Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0OKEEKGhx09vrOl7RYzWo3_wxgQ.roa
File: 0OKEEKGhx09vrOl7RYzWo3_wxgQ.roa (raw, json)
Hash identifier: bVmqeltj/mUgRyI/UDd3qXuGmM6ZNTUv7NHdJ5Ecm14=
Subject key identifier: D0:E2:84:10:A1:A1:C7:4F:6F:AC:E9:7B:45:8C:D6:A3:7F:F0:C6:04
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 019427B40C26BB79DE77B77078672950697D
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0OKEEKGhx09vrOl7RYzWo3_wxgQ.roa
Signing time: Thu 02 Jan 2025 15:48:18 +0000
ROA not before: Thu 02 Jan 2025 15:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 85.237.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:0c:26:bb:79:de:77:b7:70:78:67:29:50:69:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jan 2 15:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0e28410a1a1c74f6face97b458cd6a37ff0c604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bf:6b:4f:0d:85:3d:87:75:99:e0:fc:d0:a9:
80:c1:a2:1a:2a:d4:76:21:00:18:fb:9f:84:ae:77:
a4:d9:a4:06:30:b1:68:e9:f8:c0:59:5c:05:13:50:
49:80:48:80:bb:f8:a1:0b:43:0c:9c:f1:3f:55:08:
ad:33:9a:cb:d8:e0:53:6d:4b:09:06:3b:92:0b:56:
1a:be:f1:e8:94:cb:72:1c:c5:13:4b:d2:34:6c:80:
9f:bc:c4:a6:3a:64:67:4d:22:40:0c:f0:7d:45:a2:
ba:2f:9c:70:85:59:37:24:67:37:da:26:90:7e:e8:
7c:a1:ec:e6:37:b7:32:5c:5b:20:55:92:2c:3f:25:
37:b0:27:42:85:54:2a:ba:f3:88:39:58:e6:b9:27:
1b:1f:64:61:48:02:78:83:ee:c5:46:80:69:7f:9e:
07:22:cf:5f:9e:b6:3e:c6:e6:5d:8c:a3:fc:ad:af:
b3:70:47:74:b7:0b:51:c4:14:29:2b:11:c7:8a:19:
78:f1:c6:07:5a:c1:2c:59:47:af:90:0a:cd:8a:42:
bf:7f:03:74:73:74:ed:0d:26:82:ee:3b:d0:88:2f:
ec:3f:6f:4f:60:c5:4a:62:70:ba:00:c8:d5:45:1b:
50:d2:48:86:2f:f3:9f:c9:c0:a1:14:9d:56:70:43:
ab:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E2:84:10:A1:A1:C7:4F:6F:AC:E9:7B:45:8C:D6:A3:7F:F0:C6:04
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/0OKEEKGhx09vrOl7RYzWo3_wxgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.68.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ed:d1:bc:ca:ec:43:d0:55:0a:31:41:da:23:1e:4f:cb:30:
e1:10:99:41:a9:72:be:67:a1:76:ad:a6:9d:b4:ca:a0:c8:2d:
06:3f:2b:33:70:3c:eb:2a:84:33:77:1e:ac:dc:79:53:e5:9e:
91:40:bc:51:e1:3f:26:2f:ac:66:5c:b4:82:85:c4:e3:d0:c9:
dd:6c:b2:b9:5d:4f:d9:3a:ed:3b:0c:18:aa:67:41:51:d6:3f:
85:1a:2b:49:97:23:3d:71:b5:ea:f0:bf:7f:b7:de:31:a0:cf:
92:61:9f:12:45:3a:76:36:43:c2:4e:68:d9:53:9b:2b:4d:cb:
8c:98:80:c6:0c:e8:26:6c:82:e8:a4:0c:f5:0c:05:d2:8b:0a:
b2:24:37:5c:cf:28:da:fe:c6:33:53:a6:42:a1:aa:26:cb:ee:
4d:95:4d:03:3f:6a:ec:cc:3f:6c:2e:7d:d8:bd:eb:1d:01:67:
d2:3a:62:ce:24:d9:09:c6:b2:99:90:bc:ff:c8:50:6e:e3:1b:
5e:5d:2d:3d:9c:fd:cd:91:e1:8e:53:09:3a:f5:8a:0c:a3:fd:
42:02:6d:b7:8a:7d:06:ef:b2:84:1e:f7:fe:4d:24:1a:89:9b:
87:c4:89:52:7b:af:42:92:04:71:ee:3d:ae:37:1b:84:3c:aa:
d1:56:6c:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntAwmu3ned7dweGcpUGl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjUwMTAyMTU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGUyODQxMGExYTFjNzRmNmZhY2U5N2I0NThjZDZhMzdmZjBjNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs79rTw2FPYd1meD80KmAwaIaKtR2
IQAY+5+Ernek2aQGMLFo6fjAWVwFE1BJgEiAu/ihC0MMnPE/VQitM5rL2OBTbUsJ
BjuSC1YavvHolMtyHMUTS9I0bICfvMSmOmRnTSJADPB9RaK6L5xwhVk3JGc32iaQ
fuh8oezmN7cyXFsgVZIsPyU3sCdChVQquvOIOVjmuScbH2RhSAJ4g+7FRoBpf54H
Is9fnrY+xuZdjKP8ra+zcEd0twtRxBQpKxHHihl48cYHWsEsWUevkArNikK/fwN0
c3TtDSaC7jvQiC/sP29PYMVKYnC6AMjVRRtQ0kiGL/OfycChFJ1WcEOr2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDihBChocdPb6zpe0WM1qN/8MYEMB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvME9LRUVLR2h4MDl2ck9sN1JZeldvM193eGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe1EMA0G
CSqGSIb3DQEBCwUAA4IBAQAw7dG8yuxD0FUKMUHaIx5PyzDhEJlBqXK+Z6F2raad
tMqgyC0GPyszcDzrKoQzdx6s3HlT5Z6RQLxR4T8mL6xmXLSChcTj0MndbLK5XU/Z
Ou07DBiqZ0FR1j+FGitJlyM9cbXq8L9/t94xoM+SYZ8SRTp2NkPCTmjZU5srTcuM
mIDGDOgmbILopAz1DAXSiwqyJDdczyja/sYzU6ZCoaomy+5NlU0DP2rszD9sLn3Y
vesdAWfSOmLOJNkJxrKZkLz/yFBu4xteXS09nP3NkeGOUwk69YoMo/1CAm23in0G
77KEHvf+TSQaiZuHxIlSe69CkgRx7j2uNxuEPKrRVmxG
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:37:13 2025 by rpki-client