Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/mqIFHy4ZEzPCvBr0SyHTiwMzB84.roa
File: mqIFHy4ZEzPCvBr0SyHTiwMzB84.roa (raw, json)
Hash identifier: GxKK9FgqIWgefTbpo/PMsNI7fe/ECtS2hgqdsZcixQY=
Subject key identifier: 9A:A2:05:1F:2E:19:13:33:C2:BC:1A:F4:4B:21:D3:8B:03:33:07:CE
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018CC6B937A0A879E3AE8747DA3C6995D851
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/mqIFHy4ZEzPCvBr0SyHTiwMzB84.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49147
IP address blocks: 85.187.0.0/24 maxlen: 24
85.187.5.0/24 maxlen: 24
85.187.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:37:a0:a8:79:e3:ae:87:47:da:3c:69:95:d8:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aa2051f2e191333c2bc1af44b21d38b033307ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:30:b6:20:38:ab:ec:a6:82:bc:14:0a:20:28:
83:2b:23:55:06:ee:c7:b7:2f:74:f5:e9:fc:77:39:
50:c4:91:25:01:3a:df:52:c0:4f:69:5e:bf:e2:3e:
41:01:d7:44:93:98:22:07:f5:c2:8c:e6:9d:47:97:
28:32:9c:37:c3:8f:0c:68:0a:b7:5f:53:64:8b:17:
11:0d:b1:39:46:f0:3e:91:42:a6:1a:73:d7:7b:3b:
dc:eb:cd:5c:f3:b4:26:65:64:22:94:38:5d:28:8b:
c5:a6:e2:e7:ed:85:1a:e9:e6:89:5f:4f:55:45:ff:
b9:3f:5c:09:0c:ef:17:12:df:f5:09:10:39:a0:2b:
ff:5d:af:c8:ac:d9:f7:52:29:c3:f8:33:b9:69:a3:
32:8d:55:80:ac:e4:2e:e0:e0:b2:f1:61:38:8a:1c:
c0:40:92:df:c0:4a:d2:5e:8b:59:6a:1c:99:a5:e1:
20:1a:a5:c0:5a:57:f2:45:c8:db:20:41:3a:15:d0:
92:0d:71:75:5f:cb:3f:65:bd:c8:63:53:df:95:0b:
96:34:36:4a:ff:e2:e9:62:d5:6d:3c:68:7b:5c:e2:
22:05:47:b4:07:f0:af:3e:94:f5:50:43:e9:29:60:
55:97:cf:f1:79:63:76:b4:e9:7b:ed:95:65:44:13:
73:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A2:05:1F:2E:19:13:33:C2:BC:1A:F4:4B:21:D3:8B:03:33:07:CE
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/mqIFHy4ZEzPCvBr0SyHTiwMzB84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.0.0/24
85.187.5.0/24
85.187.12.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:50:7e:51:16:99:78:26:db:55:60:f3:94:ac:8a:5b:ee:aa:
cf:87:55:28:eb:47:ad:11:02:da:4e:e6:a2:2c:27:ed:37:b2:
d4:74:58:02:45:d5:8e:ad:f5:80:36:98:54:bd:31:8b:95:b1:
fd:80:b9:61:59:e4:bb:d0:88:0f:c1:18:72:b7:42:0e:e6:01:
37:97:c2:36:7d:d3:e4:23:ca:81:38:00:e1:98:aa:a0:95:7c:
f2:da:b4:b2:af:46:89:c9:eb:56:15:89:ae:61:42:aa:0c:99:
4a:45:ef:0f:d6:b5:26:85:c6:a9:43:12:f9:dd:df:0c:8e:8d:
2d:8c:38:a0:55:c7:3c:1b:a1:de:5b:d2:96:7e:b3:58:fb:28:
5b:e3:4e:d7:12:b8:09:49:a8:3e:df:53:26:a7:9b:16:c2:5c:
be:15:a0:cc:8f:4b:72:59:66:0d:15:f3:dc:eb:99:3e:83:a8:
21:4d:4b:df:0e:1f:91:27:15:48:0d:ab:5e:8a:2c:41:fb:04:
7e:08:73:ab:82:87:8d:2b:bc:9d:d4:17:9d:68:e1:4a:40:d9:
b8:7d:31:81:cc:8f:73:e7:d9:28:3b:a3:23:ed:83:d5:0a:bb:
0a:ff:34:c3:ec:50:84:11:cd:87:25:97:c5:8e:d0:11:f1:b8:
5c:43:a9:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuTegqHnjrodH2jxpldhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWEyMDUxZjJlMTkxMzMzYzJiYzFhZjQ0YjIxZDM4YjAzMzMwN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjC2IDir7KaCvBQKICiDKyNVBu7H
ty909en8dzlQxJElATrfUsBPaV6/4j5BAddEk5giB/XCjOadR5coMpw3w48MaAq3
X1NkixcRDbE5RvA+kUKmGnPXezvc681c87QmZWQilDhdKIvFpuLn7YUa6eaJX09V
Rf+5P1wJDO8XEt/1CRA5oCv/Xa/IrNn3UinD+DO5aaMyjVWArOQu4OCy8WE4ihzA
QJLfwErSXotZahyZpeEgGqXAWlfyRcjbIEE6FdCSDXF1X8s/Zb3IY1PflQuWNDZK
/+LpYtVtPGh7XOIiBUe0B/CvPpT1UEPpKWBVl8/xeWN2tOl77ZVlRBNzQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJqiBR8uGRMzwrwa9Esh04sDMwfOMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvbXFJRkh5NFpFelBDdkJyMFN5SFRpd016Qjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVbsAAwQA
VbsFAwQAVbsMMA0GCSqGSIb3DQEBCwUAA4IBAQDYUH5RFpl4JttVYPOUrIpb7qrP
h1Uo60etEQLaTuaiLCftN7LUdFgCRdWOrfWANphUvTGLlbH9gLlhWeS70IgPwRhy
t0IO5gE3l8I2fdPkI8qBOADhmKqglXzy2rSyr0aJyetWFYmuYUKqDJlKRe8P1rUm
hcapQxL53d8Mjo0tjDigVcc8G6HeW9KWfrNY+yhb407XErgJSag+31Mmp5sWwly+
FaDMj0tyWWYNFfPc65k+g6ghTUvfDh+RJxVIDateiixB+wR+CHOrgoeNK7yd1Bed
aOFKQNm4fTGBzI9z59koO6Mj7YPVCrsK/zTD7FCEEc2HJZfFjtAR8bhcQ6kZ
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:50:35 2025 by rpki-client