Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/aqcyD04I5tez90f4iAT7WnG7VCQ.roa
File: aqcyD04I5tez90f4iAT7WnG7VCQ.roa (raw, json)
Hash identifier: Q1+PORgycb9l0/xUPpaAuPXqw8JpkaIq9bzlnN5L4VI=
Subject key identifier: 6A:A7:32:0F:4E:08:E6:D7:B3:F7:47:F8:88:04:FB:5A:71:BB:54:24
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019427B5FF64160E225F159DAAD6EC59EC06
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/aqcyD04I5tez90f4iAT7WnG7VCQ.roa
Signing time: Thu 02 Jan 2025 15:50:26 +0000
ROA not before: Thu 02 Jan 2025 15:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209638
IP address blocks: 85.133.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:ff:64:16:0e:22:5f:15:9d:aa:d6:ec:59:ec:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 15:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6aa7320f4e08e6d7b3f747f88804fb5a71bb5424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:34:21:ba:07:62:ba:ec:52:4f:c6:6c:9a:55:
96:91:a3:1e:af:88:aa:5b:2b:67:20:b2:61:43:f3:
09:32:f2:2c:35:bd:ea:85:15:b3:6a:e4:9a:df:8b:
67:ce:ae:e6:8c:8b:ff:71:10:7c:5e:5d:cb:bd:64:
58:22:6a:e1:e2:95:b0:70:f9:9d:42:c2:09:ee:60:
ad:a5:22:9c:80:cf:b6:a7:24:b7:1a:d3:02:23:0a:
d4:2a:4c:bd:dc:1a:18:5b:d2:49:83:5d:75:ab:95:
ac:9f:99:27:54:62:b4:16:dd:9e:2a:cc:72:62:c9:
31:a3:94:ab:d3:ec:be:60:e4:f5:b4:5c:c5:1d:0c:
4c:f4:57:d5:59:3d:e7:0f:9d:9e:f5:d5:a0:53:67:
59:fe:42:cd:39:ba:83:ad:b9:15:04:b9:67:e5:05:
ff:7d:ab:99:dd:cb:9a:25:41:aa:45:5c:08:26:94:
ee:7d:62:61:2b:bd:3d:a7:62:c5:86:38:e8:85:e4:
09:a5:42:88:5b:ab:76:0d:bb:51:71:74:5b:c2:15:
89:ac:e2:12:7d:1e:f7:d2:8c:6b:50:e5:3d:c8:ce:
b4:4a:97:d1:a5:42:c1:9a:9c:04:9b:cb:3e:80:ad:
5b:a3:a5:60:b7:bd:37:0e:e1:a4:df:ec:22:59:cb:
3e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A7:32:0F:4E:08:E6:D7:B3:F7:47:F8:88:04:FB:5A:71:BB:54:24
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/aqcyD04I5tez90f4iAT7WnG7VCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
Signature Algorithm: sha256WithRSAEncryption
29:41:a7:ac:59:75:ad:c7:53:82:aa:20:ed:b7:10:e0:36:33:
26:c3:09:d7:67:c8:6c:12:13:7b:a9:dc:94:08:13:6b:24:d8:
90:de:4c:cc:7a:ac:7e:83:24:d9:87:41:1d:d8:ec:db:66:65:
a3:7b:a8:6f:56:c2:d6:20:80:b8:de:a4:08:db:00:81:8a:be:
ef:85:c2:e1:03:ab:3b:21:bd:d6:0d:1f:78:73:74:22:01:5e:
d8:90:41:25:3d:bb:b5:8e:26:60:50:59:17:91:4c:d2:8a:03:
1a:85:30:07:f2:ee:ff:2e:a3:99:9d:4c:b5:6a:2f:49:9b:b5:
8d:b1:d2:c8:f8:90:cb:fe:2f:da:66:08:4c:7b:9d:04:4b:d4:
2a:5f:12:74:81:48:48:90:73:e5:ef:10:1e:f3:09:a7:00:a5:
a6:13:c2:dc:22:cd:4e:1d:a7:f6:3f:6e:93:cc:2c:b9:82:df:
b6:c9:bb:83:b1:12:2c:17:32:e8:98:b7:e5:a6:5b:2a:1a:d5:
37:6c:9a:a1:64:7c:34:6a:20:8a:1b:f7:52:41:56:a6:30:7f:
ea:b2:b1:d3:01:47:af:6f:ee:91:c7:bc:e1:c9:e2:21:d9:bf:
b5:f2:ee:d0:8e:19:2b:47:08:f9:d9:bc:85:62:81:43:da:95:
b9:74:58:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntf9kFg4iXxWdqtbsWewGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMTAyMTU1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE3MzIwZjRlMDhlNmQ3YjNmNzQ3Zjg4ODA0ZmI1YTcxYmI1NDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjQhugdiuuxST8ZsmlWWkaMer4iq
WytnILJhQ/MJMvIsNb3qhRWzauSa34tnzq7mjIv/cRB8Xl3LvWRYImrh4pWwcPmd
QsIJ7mCtpSKcgM+2pyS3GtMCIwrUKky93BoYW9JJg111q5Wsn5knVGK0Ft2eKsxy
Yskxo5Sr0+y+YOT1tFzFHQxM9FfVWT3nD52e9dWgU2dZ/kLNObqDrbkVBLln5QX/
fauZ3cuaJUGqRVwIJpTufWJhK709p2LFhjjoheQJpUKIW6t2DbtRcXRbwhWJrOIS
fR730oxrUOU9yM60SpfRpULBmpwEm8s+gK1bo6Vgt703DuGk3+wiWcs+uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqnMg9OCObXs/dH+IgE+1pxu1QkMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvYXFjeUQwNEk1dGV6OTBmNGlBVDdXbkc3VkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXHMA0G
CSqGSIb3DQEBCwUAA4IBAQApQaesWXWtx1OCqiDttxDgNjMmwwnXZ8hsEhN7qdyU
CBNrJNiQ3kzMeqx+gyTZh0Ed2OzbZmWje6hvVsLWIIC43qQI2wCBir7vhcLhA6s7
Ib3WDR94c3QiAV7YkEElPbu1jiZgUFkXkUzSigMahTAH8u7/LqOZnUy1ai9Jm7WN
sdLI+JDL/i/aZghMe50ES9QqXxJ0gUhIkHPl7xAe8wmnAKWmE8LcIs1OHaf2P26T
zCy5gt+2ybuDsRIsFzLomLflplsqGtU3bJqhZHw0aiCKG/dSQVamMH/qsrHTAUev
b+6Rx7zhyeIh2b+18u7QjhkrRwj52byFYoFD2pW5dFgl
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:39 2025 by rpki-client