Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/bd24a5-eacd-46e4-b1db-ad73abd00452/1/xrKucCgDZsBs2R9JeolwLPxQdrc.roa
File: xrKucCgDZsBs2R9JeolwLPxQdrc.roa (raw, json)
Hash identifier: 8Sbvt+k1exseRDfdj/0BllwhlthtM9zZflHn+c9FC/k=
Subject key identifier: C6:B2:AE:70:28:03:66:C0:6C:D9:1F:49:7A:89:70:2C:FC:50:76:B7
Certificate issuer: /CN=effdb33ee5fd522faf0a247e0579bbf1eefce4b1
Certificate serial: 019425220C4AF64D8975D731D7B27AA7928F
Authority key identifier: EF:FD:B3:3E:E5:FD:52:2F:AF:0A:24:7E:05:79:BB:F1:EE:FC:E4:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7_2zPuX9Ui-vCiR-BXm78e785LE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/bd24a5-eacd-46e4-b1db-ad73abd00452/1/xrKucCgDZsBs2R9JeolwLPxQdrc.roa
Signing time: Thu 02 Jan 2025 03:49:35 +0000
ROA not before: Thu 02 Jan 2025 03:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210618
IP address blocks: 85.117.238.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0c:4a:f6:4d:89:75:d7:31:d7:b2:7a:a7:92:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=effdb33ee5fd522faf0a247e0579bbf1eefce4b1
Validity
Not Before: Jan 2 03:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6b2ae70280366c06cd91f497a89702cfc5076b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c1:f4:cd:19:4a:8a:49:b7:1d:de:f1:f2:46:
2b:94:2a:6d:f6:6a:a5:44:48:74:2a:ab:47:3e:fa:
2d:95:69:20:e2:61:14:c6:d0:ae:1f:e7:4c:79:d2:
16:fb:fe:b0:d5:e8:9b:4e:d7:a0:b3:98:5c:9f:4e:
9e:05:e4:06:3e:4b:ac:52:47:5a:62:12:56:7d:6e:
9c:c4:2e:59:67:36:e4:54:e2:ea:ce:61:dc:83:23:
87:c0:ce:ca:2a:71:78:6a:6a:e2:37:12:f1:8c:4e:
cd:4a:15:36:5e:23:67:bb:19:67:33:4f:fa:17:d7:
e7:67:3e:a1:75:ed:60:62:c6:a6:80:45:93:45:ac:
69:fd:9c:69:fc:9f:6f:b9:54:64:3b:35:1c:4f:ce:
21:dc:84:65:d9:a3:3a:6a:9a:2a:1a:ab:84:14:3e:
b4:ad:42:52:d6:fc:32:e6:fb:14:41:ac:1b:67:2f:
cd:a1:ee:e7:18:6e:42:35:0b:12:2c:e4:9d:e4:78:
a6:0e:64:e6:3e:7e:e7:b9:4f:5e:cc:ae:1a:1d:f9:
af:65:40:32:9a:0f:15:ca:d1:0d:5d:20:1b:d3:de:
e1:a5:d5:8e:ef:70:c3:47:dc:8a:e5:df:b0:12:fe:
02:f8:a3:01:6c:41:ed:9e:7f:9e:1f:9a:05:99:5d:
23:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B2:AE:70:28:03:66:C0:6C:D9:1F:49:7A:89:70:2C:FC:50:76:B7
X509v3 Authority Key Identifier:
keyid:EF:FD:B3:3E:E5:FD:52:2F:AF:0A:24:7E:05:79:BB:F1:EE:FC:E4:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7_2zPuX9Ui-vCiR-BXm78e785LE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/bd24a5-eacd-46e4-b1db-ad73abd00452/1/xrKucCgDZsBs2R9JeolwLPxQdrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/bd24a5-eacd-46e4-b1db-ad73abd00452/1/7_2zPuX9Ui-vCiR-BXm78e785LE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.238.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:35:dc:fb:4e:cd:6b:06:6c:be:69:2a:0a:82:04:e9:a1:2a:
