Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XDf-VYAuh-nDO2CMYXVIF4SuPC8.roa
File: XDf-VYAuh-nDO2CMYXVIF4SuPC8.roa (raw, json)
Hash identifier: cl+9twv2D+eBNV8KlvTFCcF9tVblyskg3wu09JdTgSQ=
Subject key identifier: 5C:37:FE:55:80:2E:87:E9:C3:3B:60:8C:61:75:48:17:84:AE:3C:2F
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B0625A422FF1AC052D4F527F65EDA
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XDf-VYAuh-nDO2CMYXVIF4SuPC8.roa
Signing time: Thu 02 Jan 2025 09:48:55 +0000
ROA not before: Thu 02 Jan 2025 09:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 85.117.242.0/24 maxlen: 24
2a09:ff00:200::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:06:25:a4:22:ff:1a:c0:52:d4:f5:27:f6:5e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c37fe55802e87e9c33b608c6175481784ae3c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8c:98:48:bd:17:59:41:a2:d7:19:1e:ad:a7:
ce:21:b7:dc:a4:7d:2d:00:b7:73:0a:e3:71:81:e1:
11:25:4f:78:d0:ef:d2:11:63:77:ed:0b:19:10:9c:
90:c2:06:b5:ca:eb:d0:55:45:50:2d:7c:0e:21:8e:
30:02:45:0c:4f:23:6b:12:dc:1a:71:57:2f:99:12:
c8:e4:af:8e:35:bf:e1:7d:10:29:ba:a1:28:18:47:
67:f1:d9:f5:74:21:b2:c9:c9:b8:ab:a5:bd:72:c4:
17:fb:ea:96:e5:90:74:2e:99:be:5c:38:db:10:a6:
46:8b:24:14:d8:d2:52:8d:50:73:b7:9c:69:b4:42:
6e:f2:20:03:92:aa:dd:45:b4:a9:a4:bb:22:e5:a1:
02:bc:77:4c:a9:7b:97:af:8d:fb:9c:d4:e4:39:ba:
e1:a4:ac:dc:03:a1:27:ec:07:15:8d:55:d3:57:82:
2f:cc:f3:30:8f:c0:fb:84:a3:cb:30:25:e2:00:7e:
71:96:d7:ad:d9:27:a5:e2:1b:98:3f:24:cc:86:36:
0e:3c:6b:41:fb:69:64:87:10:a8:26:17:bc:fe:96:
7c:a1:15:d0:b6:9d:db:b1:0a:56:1b:66:5d:80:a0:
95:05:ba:b8:3a:8b:40:0e:be:6a:09:e6:9d:d2:75:
51:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:37:FE:55:80:2E:87:E9:C3:3B:60:8C:61:75:48:17:84:AE:3C:2F
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XDf-VYAuh-nDO2CMYXVIF4SuPC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.242.0/24
IPv6:
2a09:ff00:200::/44
Signature Algorithm: sha256WithRSAEncryption
23:9c:d0:70:6a:7c:c3:58:8d:eb:ac:38:8d:a3:27:f8:41:d6:
8c:04:97:fd:ab:cd:24:32:31:74:dd:7d:a1:98:e8:fa:ce:17:
c2:9e:a2:1c:ea:05:62:26:65:d1:1c:a4:83:a6:bf:8c:47:82:
5b:33:28:ad:1e:cb:44:a8:1e:86:31:92:d3:bc:a1:42:2f:7e:
14:38:fa:b6:9f:ee:37:f8:48:3a:77:2c:9d:4f:a2:a3:47:12:
b9:21:8d:3c:22:ae:a4:81:6c:6e:99:b4:e1:dd:3f:1a:ff:73:
96:8a:f5:97:5d:d9:0f:fa:bf:ff:dd:53:fa:3d:b5:15:f7:4e:
fd:10:df:91:5f:c2:a9:f6:d6:41:b5:2d:a8:8a:f1:fa:32:78:
97:5f:81:1e:18:e4:0e:e7:69:e0:a9:e6:fa:dc:5e:0e:64:e6:
ef:69:e5:79:f9:12:aa:a1:ff:02:46:b4:0b:e5:84:ac:ca:df:
ce:d6:e1:23:d7:b1:e0:7c:07:20:cf:75:f6:9a:25:53:f9:d8:
d0:dc:ff:29:8d:2d:31:0d:ad:be:68:7c:b0:51:06:32:d5:4c:
b8:74:93:8c:97:fe:de:dd:2a:47:8a:7f:e2:5d:3b:86:fd:74:
98:81:c6:1f:90:56:95:e7:7b:e9:9f:8b:70:3e:62:58:6f:91:
84:45:9e:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQmawYlpCL/GsBS1PUn9l7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM3ZmU1NTgwMmU4N2U5YzMzYjYwOGM2MTc1NDgxNzg0YWUzYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoyYSL0XWUGi1xkerafOIbfcpH0t
ALdzCuNxgeERJU940O/SEWN37QsZEJyQwga1yuvQVUVQLXwOIY4wAkUMTyNrEtwa
cVcvmRLI5K+ONb/hfRApuqEoGEdn8dn1dCGyycm4q6W9csQX++qW5ZB0Lpm+XDjb
EKZGiyQU2NJSjVBzt5xptEJu8iADkqrdRbSppLsi5aECvHdMqXuXr437nNTkObrh
pKzcA6En7AcVjVXTV4IvzPMwj8D7hKPLMCXiAH5xltet2Sel4huYPyTMhjYOPGtB
+2lkhxCoJhe8/pZ8oRXQtp3bsQpWG2ZdgKCVBbq4OotADr5qCead0nVRwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFw3/lWALofpwztgjGF1SBeErjwvMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvWERmLVZZQXVoLW5ETzJDTVlYVklGNFN1UEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVXXyMA8E
AgACMAkDBwQqCf8AAgAwDQYJKoZIhvcNAQELBQADggEBACOc0HBqfMNYjeusOI2j
J/hB1owEl/2rzSQyMXTdfaGY6PrOF8KeohzqBWImZdEcpIOmv4xHglszKK0ey0So
HoYxktO8oUIvfhQ4+raf7jf4SDp3LJ1PoqNHErkhjTwirqSBbG6ZtOHdPxr/c5aK
9Zdd2Q/6v//dU/o9tRX3Tv0Q35Ffwqn21kG1LaiK8foyeJdfgR4Y5A7naeCp5vrc
Xg5k5u9p5Xn5Eqqh/wJGtAvlhKzK387W4SPXseB8ByDPdfaaJVP52NDc/ymNLTEN
rb5ofLBRBjLVTLh0k4yX/t7dKkeKf+JdO4b9dJiBxh+QVpXne+mfi3A+YlhvkYRF
nic=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:39:33 2025 by rpki-client