Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2aYfbRwaZVy9SIZh5WeXhdSVQqQ.roa
File: 2aYfbRwaZVy9SIZh5WeXhdSVQqQ.roa (raw, json)
Hash identifier: ap9afqiOMT9+4dw6ee5JDSibMDIDQ7cdyEaEq2eFSwk=
Subject key identifier: D9:A6:1F:6D:1C:1A:65:5C:BD:48:86:61:E5:67:97:85:D4:95:42:A4
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0194C6E5A63101F678243FF1508893BB76AC
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2aYfbRwaZVy9SIZh5WeXhdSVQqQ.roa
Signing time: Sun 02 Feb 2025 13:42:06 +0000
ROA not before: Sun 02 Feb 2025 13:42:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213944
IP address blocks: 85.133.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c6:e5:a6:31:01:f6:78:24:3f:f1:50:88:93:bb:76:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 2 13:42:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9a61f6d1c1a655cbd488661e5679785d49542a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:44:76:9e:cf:92:fe:56:fc:7a:10:0a:ad:34:
62:92:91:4f:31:1f:50:53:bf:0a:f5:7e:70:f4:7a:
0a:fe:20:49:03:b6:3b:35:0c:5e:bd:78:e5:72:a2:
68:ef:53:7c:3c:b5:08:2c:41:7b:77:28:53:39:f0:
94:76:e9:7a:e7:33:ab:a5:fd:4b:65:58:53:2c:00:
7d:c7:b9:74:34:e8:75:1a:ed:da:d9:aa:6e:93:49:
5f:92:26:ad:ee:01:85:d6:0c:40:9d:08:44:a4:1d:
d2:bb:a0:26:a5:6d:d9:14:a3:dd:a6:a9:07:a0:d2:
c9:63:c5:a0:61:7b:61:5d:6f:ed:1b:a9:17:2b:a7:
a9:74:b5:7b:34:b3:c7:8a:2e:ea:eb:01:68:d4:de:
f9:38:9b:5b:78:a0:d2:78:70:f0:61:1a:cc:70:91:
1a:79:fa:88:62:40:33:69:fb:68:1c:0f:bd:40:eb:
2a:e2:04:71:bb:7a:b2:6a:78:4f:84:c9:33:de:b2:
be:c4:19:2b:d3:72:45:df:fb:c2:d6:5f:12:8a:de:
7d:b9:a1:ed:d0:67:2f:03:5a:08:f7:0c:a6:f8:99:
7c:86:4a:69:1e:00:fe:05:07:f4:f8:59:7c:43:95:
06:73:d9:80:b2:f0:1e:3c:f3:aa:11:1e:fc:63:43:
ed:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A6:1F:6D:1C:1A:65:5C:BD:48:86:61:E5:67:97:85:D4:95:42:A4
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2aYfbRwaZVy9SIZh5WeXhdSVQqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.222.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c3:86:27:fb:7c:ca:7b:36:90:8f:0a:59:86:05:60:a9:b3:
af:4d:9a:02:80:df:b3:e7:8a:46:bd:e2:c6:cb:e7:70:70:90:
94:fd:72:9b:ec:7c:b3:f6:f9:82:96:10:5e:88:85:b3:63:6c:
87:08:4a:34:65:a0:02:9a:d0:d4:89:90:9c:cb:af:15:6b:af:
c2:96:8d:f7:2d:9b:b1:25:59:6f:83:16:dc:51:66:72:36:3f:
9b:90:cb:f4:50:b5:b5:05:14:d7:41:73:b2:e6:ea:c0:07:f1:
1c:63:a7:7c:84:64:55:e8:98:3e:b1:5e:d8:2d:93:d6:24:55:
09:24:6e:a2:f5:80:1e:eb:25:3c:06:60:d2:84:4d:15:88:2e:
e3:11:dd:00:8f:c4:9f:d0:65:1a:cc:35:c1:6c:e3:99:18:82:
47:bc:3e:a5:53:9d:31:4c:28:07:77:38:3b:d5:f0:9e:33:97:
49:c5:e4:1f:2f:56:16:42:49:c9:d3:e7:ba:84:01:94:33:c3:
18:99:91:75:4c:f0:b9:10:55:41:4b:a8:cb:f0:ec:15:1f:6d:
8b:80:f2:f2:a2:d4:48:f7:b6:b7:b8:20:de:e5:64:f7:ef:78:
d3:90:37:e8:60:c2:0e:2e:7c:e9:9f:52:bc:32:a4:90:f2:58:
55:79:75:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTG5aYxAfZ4JD/xUIiTu3asMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMjAyMTM0MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWE2MWY2ZDFjMWE2NTVjYmQ0ODg2NjFlNTY3OTc4NWQ0OTU0MmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kR2ns+S/lb8ehAKrTRikpFPMR9Q
U78K9X5w9HoK/iBJA7Y7NQxevXjlcqJo71N8PLUILEF7dyhTOfCUdul65zOrpf1L
ZVhTLAB9x7l0NOh1Gu3a2apuk0lfkiat7gGF1gxAnQhEpB3Su6AmpW3ZFKPdpqkH
oNLJY8WgYXthXW/tG6kXK6epdLV7NLPHii7q6wFo1N75OJtbeKDSeHDwYRrMcJEa
efqIYkAzaftoHA+9QOsq4gRxu3qyanhPhMkz3rK+xBkr03JF3/vC1l8Sit59uaHt
0GcvA1oI9wym+Jl8hkppHgD+BQf0+Fl8Q5UGc9mAsvAePPOqER78Y0Pt9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmmH20cGmVcvUiGYeVnl4XUlUKkMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMmFZZmJSd2FaVnk5U0laaDVXZVhoZFNWUXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXeMA0G
CSqGSIb3DQEBCwUAA4IBAQAiw4Yn+3zKezaQjwpZhgVgqbOvTZoCgN+z54pGveLG
y+dwcJCU/XKb7Hyz9vmClhBeiIWzY2yHCEo0ZaACmtDUiZCcy68Va6/Clo33LZux
JVlvgxbcUWZyNj+bkMv0ULW1BRTXQXOy5urAB/EcY6d8hGRV6Jg+sV7YLZPWJFUJ
JG6i9YAe6yU8BmDShE0ViC7jEd0Aj8Sf0GUazDXBbOOZGIJHvD6lU50xTCgHdzg7
1fCeM5dJxeQfL1YWQknJ0+e6hAGUM8MYmZF1TPC5EFVBS6jL8OwVH22LgPLyotRI
97a3uCDe5WT373jTkDfoYMIOLnzpn1K8MqSQ8lhVeXUJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:21 2025 by rpki-client