Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/xkN44L-nyzTPfQ1VidLrZSG2zvM.roa
File: xkN44L-nyzTPfQ1VidLrZSG2zvM.roa (raw, json)
Hash identifier: Idz9oDDP5xliD7EGp+6/eiSDrFOztGZ8MUmYDohW9zo=
Subject key identifier: C6:43:78:E0:BF:A7:CB:34:CF:7D:0D:55:89:D2:EB:65:21:B6:CE:F3
Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial: 01856BCA42F5BE4472A75C510190DCE6D556
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/xkN44L-nyzTPfQ1VidLrZSG2zvM.roa
Signing time: Sun 01 Jan 2023 05:24:55 +0000
ROA not before: Sun 01 Jan 2023 05:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60078
IP address blocks: 85.204.249.0/24 maxlen: 24
85.204.248.0/24 maxlen: 24
2a10:52c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:42:f5:be:44:72:a7:5c:51:01:90:dc:e6:d5:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Validity
Not Before: Jan 1 05:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c64378e0bfa7cb34cf7d0d5589d2eb6521b6cef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:03:a1:0f:30:d0:53:e7:3d:d6:26:22:0f:e3:
ab:c0:bd:16:d5:ba:61:99:9b:28:6a:58:86:e5:96:
09:db:da:d8:2f:8a:37:89:44:0c:7d:29:38:27:3c:
f1:44:2f:b1:75:1f:ef:88:27:f7:3a:66:41:36:44:
21:1d:16:10:23:45:9c:8b:f9:42:d4:a2:c1:a6:b7:
39:57:3f:15:ac:0a:b1:31:b3:30:1f:f5:02:eb:93:
45:72:2f:fa:73:29:c0:9f:44:25:5b:89:46:77:aa:
a3:83:58:ea:72:3f:0a:1e:8e:4f:04:23:42:78:aa:
86:e8:1d:9e:9a:bc:a8:f5:2b:6f:69:98:e8:9c:3e:
d6:09:08:fa:29:f6:e5:6c:10:93:2b:11:cf:9c:e7:
80:99:02:49:c5:3c:d9:6f:ba:be:97:ed:86:28:39:
a2:8a:49:a2:8b:7b:91:c3:62:9a:e1:64:52:1a:07:
a1:9f:08:63:18:76:2b:95:38:68:83:7f:9c:17:49:
a9:58:ec:b0:b3:dd:0a:87:20:d7:46:81:33:95:83:
41:18:be:b1:61:9a:7c:8b:7c:34:bd:e0:2e:4b:0b:
6d:de:f7:87:b9:d2:32:ba:85:89:d2:69:9f:ec:8d:
4c:d1:9d:d9:10:7a:9d:b7:76:33:37:06:40:be:07:
76:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:43:78:E0:BF:A7:CB:34:CF:7D:0D:55:89:D2:EB:65:21:B6:CE:F3
X509v3 Authority Key Identifier:
keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/xkN44L-nyzTPfQ1VidLrZSG2zvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.248.0/23
IPv6:
2a10:52c0::/48
Signature Algorithm: sha256WithRSAEncryption
81:4a:14:7f:ff:00:88:16:40:d7:61:eb:c6:f9:dd:2d:f0:6d:
f8:40:0d:d7:b0:6b:f1:00:53:3c:98:08:ba:e5:77:68:93:04:
09:3f:ca:21:8f:7a:17:fe:df:86:9b:49:ff:c6:67:92:a6:5a:
b1:f8:f1:4b:88:fc:b3:43:6d:10:c0:ad:67:a0:d3:65:71:e7:
81:98:42:d4:68:db:59:4f:9b:26:27:bf:ae:f3:b5:4f:24:71:
97:cc:1c:27:9b:a9:4a:6b:83:59:d5:77:7c:e7:f9:08:8c:81:
34:8d:25:5b:6c:d2:c1:81:f4:ba:ef:43:ef:96:93:79:45:f2:
e3:85:cc:22:f1:bb:40:d8:9e:c4:9b:2e:f0:be:cf:05:63:26:
6d:fa:ae:28:8b:7a:30:8e:d8:61:28:e2:f8:0c:54:3f:1f:26:
1a:05:4f:36:a7:96:db:3d:1f:d7:1c:a5:65:cf:d9:bd:1c:f1:
ff:af:0a:1a:06:2a:f1:87:e4:8e:8f:6c:8a:15:39:df:94:2f:
5e:36:5e:65:c2:92:6f:02:4d:9a:e4:a8:11:b8:90:df:17:bb:
fa:dd:66:c6:6d:f9:ac:bf:f2:a6:da:1f:19:79:d9:17:e6:7a:
4f:93:c3:88:f8:40:a9:61:3d:81:7d:0a:60:68:ea:a9:ab:02:
d3:89:eb:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrykL1vkRyp1xRAZDc5tVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk
ODI0MGIwHhcNMjMwMTAxMDUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQzNzhlMGJmYTdjYjM0Y2Y3ZDBkNTU4OWQyZWI2NTIxYjZjZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AOhDzDQU+c91iYiD+OrwL0W1bph
mZsoaliG5ZYJ29rYL4o3iUQMfSk4JzzxRC+xdR/viCf3OmZBNkQhHRYQI0Wci/lC
1KLBprc5Vz8VrAqxMbMwH/UC65NFci/6cynAn0QlW4lGd6qjg1jqcj8KHo5PBCNC
eKqG6B2emryo9StvaZjonD7WCQj6KfblbBCTKxHPnOeAmQJJxTzZb7q+l+2GKDmi
ikmii3uRw2Ka4WRSGgehnwhjGHYrlThog3+cF0mpWOyws90KhyDXRoEzlYNBGL6x
YZp8i3w0veAuSwtt3veHudIyuoWJ0mmf7I1M0Z3ZEHqdt3YzNwZAvgd2LQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMZDeOC/p8s0z30NVYnS62Uhts7zMB8GA1UdIwQY
MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt
MWQ3MDNiNDk2NjM0LzEveGtONDRMLW55elRQZlExVmlkTHJaU0cyenZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0
LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBVcz4MA8E
AgACMAkDBwAqEFLAAAAwDQYJKoZIhvcNAQELBQADggEBAIFKFH//AIgWQNdh68b5
3S3wbfhADdewa/EAUzyYCLrld2iTBAk/yiGPehf+34abSf/GZ5KmWrH48UuI/LND
bRDArWeg02Vx54GYQtRo21lPmyYnv67ztU8kcZfMHCebqUprg1nVd3zn+QiMgTSN
JVts0sGB9LrvQ++Wk3lF8uOFzCLxu0DYnsSbLvC+zwVjJm36riiLejCO2GEo4vgM
VD8fJhoFTzanlts9H9ccpWXP2b0c8f+vChoGKvGH5I6PbIoVOd+UL142XmXCkm8C
TZrkqBG4kN8Xu/rdZsZt+ay/8qbaHxl52Rfmek+Tw4j4QKlhPYF9CmBo6qmrAtOJ
678=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:05 2025 by rpki-client