Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jbrX3RnEBV2Zv4WI2ciFBCyq2rE.roa
File: jbrX3RnEBV2Zv4WI2ciFBCyq2rE.roa (raw, json)
Hash identifier: EI11sOyGNbnf/2WxMc9TWzuK0I56RaBxSVF49tXFPI8=
Subject key identifier: 8D:BA:D7:DD:19:C4:05:5D:99:BF:85:88:D9:C8:85:04:2C:AA:DA:B1
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 0194258F07DA7D059D723B2C582BBAB2B68D
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jbrX3RnEBV2Zv4WI2ciFBCyq2rE.roa
Signing time: Thu 02 Jan 2025 05:48:38 +0000
ROA not before: Thu 02 Jan 2025 05:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203633
IP address blocks: 85.187.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:07:da:7d:05:9d:72:3b:2c:58:2b:ba:b2:b6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 05:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dbad7dd19c4055d99bf8588d9c885042caadab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fc:61:9e:42:96:15:57:89:8c:ee:39:4e:2f:
41:de:5a:db:4b:a9:1f:cc:7c:6e:44:55:26:80:ac:
9b:93:d3:7f:bc:aa:c6:89:52:8f:43:47:75:38:ae:
83:a0:00:4a:3d:42:3b:09:09:1f:b5:38:33:1e:09:
b5:9c:5f:f8:c0:b7:7e:43:07:65:27:4a:9e:2f:8d:
b4:b0:c0:a6:25:10:2d:a7:a1:f8:a8:fc:c5:f2:4b:
5b:70:a4:a9:41:13:6e:b4:ee:e7:c1:5e:67:3b:02:
1e:8d:ec:41:76:ff:fa:de:0d:27:94:c9:cc:ec:c4:
ff:d9:f8:ff:27:cd:8b:1d:00:ca:65:93:a6:2c:f6:
9a:84:13:80:03:ce:c2:8e:da:9b:4b:8c:06:3d:7e:
f4:03:2c:27:f2:a9:69:fa:87:e5:5a:e1:2e:24:ff:
e7:18:fb:ad:49:26:7e:29:c6:df:d9:db:83:02:b8:
55:2b:9f:71:a0:c7:1a:65:06:ba:bc:70:58:b3:69:
bf:5e:c0:c5:e4:10:fa:a4:f6:53:ab:25:77:74:07:
58:f7:8f:4a:d2:c2:f1:73:40:33:ec:be:ed:de:db:
1c:fa:24:5a:29:e2:d9:e7:32:7a:07:eb:7b:51:38:
7e:88:70:64:cf:e2:78:ad:bd:4b:73:8e:c2:ea:2c:
8c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BA:D7:DD:19:C4:05:5D:99:BF:85:88:D9:C8:85:04:2C:AA:DA:B1
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jbrX3RnEBV2Zv4WI2ciFBCyq2rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.42.0/24
Signature Algorithm: sha256WithRSAEncryption
21:99:35:c7:10:2d:39:59:64:a7:b5:fa:a8:e5:6c:45:77:78:
e2:65:0a:83:65:24:43:e0:fa:00:ce:5b:29:e3:c5:0e:36:fc:
38:3c:9e:07:75:91:36:05:44:bc:7e:29:6b:10:d8:9c:c8:83:
30:87:de:87:34:11:17:70:29:3a:ae:4a:2e:7e:ce:ed:e9:a1:
e9:d3:39:6f:95:38:e0:30:b5:06:84:24:4b:18:64:e7:a0:53:
13:38:bc:e8:2b:33:7c:87:43:92:1e:f0:fe:29:8f:33:dd:b3:
b2:a9:ce:99:89:05:6b:0e:78:0b:31:5d:e9:ca:fb:18:ff:03:
f8:e9:9e:d0:de:bd:c2:0e:9e:c3:99:1d:03:bf:2a:d6:d3:fa:
51:cc:4e:27:85:9a:23:88:9b:7c:8b:14:cb:c8:2c:aa:94:e3:
00:7d:8b:73:d8:94:44:ed:f0:53:21:bd:5d:1a:b7:30:2b:5c:
90:b3:6a:f2:80:4d:4e:43:d3:ac:11:a5:db:b5:e0:0b:63:77:
3f:9b:1d:10:a6:a4:5d:94:dc:f3:30:96:9c:1e:53:88:08:f2:
e0:bc:9c:b8:f2:ac:be:a9:50:7b:70:f6:9f:4c:29:e4:9b:26:
57:64:9f:97:3d:ff:38:a8:e1:a4:89:23:25:4e:45:1a:46:9e:
2a:09:3b:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljwfafQWdcjssWCu6sraNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjUwMTAyMDU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGJhZDdkZDE5YzQwNTVkOTliZjg1ODhkOWM4ODUwNDJjYWFkYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfxhnkKWFVeJjO45Ti9B3lrbS6kf
zHxuRFUmgKybk9N/vKrGiVKPQ0d1OK6DoABKPUI7CQkftTgzHgm1nF/4wLd+Qwdl
J0qeL420sMCmJRAtp6H4qPzF8ktbcKSpQRNutO7nwV5nOwIejexBdv/63g0nlMnM
7MT/2fj/J82LHQDKZZOmLPaahBOAA87CjtqbS4wGPX70Aywn8qlp+oflWuEuJP/n
GPutSSZ+Kcbf2duDArhVK59xoMcaZQa6vHBYs2m/XsDF5BD6pPZTqyV3dAdY949K
0sLxc0Az7L7t3tsc+iRaKeLZ5zJ6B+t7UTh+iHBkz+J4rb1Lc47C6iyMmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI26190ZxAVdmb+FiNnIhQQsqtqxMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvamJyWDNSbkVCVjJadjRXSTJjaUZCQ3lxMnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVbsqMA0G
CSqGSIb3DQEBCwUAA4IBAQAhmTXHEC05WWSntfqo5WxFd3jiZQqDZSRD4PoAzlsp
48UONvw4PJ4HdZE2BUS8filrENicyIMwh96HNBEXcCk6rkoufs7t6aHp0zlvlTjg
MLUGhCRLGGTnoFMTOLzoKzN8h0OSHvD+KY8z3bOyqc6ZiQVrDngLMV3pyvsY/wP4
6Z7Q3r3CDp7DmR0DvyrW0/pRzE4nhZojiJt8ixTLyCyqlOMAfYtz2JRE7fBTIb1d
GrcwK1yQs2rygE1OQ9OsEaXbteALY3c/mx0QpqRdlNzzMJacHlOICPLgvJy48qy+
qVB7cPafTCnkmyZXZJ+XPf84qOGkiSMlTkUaRp4qCTsI
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:22:01 2025 by rpki-client