Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/jaDaGycFgZ1pZNnwn6ei8LOm3DQ.roa
File: jaDaGycFgZ1pZNnwn6ei8LOm3DQ.roa (raw, json)
Hash identifier: fzKmWx5CbS4BzYCpG5vV5O44t9nhGCLZgJyKnLKcw2E=
Subject key identifier: 8D:A0:DA:1B:27:05:81:9D:69:64:D9:F0:9F:A7:A2:F0:B3:A6:DC:34
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 018CC94E6BBA0EE4A840348AA38E49BE3863
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/jaDaGycFgZ1pZNnwn6ei8LOm3DQ.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 85.239.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6b:ba:0e:e4:a8:40:34:8a:a3:8e:49:be:38:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8da0da1b2705819d6964d9f09fa7a2f0b3a6dc34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8e:0b:69:dc:dc:2e:11:8e:90:2c:e5:27:fc:
c5:71:e0:8b:fb:4a:72:98:38:3d:c2:5b:ce:82:07:
22:2e:66:bc:85:0c:c9:96:07:ac:61:00:16:22:d2:
27:ee:7e:ab:a2:dc:e6:82:be:63:ad:7e:fe:fc:fc:
7a:04:dd:96:dd:f4:ec:38:f6:26:c7:41:35:78:19:
e7:d9:2c:d9:02:24:22:60:95:6e:d6:18:03:06:18:
f2:b4:e2:1b:bf:7f:2c:3a:1b:89:de:af:e3:10:c2:
3b:df:f5:89:ac:1d:88:4b:3b:dc:bf:31:7c:3d:0f:
1a:1f:7a:7b:89:6d:fd:c1:e3:f8:ff:51:36:2e:c6:
ab:60:02:cd:47:2c:04:07:4f:06:e4:6f:0b:5e:80:
1f:6d:76:d6:7a:4b:58:1e:f9:92:02:c3:68:25:37:
fa:1b:68:cf:07:52:28:50:79:d4:c5:52:12:ba:9b:
cf:6d:15:7f:9e:41:6d:1a:3d:8e:7f:5c:a1:8b:df:
18:80:7d:e4:ac:c5:92:a9:b8:89:03:4c:14:1e:a3:
64:e7:55:02:7c:ff:a5:b3:38:60:8c:78:1d:ca:e1:
1b:f9:02:26:43:b3:1f:79:3b:e1:6d:1a:f1:c5:4f:
1e:72:ff:37:f6:18:06:a5:68:77:48:99:79:cb:9c:
5b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A0:DA:1B:27:05:81:9D:69:64:D9:F0:9F:A7:A2:F0:B3:A6:DC:34
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/jaDaGycFgZ1pZNnwn6ei8LOm3DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.60.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:5d:72:64:7b:47:2d:44:46:2e:e2:50:23:c8:d0:22:53:4d:
08:2f:97:10:e3:64:f8:9f:f3:dd:aa:f1:cd:4e:93:8a:d8:1b:
49:01:94:08:f4:ee:4a:f0:85:a2:22:ac:44:4e:a5:62:73:55:
62:26:f3:4b:1f:2f:f6:4f:82:b2:47:63:f8:f3:3d:79:95:c2:
cd:e0:c2:96:34:b1:02:c8:3d:d8:89:ec:64:58:17:b8:77:10:
f1:6c:b1:fa:7c:8f:99:05:c1:73:9f:7c:29:f6:b4:39:df:df:
13:5d:97:da:51:31:ff:2d:c6:9e:61:86:fd:61:da:4b:68:69:
c7:98:e5:15:41:65:d1:b4:8f:38:0b:fd:08:11:9a:b6:fb:e2:
a1:76:d9:6f:88:0c:35:a3:11:d1:e7:6a:be:44:57:4e:6a:e0:
e1:3f:8b:db:69:77:7e:38:4d:dd:0e:ca:67:21:64:d2:00:d5:
5b:b3:72:0e:d5:8f:c6:6c:9a:2d:da:bf:73:9c:76:bd:de:7d:
d6:da:ed:d0:2f:40:06:69:ef:e9:60:8b:d4:59:be:2f:98:47:
d1:cc:a2:7e:98:4a:ed:87:ef:a0:fa:99:ed:7a:31:b7:36:1e:
18:38:d7:b7:80:3d:df:e1:22:dd:c9:3b:4f:30:ae:26:86:6c:
e3:d3:b3:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmu6DuSoQDSKo45JvjhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGEwZGExYjI3MDU4MTlkNjk2NGQ5ZjA5ZmE3YTJmMGIzYTZkYzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI4LadzcLhGOkCzlJ/zFceCL+0py
mDg9wlvOggciLma8hQzJlgesYQAWItIn7n6rotzmgr5jrX7+/Px6BN2W3fTsOPYm
x0E1eBnn2SzZAiQiYJVu1hgDBhjytOIbv38sOhuJ3q/jEMI73/WJrB2ISzvcvzF8
PQ8aH3p7iW39weP4/1E2LsarYALNRywEB08G5G8LXoAfbXbWektYHvmSAsNoJTf6
G2jPB1IoUHnUxVISupvPbRV/nkFtGj2Of1yhi98YgH3krMWSqbiJA0wUHqNk51UC
fP+lszhgjHgdyuEb+QImQ7MfeTvhbRrxxU8ecv839hgGpWh3SJl5y5xbNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2g2hsnBYGdaWTZ8J+novCzptw0MB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvamFEYUd5Y0ZnWjFwWk5ud242ZWk4TE9tM0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe88MA0G
CSqGSIb3DQEBCwUAA4IBAQCbXXJke0ctREYu4lAjyNAiU00IL5cQ42T4n/PdqvHN
TpOK2BtJAZQI9O5K8IWiIqxETqVic1ViJvNLHy/2T4KyR2P48z15lcLN4MKWNLEC
yD3YiexkWBe4dxDxbLH6fI+ZBcFzn3wp9rQ5398TXZfaUTH/LcaeYYb9YdpLaGnH
mOUVQWXRtI84C/0IEZq2++KhdtlviAw1oxHR52q+RFdOauDhP4vbaXd+OE3dDspn
IWTSANVbs3IO1Y/GbJot2r9znHa93n3W2u3QL0AGae/pYIvUWb4vmEfRzKJ+mErt
h++g+pntejG3Nh4YONe3gD3f4SLdyTtPMK4mhmzj07Na
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:07 2025 by rpki-client