Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/808be1-a690-45e9-900e-5390f9f83620/1/L9CG-uKBgPcQQjIG2xRR57nEAUA.roa
File: L9CG-uKBgPcQQjIG2xRR57nEAUA.roa (raw, json)
Hash identifier: ZHHT6JiUh3jUpW8AwMlMx74U4JBCKKASfzMtrPAJssU=
Subject key identifier: 2F:D0:86:FA:E2:81:80:F7:10:42:32:06:DB:14:51:E7:B9:C4:01:40
Certificate issuer: /CN=b87bbf8e5c74a526baaf6185abd949dafa8f6dcb
Certificate serial: 019427B63334FDEE3F568185DB81A336F880
Authority key identifier: B8:7B:BF:8E:5C:74:A5:26:BA:AF:61:85:AB:D9:49:DA:FA:8F:6D:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHu_jlx0pSa6r2GFq9lJ2vqPbcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/808be1-a690-45e9-900e-5390f9f83620/1/L9CG-uKBgPcQQjIG2xRR57nEAUA.roa
Signing time: Thu 02 Jan 2025 15:50:39 +0000
ROA not before: Thu 02 Jan 2025 15:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 85.158.232.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:33:34:fd:ee:3f:56:81:85:db:81:a3:36:f8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b87bbf8e5c74a526baaf6185abd949dafa8f6dcb
Validity
Not Before: Jan 2 15:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fd086fae28180f710423206db1451e7b9c40140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6d:5c:de:95:1a:44:9e:9e:ec:70:6e:4c:1f:
25:88:e9:d7:fb:f8:9d:9a:05:14:09:c3:40:2d:71:
ce:eb:41:29:73:7e:9f:cc:07:86:79:0c:aa:12:87:
9b:78:cf:12:c9:28:24:df:e6:d2:f2:da:c9:88:dc:
1b:e1:8b:cc:09:f8:16:eb:28:a4:38:46:99:ed:53:
b8:a5:06:f4:ae:77:7c:c1:07:6f:c5:de:c1:6c:f6:
cc:f6:f3:91:8c:55:3e:02:f5:59:55:df:49:c3:0c:
eb:d8:9d:36:7f:78:b7:60:a0:4e:9b:2d:7d:ec:fb:
08:96:69:b7:55:fc:47:96:0f:12:95:94:2d:25:80:
66:05:cb:7d:1f:44:84:f7:c1:ba:3a:c2:cc:0f:85:
32:04:81:1f:5a:7a:fe:29:da:ff:09:7d:cb:2f:78:
b3:24:d5:4a:0b:5c:10:91:39:b8:a9:95:96:fe:58:
3f:fc:16:ea:49:7d:e7:4a:2f:cc:7c:ad:99:40:a4:
78:c3:96:aa:77:0a:b2:97:06:eb:40:f5:55:b6:33:
71:75:86:40:9e:8e:81:ee:d0:95:22:04:39:c3:d5:
b3:93:2a:e2:e9:7c:5c:f6:66:1d:1a:60:8c:ce:72:
4f:a6:4c:1e:8a:ec:cf:3f:44:de:72:8e:ca:9e:04:
63:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D0:86:FA:E2:81:80:F7:10:42:32:06:DB:14:51:E7:B9:C4:01:40
X509v3 Authority Key Identifier:
keyid:B8:7B:BF:8E:5C:74:A5:26:BA:AF:61:85:AB:D9:49:DA:FA:8F:6D:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHu_jlx0pSa6r2GFq9lJ2vqPbcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/808be1-a690-45e9-900e-5390f9f83620/1/L9CG-uKBgPcQQjIG2xRR57nEAUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/808be1-a690-45e9-900e-5390f9f83620/1/uHu_jlx0pSa6r2GFq9lJ2vqPbcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.232.0/21