7c:d8:d1:b8:5f:10:d5:f9:58:b0:2d:2f:36:4e:78:29:96:a0:
67:17:c5:c6:7c:e4:f4:f1:40:95:97:87:d3:b4:71:6e:a4:df:
af:00:0d:7d:04:73:90:31:85:78:be:d0:26:df:9b:f0:7c:12:
ef:99:cb:d8:64:57:88:70:d5:be:72:46:f7:69:8b:15:45:fc:
79:56:dc:11:3e:f2:d6:b8:22:45:43:98:81:ac:63:8a:61:17:
a7:d4:89:04:ff:83:f3:45:dc:5f:55:04:32:ac:db:dd:d8:01:
5b:0e:e4:24:00:e6:1a:f4:98:88:6c:e3:19:4b:b1:94:f8:83:
44:c8:f9:47:98:2f:6e:b3:00:25:f4:0b:fa:63:21:fe:a9:56:
35:52:6d:c4:98:e3:05:36:af:f9:e5:73:97:25:f2:ef:96:ee:
37:67:3c:08:b5:87:f9:37:22:3a:55:ea:0b:dc:c9:34:90:20:
1a:40:11:4e:6a:73:72:82:0f:4a:6b:20:41:65:c7:23:a7:8d:
e3:9d:bd:bc:05:ca:3a:ea:3b:e4:66:09:99:b3:95:4d:f0:c3:
4b:dc:1c:1a:18:86:76:cf:7d:0f:4f:ac:14:26:97:e7:3f:a2:
5a:f7:05:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIgxK9k2Jddcx17J6p5KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZmRiMzNlZTVmZDUyMmZhZjBhMjQ3ZTA1NzliYmYxZWVm
Y2U0YjEwHhcNMjUwMTAyMDM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIyYWU3MDI4MDM2NmMwNmNkOTFmNDk3YTg5NzAyY2ZjNTA3NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucH0zRlKikm3Hd7x8kYrlCpt9mql
REh0KqtHPvotlWkg4mEUxtCuH+dMedIW+/6w1eibTtegs5hcn06eBeQGPkusUkda
YhJWfW6cxC5ZZzbkVOLqzmHcgyOHwM7KKnF4amriNxLxjE7NShU2XiNnuxlnM0/6
F9fnZz6hde1gYsamgEWTRaxp/Zxp/J9vuVRkOzUcT84h3IRl2aM6apoqGquEFD60
rUJS1vwy5vsUQawbZy/Noe7nGG5CNQsSLOSd5HimDmTmPn7nuU9ezK4aHfmvZUAy
mg8VytENXSAb097hpdWO73DDR9yK5d+wEv4C+KMBbEHtnn+eH5oFmV0jiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMayrnAoA2bAbNkfSXqJcCz8UHa3MB8GA1UdIwQY
MBaAFO/9sz7l/VIvrwokfgV5u/Hu/OSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN18yelB1WDlVaS12Q2lSLUJYbTc4ZTc4NUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZDI0YTUtZWFjZC00NmU0LWIxZGIt
YWQ3M2FiZDAwNDUyLzEveHJLdWNDZ0Rac0JzMlI5SmVvbHdMUHhRZHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZDI0YTUtZWFjZC00NmU0LWIxZGItYWQ3M2FiZDAwNDUy
LzEvN18yelB1WDlVaS12Q2lSLUJYbTc4ZTc4NUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXXuMA0G
CSqGSIb3DQEBCwUAA4IBAQB7Ndz7Ts1rBmy+aSoKggTpoSp82NG4XxDV+ViwLS82
TngplqBnF8XGfOT08UCVl4fTtHFupN+vAA19BHOQMYV4vtAm35vwfBLvmcvYZFeI
cNW+ckb3aYsVRfx5VtwRPvLWuCJFQ5iBrGOKYRen1IkE/4PzRdxfVQQyrNvd2AFb
DuQkAOYa9JiIbOMZS7GU+INEyPlHmC9uswAl9Av6YyH+qVY1Um3EmOMFNq/55XOX
JfLvlu43ZzwItYf5NyI6VeoL3Mk0kCAaQBFOanNygg9KayBBZccjp43jnb28Bco6
6jvkZgmZs5VN8MNL3BwaGIZ2z30PT6wUJpfnP6Ja9wUT
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:43:32 2025 by rpki-client