Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/D5cQDodAYDqiYgIud8LhyCaXvBY.roa
File: D5cQDodAYDqiYgIud8LhyCaXvBY.roa (raw, json)
Hash identifier: Q507I+wQ8iwnh9vsSJyWeLo1OyDGz9OLIQtJagTcmIE=
Subject key identifier: 0F:97:10:0E:87:40:60:3A:A2:62:02:2E:77:C2:E1:C8:26:97:BC:16
Certificate issuer: /CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Certificate serial: 019426D9945BFB5A3BAE4FF947D1A5844A86
Authority key identifier: EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/D5cQDodAYDqiYgIud8LhyCaXvBY.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34309
IP address blocks: 85.22.173.0/24 maxlen: 24
212.29.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:94:5b:fb:5a:3b:ae:4f:f9:47:d1:a5:84:4a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f97100e8740603aa262022e77c2e1c82697bc16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b2:ff:14:ef:ce:4c:7a:1d:74:b6:f0:b3:e4:
6b:97:a4:94:ff:b7:27:b1:ee:b4:b3:19:12:91:3e:
35:74:87:43:fc:f5:98:bc:b4:15:19:1d:a2:3c:ec:
ae:39:f0:e6:05:22:0a:54:4c:ee:9a:5c:3f:7a:8e:
9b:09:94:0e:10:e7:cc:29:f8:7d:89:c9:50:69:c4:
ac:38:c7:99:42:65:22:5c:fa:d3:21:3d:05:03:41:
f4:e5:be:44:7e:e3:08:ba:19:71:63:b4:c5:d0:90:
2e:67:ca:42:e5:c9:f3:57:17:c5:c3:13:5f:22:49:
88:99:12:87:14:86:0e:68:58:e5:0d:23:9d:52:e8:
50:d7:3e:43:b7:1c:2c:96:24:3f:b0:ee:23:74:97:
55:f8:16:93:dc:95:ed:76:c6:ba:75:18:e7:11:0d:
49:07:eb:0c:bb:a0:bc:ab:8f:8b:54:35:10:79:bf:
a8:7f:92:0c:5b:0e:8e:94:40:37:db:89:84:93:36:
3a:80:d7:06:6d:50:80:42:70:96:be:8a:6a:c2:ae:
0f:b4:94:81:46:f1:cb:ce:b3:0e:4b:bf:ed:d5:cb:
98:3e:95:4e:37:e8:91:11:87:d1:25:8d:f1:8d:80:
9c:97:29:c0:89:c6:44:31:fa:0b:e4:29:33:78:26:
2f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:97:10:0E:87:40:60:3A:A2:62:02:2E:77:C2:E1:C8:26:97:BC:16
X509v3 Authority Key Identifier:
keyid:EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/D5cQDodAYDqiYgIud8LhyCaXvBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.22.173.0/24
212.29.39.0/24
Signature Algorithm: sha256WithRSAEncryption
28:5d:31:51:3f:ec:fa:84:31:56:57:f9:62:70:b0:a0:80:2c:
0d:33:2b:c3:08:fd:18:29:b2:61:e9:19:d2:50:5e:f7:a8:73:
4b:4b:da:46:d2:e8:a3:1b:c4:bd:f2:00:2e:03:7a:ac:2e:e0:
1a:ba:58:5d:a4:70:5c:25:c1:1e:99:d4:ce:45:7f:cc:05:69:
16:66:fb:39:4a:29:f9:3f:b2:58:20:30:e8:ae:7a:37:c9:fc:
1e:b7:fa:bb:d9:df:c2:50:8d:82:87:23:91:c5:55:6f:3d:7a:
75:72:44:e6:68:bc:12:32:84:04:89:b7:53:46:a9:6f:8a:18:
db:15:b8:80:10:c6:d8:2c:20:ba:28:4d:dd:33:d5:8c:ad:75:
cb:91:bb:d2:87:50:60:06:d7:db:fb:e6:62:e5:43:67:98:53:
8c:93:d6:34:7a:2c:bc:63:17:9a:3d:7d:b8:1b:0a:c3:97:97:
15:e4:c5:ef:de:5c:a9:8b:90:c9:41:65:df:c3:f1:3d:30:b5:
70:da:e7:8d:47:93:ac:e4:78:80:f7:20:8a:f8:32:bd:12:3e:
4e:ed:62:2b:b5:ee:4e:5a:30:e6:e1:36:2b:81:a1:06:6c:a0:
68:30:03:11:12:2a:1e:b6:40:19:f4:5c:79:35:64:79:26:59:
f9:50:6d:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2ZRb+1o7rk/5R9GlhEqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWY5NWY4YzRjNTU0ODI2ZGU4ZjM4YWQ2YmJhOWZiNzQ4
MDI4MjQwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjk3MTAwZTg3NDA2MDNhYTI2MjAyMmU3N2MyZTFjODI2OTdiYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7L/FO/OTHoddLbws+Rrl6SU/7cn
se60sxkSkT41dIdD/PWYvLQVGR2iPOyuOfDmBSIKVEzumlw/eo6bCZQOEOfMKfh9
iclQacSsOMeZQmUiXPrTIT0FA0H05b5EfuMIuhlxY7TF0JAuZ8pC5cnzVxfFwxNf
IkmImRKHFIYOaFjlDSOdUuhQ1z5DtxwsliQ/sO4jdJdV+BaT3JXtdsa6dRjnEQ1J
B+sMu6C8q4+LVDUQeb+of5IMWw6OlEA324mEkzY6gNcGbVCAQnCWvopqwq4PtJSB
RvHLzrMOS7/t1cuYPpVON+iREYfRJY3xjYCclynAicZEMfoL5CkzeCYv+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA+XEA6HQGA6omICLnfC4cgml7wWMB8GA1UdIwQY
MBaAFOvvlfjExVSCbejzita7qft0gCgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUt
OWEzNTBmZDFhNGFkLzEvRDVjUURvZEFZRHFpWWdJdWQ4TGh5Q2FYdkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUtOWEzNTBmZDFhNGFk
LzEvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVRatAwQA
1B0nMA0GCSqGSIb3DQEBCwUAA4IBAQAoXTFRP+z6hDFWV/licLCggCwNMyvDCP0Y
KbJh6RnSUF73qHNLS9pG0uijG8S98gAuA3qsLuAaulhdpHBcJcEemdTORX/MBWkW
Zvs5Sin5P7JYIDDorno3yfwet/q72d/CUI2ChyORxVVvPXp1ckTmaLwSMoQEibdT
RqlvihjbFbiAEMbYLCC6KE3dM9WMrXXLkbvSh1BgBtfb++Zi5UNnmFOMk9Y0eiy8
YxeaPX24GwrDl5cV5MXv3lypi5DJQWXfw/E9MLVw2ueNR5Os5HiA9yCK+DK9Ej5O
7WIrte5OWjDm4TYrgaEGbKBoMAMREioetkAZ9Fx5NWR5Jln5UG0t
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:15:50 2025 by rpki-client