Signature Algorithm: sha256WithRSAEncryption
17:51:40:82:31:6a:8f:ec:67:75:78:73:d4:45:f7:b2:59:a1:
91:db:8c:c9:ad:bd:28:be:4c:81:74:ff:e5:8f:7d:7e:b2:ee:
b2:cc:75:37:ea:41:e3:07:ee:c3:d6:0a:5f:b8:11:bc:87:2f:
85:5d:c1:97:3d:3d:54:92:f3:2a:77:26:24:56:79:b8:d9:f3:
f3:3f:02:45:21:a0:ce:37:2c:fe:ab:28:59:d4:2c:f0:f7:2a:
77:d3:77:40:39:0f:08:5c:4b:c1:04:91:a4:df:79:51:1c:34:
38:e7:fa:c9:f1:04:43:54:f1:cd:42:58:ea:a0:9b:38:22:81:
bc:2c:f3:f8:39:45:af:e4:0e:f4:42:7f:42:fe:b5:3b:46:a3:
6f:a6:a8:6e:eb:13:72:92:bf:e3:9d:bd:3c:e7:e1:c6:d5:bc:
ce:65:24:a6:df:67:ce:7f:ec:dc:a2:a1:6d:0b:cd:03:ca:43:
94:98:46:c6:1f:39:f2:84:05:d9:4c:34:5d:29:9f:db:e2:6c:
b7:bb:d2:84:ae:78:d0:2c:95:ac:44:61:c1:ce:d7:e0:ac:00:
91:0d:23:fb:1d:3c:2a:78:b0:a9:35:28:05:fc:91:7d:1a:94:
90:59:3c:7a:a9:a9:c4:3e:92:b2:9c:a4:26:4c:97:19:78:bf:
ed:1c:b8:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntjM0/e4/VoGF24GjNviAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2JiZjhlNWM3NGE1MjZiYWFmNjE4NWFiZDk0OWRhZmE4
ZjZkY2IwHhcNMjUwMTAyMTU1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQwODZmYWUyODE4MGY3MTA0MjMyMDZkYjE0NTFlN2I5YzQwMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym1c3pUaRJ6e7HBuTB8liOnX+/id
mgUUCcNALXHO60Epc36fzAeGeQyqEoebeM8SySgk3+bS8trJiNwb4YvMCfgW6yik
OEaZ7VO4pQb0rnd8wQdvxd7BbPbM9vORjFU+AvVZVd9Jwwzr2J02f3i3YKBOmy19
7PsIlmm3VfxHlg8SlZQtJYBmBct9H0SE98G6OsLMD4UyBIEfWnr+Kdr/CX3LL3iz
JNVKC1wQkTm4qZWW/lg//BbqSX3nSi/MfK2ZQKR4w5aqdwqylwbrQPVVtjNxdYZA
no6B7tCVIgQ5w9Wzkyri6Xxc9mYdGmCMznJPpkweiuzPP0Teco7KngRjpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/QhvrigYD3EEIyBtsUUee5xAFAMB8GA1UdIwQY
MBaAFLh7v45cdKUmuq9hhavZSdr6j23LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUh1X2pseDBwU2E2cjJHRnE5bEoydnFQYmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84MDhiZTEtYTY5MC00NWU5LTkwMGUt
NTM5MGY5ZjgzNjIwLzEvTDlDRy11S0JnUGNRUWpJRzJ4UlI1N25FQVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84MDhiZTEtYTY5MC00NWU5LTkwMGUtNTM5MGY5ZjgzNjIw
LzEvdUh1X2pseDBwU2E2cjJHRnE5bEoydnFQYmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ7oMA0G
CSqGSIb3DQEBCwUAA4IBAQAXUUCCMWqP7Gd1eHPURfeyWaGR24zJrb0ovkyBdP/l
j31+su6yzHU36kHjB+7D1gpfuBG8hy+FXcGXPT1UkvMqdyYkVnm42fPzPwJFIaDO
Nyz+qyhZ1Czw9yp303dAOQ8IXEvBBJGk33lRHDQ45/rJ8QRDVPHNQljqoJs4IoG8
LPP4OUWv5A70Qn9C/rU7RqNvpqhu6xNykr/jnb085+HG1bzOZSSm32fOf+zcoqFt
C80DykOUmEbGHznyhAXZTDRdKZ/b4my3u9KErnjQLJWsRGHBztfgrACRDSP7HTwq
eLCpNSgF/JF9GpSQWTx6qanEPpKynKQmTJcZeL/tHLh1
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:36 2025 by rpki-client