Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/gUT9YCkZWEcn742oGnu8ZfS34D8.roa
File: gUT9YCkZWEcn742oGnu8ZfS34D8.roa (raw, json)
Hash identifier: AXHT/3cUQ+5r0lFJfezYLrNvbhUISwKUaKImq/bolQk=
Subject key identifier: 81:44:FD:60:29:19:58:47:27:EF:8D:A8:1A:7B:BC:65:F4:B7:E0:3F
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E4645A94745908CBD04EF578012E4
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/gUT9YCkZWEcn742oGnu8ZfS34D8.roa
Signing time: Wed 01 Jan 2025 15:48:56 +0000
ROA not before: Wed 01 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 85.115.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:46:45:a9:47:45:90:8c:bd:04:ef:57:80:12:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8144fd602919584727ef8da81a7bbc65f4b7e03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7e:3e:31:68:de:3a:39:c5:4a:73:10:c7:bf:
3f:bf:c6:85:ca:83:e8:22:77:9e:99:46:4f:63:33:
06:0b:64:fd:f4:b7:f1:da:46:5e:04:e6:c4:02:2c:
cd:3d:2e:6c:72:da:0b:0e:0e:0e:73:d2:d5:7a:12:
67:df:59:15:86:ad:54:db:08:fe:84:fe:5a:02:a0:
2e:71:de:9d:c8:67:38:5a:89:a5:be:74:f6:3b:00:
ca:d8:18:5c:70:87:3a:bf:0b:17:b0:85:53:f5:78:
08:9c:10:59:48:a8:e3:52:b9:3b:88:1a:10:0f:46:
cc:ae:21:2b:3a:9d:04:90:fb:62:bc:e5:0d:c7:41:
ca:aa:da:2b:87:06:12:e2:b5:08:53:39:a1:f7:cf:
55:c9:dd:ba:21:b6:66:d8:af:3a:b2:81:05:5a:50:
11:c4:ae:ae:12:07:ce:05:db:87:d1:e2:95:00:9a:
35:84:b7:47:68:85:07:1b:6f:02:e6:35:b5:aa:5f:
b5:bf:f4:a4:1c:b9:e6:9a:3e:23:b3:11:53:59:d5:
8d:fe:f1:7b:22:64:db:dc:1b:62:ae:58:a3:3b:13:
ce:c9:6e:72:93:36:ed:06:39:b4:53:16:7b:ca:b9:
64:4c:52:ce:4a:e7:f4:9b:2f:88:13:0d:bc:9f:26:
a2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:44:FD:60:29:19:58:47:27:EF:8D:A8:1A:7B:BC:65:F4:B7:E0:3F
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/gUT9YCkZWEcn742oGnu8ZfS34D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/24
Signature Algorithm: sha256WithRSAEncryption
e9:5e:5c:28:5e:7f:0f:82:ce:b1:5c:44:33:dc:f6:5f:ae:47:
57:68:d6:e1:7e:c1:28:1f:7c:2d:e2:c4:fb:52:72:df:96:c3:
67:d0:cb:b0:c2:e2:9a:8d:a3:b4:26:5d:a7:b9:46:4a:11:97:
34:8f:db:6e:b6:19:e5:0f:47:98:0a:62:d6:94:4e:4d:e2:d7:
91:e6:91:7f:55:44:4f:44:e1:b7:de:9f:c7:3f:09:84:df:5f:
4a:7a:49:83:12:13:8f:90:6b:b4:1f:d4:46:d6:3b:13:1a:e6:
64:da:b0:0c:89:4b:b0:cd:04:e0:f3:e4:a5:af:46:45:64:95:
4a:b8:b4:5a:1f:98:70:10:39:94:a5:13:61:61:41:82:17:ec:
27:40:75:7b:19:95:fd:08:09:99:1c:0f:69:d8:7d:c3:bf:c5:
15:a5:d8:27:63:6e:5c:cd:04:1f:78:85:fd:24:5c:26:fe:41:
fd:7f:52:28:94:d2:44:87:29:14:ca:57:f6:a1:8b:5c:94:f5:
93:8e:e7:0c:18:7c:32:0f:a4:a5:52:0d:5d:39:2a:b6:a7:62:
29:b8:8c:42:8e:c2:08:6c:b0:2f:8d:54:0d:06:eb:0d:27:39:
d8:59:54:2e:51:c5:f7:99:f2:b9:a7:4f:08:0f:d6:47:4c:f4:
af:31:fa:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijkZFqUdFkIy9BO9XgBLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ0ZmQ2MDI5MTk1ODQ3MjdlZjhkYTgxYTdiYmM2NWY0YjdlMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H4+MWjeOjnFSnMQx78/v8aFyoPo
IneemUZPYzMGC2T99Lfx2kZeBObEAizNPS5sctoLDg4Oc9LVehJn31kVhq1U2wj+
hP5aAqAucd6dyGc4WomlvnT2OwDK2BhccIc6vwsXsIVT9XgInBBZSKjjUrk7iBoQ
D0bMriErOp0EkPtivOUNx0HKqtorhwYS4rUIUzmh989Vyd26IbZm2K86soEFWlAR
xK6uEgfOBduH0eKVAJo1hLdHaIUHG28C5jW1ql+1v/SkHLnmmj4jsxFTWdWN/vF7
ImTb3BtirlijOxPOyW5ykzbtBjm0UxZ7yrlkTFLOSuf0my+IEw28nyaiDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFE/WApGVhHJ++NqBp7vGX0t+A/MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvZ1VUOVlDa1pXRWNuNzQyb0dudThaZlMzNEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXPQMA0G
CSqGSIb3DQEBCwUAA4IBAQDpXlwoXn8Pgs6xXEQz3PZfrkdXaNbhfsEoH3wt4sT7
UnLflsNn0MuwwuKajaO0Jl2nuUZKEZc0j9tuthnlD0eYCmLWlE5N4teR5pF/VURP
ROG33p/HPwmE319KekmDEhOPkGu0H9RG1jsTGuZk2rAMiUuwzQTg8+Slr0ZFZJVK
uLRaH5hwEDmUpRNhYUGCF+wnQHV7GZX9CAmZHA9p2H3Dv8UVpdgnY25czQQfeIX9
JFwm/kH9f1IolNJEhykUylf2oYtclPWTjucMGHwyD6SlUg1dOSq2p2IpuIxCjsII
bLAvjVQNBusNJznYWVQuUcX3mfK5p08ID9ZHTPSvMfoW
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:38:04 2025 by rpki-client