Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/qfWn5oFdZLWxOWX09vwBZHbmxKY.roa
File: qfWn5oFdZLWxOWX09vwBZHbmxKY.roa (raw, json)
Hash identifier: kB0UOM5OWe1Cjy3hyDJeK4nWfFoXaiZfXp/VooIrMIs=
Subject key identifier: A9:F5:A7:E6:81:5D:64:B5:B1:39:65:F4:F6:FC:01:64:76:E6:C4:A6
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 01856D7866417435128846AE38C44EDD3291
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/qfWn5oFdZLWxOWX09vwBZHbmxKY.roa
Signing time: Sun 01 Jan 2023 13:14:45 +0000
ROA not before: Sun 01 Jan 2023 13:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:66:41:74:35:12:88:46:ae:38:c4:4e:dd:32:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Jan 1 13:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9f5a7e6815d64b5b13965f4f6fc016476e6c4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:19:26:07:9c:86:e7:c0:39:f8:df:a0:1d:9d:
05:40:49:40:ad:5a:57:7c:26:2f:0c:c5:07:08:e0:
70:7b:9f:5c:c4:54:65:71:30:06:57:0f:fd:28:dd:
3c:6f:53:03:20:a5:95:96:82:12:4b:f1:71:d0:a6:
bf:11:b2:37:a4:e2:5a:89:40:b5:48:72:4f:63:fe:
67:b4:f1:99:99:90:89:c5:c9:27:18:69:aa:f6:71:
28:d5:28:c7:3e:69:5f:3b:3c:e3:9c:bc:81:e4:64:
21:8d:52:7d:76:ba:a8:15:11:6d:e1:ff:c3:4d:15:
83:4e:8f:30:27:e6:49:66:12:fc:7c:25:2e:3f:91:
83:28:77:30:c1:f7:90:2f:83:f4:60:98:ae:1e:70:
d6:01:84:74:61:98:77:58:8c:0d:d1:54:4a:81:6f:
ee:f0:a2:aa:6d:23:b9:72:94:f3:a0:fa:76:1f:bf:
eb:bd:f2:b8:25:a1:de:b7:d8:e1:63:10:c4:2b:59:
7c:e3:a7:e7:15:9a:c7:e1:61:77:8c:70:c0:53:52:
3e:b7:b4:cf:ad:af:21:9d:8c:d0:4b:7c:ed:2b:c4:
bc:55:72:4a:3c:be:77:0e:e5:cc:a5:7f:6e:cd:9a:
ed:12:52:0f:7c:5c:5e:27:2a:38:75:8f:53:e9:a7:
7e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F5:A7:E6:81:5D:64:B5:B1:39:65:F4:F6:FC:01:64:76:E6:C4:A6
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/qfWn5oFdZLWxOWX09vwBZHbmxKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8d:65:4e:c0:94:4c:25:92:86:7e:5c:23:af:75:1b:eb:45:
e1:79:c0:88:7f:7a:e0:01:12:a3:1f:13:fe:c4:10:24:1d:42:
d9:f2:18:de:1c:43:86:68:c3:73:97:f1:12:bb:bf:71:ee:0a:
88:cc:83:f9:f9:cd:6e:29:22:9a:14:21:fc:12:2c:66:86:2c:
07:0b:09:43:06:2d:54:2a:1d:af:86:a7:6c:ef:21:a3:99:e1:
29:84:32:df:84:f7:aa:7c:3b:bd:1f:92:43:2d:23:e1:a7:86:
ca:18:cb:b4:81:9a:b3:46:ea:e5:cd:ea:b2:4f:12:90:7d:69:
8e:99:89:55:99:bc:90:25:6e:40:fe:1d:6c:17:6b:c8:53:0e:
33:92:1c:1a:c0:3f:22:7a:23:f2:55:fe:ab:92:d9:b7:98:4d:
39:c1:44:10:61:e0:4e:dd:54:f4:4f:db:83:78:6f:e7:de:84:
c7:27:3f:38:b9:20:15:b2:1e:64:28:d8:f6:12:e1:08:15:58:
a2:d9:78:03:72:09:83:b4:8c:a0:cc:0d:16:7e:da:97:9e:04:
a1:28:93:33:7c:5b:74:7c:13:80:b1:ba:86:2f:ac:ae:b7:6a:
56:20:6e:ea:10:ba:cc:f3:81:b2:f6:c7:60:8d:4e:4f:b5:c4:
66:4e:db:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteGZBdDUSiEauOMRO3TKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNDAzOTM5OTAxN2ZhMDkzZGM4ZDUwMzc5OWY2Y2E0MDNm
MGJkMDUwHhcNMjMwMTAxMTMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY1YTdlNjgxNWQ2NGI1YjEzOTY1ZjRmNmZjMDE2NDc2ZTZjNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRkmB5yG58A5+N+gHZ0FQElArVpX
fCYvDMUHCOBwe59cxFRlcTAGVw/9KN08b1MDIKWVloISS/Fx0Ka/EbI3pOJaiUC1
SHJPY/5ntPGZmZCJxcknGGmq9nEo1SjHPmlfOzzjnLyB5GQhjVJ9drqoFRFt4f/D
TRWDTo8wJ+ZJZhL8fCUuP5GDKHcwwfeQL4P0YJiuHnDWAYR0YZh3WIwN0VRKgW/u
8KKqbSO5cpTzoPp2H7/rvfK4JaHet9jhYxDEK1l846fnFZrH4WF3jHDAU1I+t7TP
ra8hnYzQS3ztK8S8VXJKPL53DuXMpX9uzZrtElIPfFxeJyo4dY9T6ad+fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKn1p+aBXWS1sTll9Pb8AWR25sSmMB8GA1UdIwQY
MBaAFGJAOTmQF/oJPcjVA3mfbKQD8L0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYt
MzI1OTQ5NmU3YzVmLzEvcWZXbjVvRmRaTFd4T1dYMDl2d0JaSGJteEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYtMzI1OTQ5NmU3YzVm
LzEvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdHkMA0G
CSqGSIb3DQEBCwUAA4IBAQAnjWVOwJRMJZKGflwjr3Ub60XhecCIf3rgARKjHxP+
xBAkHULZ8hjeHEOGaMNzl/ESu79x7gqIzIP5+c1uKSKaFCH8EixmhiwHCwlDBi1U
Kh2vhqds7yGjmeEphDLfhPeqfDu9H5JDLSPhp4bKGMu0gZqzRurlzeqyTxKQfWmO
mYlVmbyQJW5A/h1sF2vIUw4zkhwawD8ieiPyVf6rktm3mE05wUQQYeBO3VT0T9uD
eG/n3oTHJz84uSAVsh5kKNj2EuEIFVii2XgDcgmDtIygzA0WftqXngShKJMzfFt0
fBOAsbqGL6yut2pWIG7qELrM84Gy9sdgjU5PtcRmTttx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:41 2025 by rpki-client