:42:5b:49:27:9c:
db:06:81:f3:66:1c:81:e9:fe:5a:51:47:f1:f9:b2:
b2:ba:74:8d:f1:ad:50:8e:92:89:1a:15:ec:48:ee:
12:30:6b:bf:13:d5:87:25:49:1a:ea:b2:f3:ce:1f:
27:6c:2f:b8:1c:5c:4d:4d:55:50:87:50:eb:5d:e2:
c6:e6:94:4c:9c:a3:52:6f:3e:e8:b4:e5:10:7a:0d:
dc:db:6d:51:54:1c:e8:96:66:40:48:80:d9:1b:26:
a2:21:b4:03:c6:05:eb:2e:6a:b7:c1:80:03:04:ae:
0e:c3:e8:bc:c1:90:34:7a:d2:0c:cd:56:11:58:48:
c6:a7:ae:d7:0b:0f:32:57:49:16:34:1c:02:68:94:
9a:42:30:80:ed:8f:1b:e6:e3:06:81:d5:73:66:c3:
90:58:a4:25:93:8c:f4:a5:f4:7d:01:c0:f0:5e:72:
d5:1a:dc:f1:c6:a4:d3:ea:45:00:aa:0b:51:db:70:
9b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:66:9F:06:29:07:12:06:25:10:1B:72:39:00:98:CE:5D:2C:7C:80
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/U2afBikHEgYlEBtyOQCYzl0sfIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.45.0/24
185.242.171.0/24
Signature Algorithm: sha256WithRSAEncryption
04:91:f7:9a:4e:9b:79:ac:ef:47:cc:d3:30:09:df:d1:34:69:
df:71:b8:e6:60:8b:26:4b:34:0a:05:c7:5b:35:00:da:00:6e:
9e:d2:f7:37:79:a3:b4:54:fd:6b:4c:da:dc:64:b3:c3:62:fc:
97:81:65:1b:d0:e5:f0:ae:50:a8:5e:10:8f:aa:fe:bb:13:39:
b1:18:f9:03:d8:62:ed:ed:fe:39:be:e5:9e:60:ac:d3:ef:e4:
ff:64:45:6f:12:a1:ba:3e:e3:d7:03:6f:3e:90:72:67:a4:e3:
25:b8:cf:fb:a7:08:f6:18:01:de:be:39:a9:4c:e3:3b:5d:32:
37:3b:c2:df:c9:13:29:3e:92:6a:3b:b7:39:14:ad:07:c5:29:
d9:0a:a4:92:41:81:49:72:a7:0c:02:36:18:3f:6e:fe:38:07:
e6:33:3c:46:f1:ad:f7:50:da:4b:66:48:6f:e1:f7:0e:ff:32:
e8:37:74:8a:b8:d9:05:3c:c3:eb:90:73:f3:88:6f:03:23:27:
d1:65:d8:4b:aa:05:51:ac:bf:7b:49:71:d3:12:00:ed:a6:8b:
69:34:68:35:be:23:d2:61:a6:e3:b7:43:19:02:0c:b9:65:95:
5f:8b:6e:db:c1:48:1d:17:cd:b8:a0:0b:53:48:8b:df:48:0c:
3f:16:2f:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQljwprKIMcPIS/cg1uOPU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjUwMTAyMDU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY2OWYwNjI5MDcxMjA2MjUxMDFiNzIzOTAwOThjZTVkMmM3YzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvizoTTdpRO96uzUvPWc8fN0DB3SL
UDOnmLEYAdc5KP2ZzEOa1aKNpYM+O4XrerCL5EiH00rXz5Pyqbkqzh/YH3mEko1h
QltJJ5zbBoHzZhyB6f5aUUfx+bKyunSN8a1QjpKJGhXsSO4SMGu/E9WHJUka6rLz
zh8nbC+4HFxNTVVQh1DrXeLG5pRMnKNSbz7otOUQeg3c221RVBzolmZASIDZGyai
IbQDxgXrLmq3wYADBK4Ow+i8wZA0etIMzVYRWEjGp67XCw8yV0kWNBwCaJSaQjCA
7Y8b5uMGgdVzZsOQWKQlk4z0pfR9AcDwXnLVGtzxxqTT6kUAqgtR23CbDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNmnwYpBxIGJRAbcjkAmM5dLHyAMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvVTJhZkJpa0hFZ1lsRUJ0eU9RQ1l6bDBzZklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVbstAwQA
ufKrMA0GCSqGSIb3DQEBCwUAA4IBAQAEkfeaTpt5rO9HzNMwCd/RNGnfcbjmYIsm
SzQKBcdbNQDaAG6e0vc3eaO0VP1rTNrcZLPDYvyXgWUb0OXwrlCoXhCPqv67Ezmx
GPkD2GLt7f45vuWeYKzT7+T/ZEVvEqG6PuPXA28+kHJnpOMluM/7pwj2GAHevjmp
TOM7XTI3O8LfyRMpPpJqO7c5FK0HxSnZCqSSQYFJcqcMAjYYP27+OAfmMzxG8a33
UNpLZkhv4fcO/zLoN3SKuNkFPMPrkHPziG8DIyfRZdhLqgVRrL97SXHTEgDtpotp
NGg1viPSYabjt0MZAgy5ZZVfi27bwUgdF824oAtTSIvfSAw/Fi+e
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:38:43 2025 by rpki-client