Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ro5M-dHEvoHU0Wp1W7KVNXTJRB0.roa
File: ro5M-dHEvoHU0Wp1W7KVNXTJRB0.roa (raw, json)
Hash identifier: XLpdig1yngTdqxo047wSxCKu12A/eL61KXVLCkHmUrU=
Subject key identifier: AE:8E:4C:F9:D1:C4:BE:81:D4:D1:6A:75:5B:B2:95:35:74:C9:44:1D
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019427B6024CA6E00E97C964CD930E4B51DF
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ro5M-dHEvoHU0Wp1W7KVNXTJRB0.roa
Signing time: Thu 02 Jan 2025 15:50:27 +0000
ROA not before: Thu 02 Jan 2025 15:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214567
IP address blocks: 85.133.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:02:4c:a6:e0:0e:97:c9:64:cd:93:0e:4b:51:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 15:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae8e4cf9d1c4be81d4d16a755bb2953574c9441d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4c:2b:77:75:a7:f3:70:fa:78:6a:00:7c:bf:
dd:69:17:20:4d:bb:a4:d1:9d:ef:11:b5:fe:b0:37:
d5:a7:b2:71:7e:07:2b:65:5a:44:d8:a3:a1:0a:60:
0b:98:ca:4f:a6:e5:15:7d:67:91:8f:f0:77:11:79:
46:19:31:a7:97:38:8f:6d:89:df:d2:b2:83:e8:53:
c2:2e:e6:27:56:77:ae:97:b8:80:77:0c:70:87:aa:
f5:41:96:8c:59:e8:1e:52:d7:b8:a1:d4:21:08:32:
90:e3:dd:c0:ce:13:a5:21:08:58:38:5a:e7:89:37:
0f:74:83:30:df:3c:04:29:21:1d:d7:71:0a:dc:0a:
38:cb:19:82:7c:6d:82:b6:4e:72:e6:cd:09:19:13:
4d:74:eb:a2:f2:8d:79:08:46:14:75:22:e4:b2:c3:
89:42:a9:59:ad:72:0c:8a:24:df:f2:c1:f9:62:06:
09:24:f5:d4:af:77:e1:30:1b:84:a6:a3:25:c4:68:
88:91:15:9f:81:55:aa:a8:29:e3:ac:a2:ba:b4:10:
82:b5:db:40:7c:81:aa:4d:0b:da:f9:ca:b2:fb:73:
28:ea:97:07:fd:50:f9:cb:f2:55:70:33:b5:8b:a9:
69:99:81:82:b2:2f:29:25:37:7b:8e:21:d2:0f:92:
98:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8E:4C:F9:D1:C4:BE:81:D4:D1:6A:75:5B:B2:95:35:74:C9:44:1D
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ro5M-dHEvoHU0Wp1W7KVNXTJRB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.233.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:4e:2e:93:b2:d5:ca:a4:5b:eb:38:85:e3:59:d8:46:96:0b:
8f:ff:66:88:30:99:0d:53:f0:f7:c8:9d:45:2c:9f:54:b9:c3:
29:19:e2:f9:77:73:7d:bf:23:4e:0e:a1:17:bd:f0:1b:00:88:
ec:b2:42:66:6c:1d:6c:02:0e:ef:85:9f:c4:66:67:71:7c:87:
94:05:07:f4:38:c8:9d:b6:40:79:16:c7:64:97:25:f1:07:d9:
45:b4:ab:15:4e:60:95:04:d0:ed:c7:ac:77:dd:25:8c:cd:5f:
4b:7a:77:9f:05:68:0b:b8:f2:e1:96:ed:17:ca:a3:7b:14:35:
32:02:0a:50:67:8a:49:03:06:47:3f:5e:52:85:43:dd:02:f0:
a9:15:51:04:49:ef:f5:86:8a:01:10:0d:02:bc:cc:e2:be:8b:
7a:ae:8b:09:30:07:15:a2:9a:76:01:e4:11:41:21:31:42:26:
87:8e:88:3f:81:11:5c:28:04:80:a1:50:c4:d3:af:93:5f:10:
07:2b:8b:89:14:05:0b:61:b8:a9:29:bc:d7:74:8b:09:98:b1:
23:23:ac:08:79:93:cb:c0:71:79:5b:c7:34:4b:a6:53:05:82:
90:ad:ca:ee:9f:53:f5:78:09:17:93:e0:11:77:78:86:e3:7e:
cb:6d:b4:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntgJMpuAOl8lkzZMOS1HfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMTAyMTU1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThlNGNmOWQxYzRiZTgxZDRkMTZhNzU1YmIyOTUzNTc0Yzk0NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0wrd3Wn83D6eGoAfL/daRcgTbuk
0Z3vEbX+sDfVp7JxfgcrZVpE2KOhCmALmMpPpuUVfWeRj/B3EXlGGTGnlziPbYnf
0rKD6FPCLuYnVneul7iAdwxwh6r1QZaMWegeUte4odQhCDKQ493AzhOlIQhYOFrn
iTcPdIMw3zwEKSEd13EK3Ao4yxmCfG2Ctk5y5s0JGRNNdOui8o15CEYUdSLkssOJ
QqlZrXIMiiTf8sH5YgYJJPXUr3fhMBuEpqMlxGiIkRWfgVWqqCnjrKK6tBCCtdtA
fIGqTQva+cqy+3Mo6pcH/VD5y/JVcDO1i6lpmYGCsi8pJTd7jiHSD5KYAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6OTPnRxL6B1NFqdVuylTV0yUQdMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcm81TS1kSEV2b0hVMFdwMVc3S1ZOWFRKUkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXpMA0G
CSqGSIb3DQEBCwUAA4IBAQCxTi6TstXKpFvrOIXjWdhGlguP/2aIMJkNU/D3yJ1F
LJ9UucMpGeL5d3N9vyNODqEXvfAbAIjsskJmbB1sAg7vhZ/EZmdxfIeUBQf0OMid
tkB5FsdklyXxB9lFtKsVTmCVBNDtx6x33SWMzV9LenefBWgLuPLhlu0XyqN7FDUy
AgpQZ4pJAwZHP15ShUPdAvCpFVEESe/1hooBEA0CvMzivot6rosJMAcVopp2AeQR
QSExQiaHjog/gRFcKASAoVDE06+TXxAHK4uJFAULYbipKbzXdIsJmLEjI6wIeZPL
wHF5W8c0S6ZTBYKQrcrun1P1eAkXk+ARd3iG437LbbS/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:46 2025 by rpki-client