Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cyKTXFSydB63yR7-KTrkDNCmVwo.roa
File: cyKTXFSydB63yR7-KTrkDNCmVwo.roa (raw, json)
Hash identifier: MbAHDSlEuy84I2LQstVbgxhV3tX713TTo9G2SGhtjzo=
Subject key identifier: 73:22:93:5C:54:B2:74:1E:B7:C9:1E:FE:29:3A:E4:0C:D0:A6:57:0A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824A700640971A227811F81A9BA52EF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cyKTXFSydB63yR7-KTrkDNCmVwo.roa
Signing time: Thu 02 Jan 2025 17:51:18 +0000
ROA not before: Thu 02 Jan 2025 17:51:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200080
IP address blocks: 85.209.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:a7:00:64:09:71:a2:27:81:1f:81:a9:ba:52:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7322935c54b2741eb7c91efe293ae40cd0a6570a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2e:22:7a:69:aa:ec:aa:f6:3c:3b:c2:68:37:
d7:84:3b:44:8c:48:f4:45:aa:ce:17:04:3a:fb:50:
57:62:b7:15:aa:66:91:1a:6b:14:36:ed:3c:18:3b:
b9:b9:48:40:65:57:c1:c3:ff:0b:dd:2f:0d:db:45:
9b:06:4a:99:95:ef:f8:34:bc:67:4f:9b:76:0a:ad:
e0:45:b3:7d:e3:82:78:ae:af:f8:77:55:85:aa:10:
1b:bb:ea:a1:f3:ac:e4:0f:7f:11:cc:ec:2d:54:60:
f7:c5:cd:e9:e9:7b:f6:4b:5f:97:5f:94:dc:fc:29:
a9:28:34:0c:06:be:93:cd:19:70:41:91:03:7f:ca:
aa:ad:4f:7f:76:0f:51:78:26:2b:d7:71:dd:26:47:
ce:eb:0a:13:f4:fa:90:9d:26:ae:11:e8:12:c4:dc:
9d:49:b2:b2:9b:92:f9:39:78:0c:0d:4a:c7:82:5a:
0c:91:ee:65:4e:1a:e7:f7:bb:9b:8d:20:5e:74:89:
d2:29:62:95:b5:9d:d9:f0:50:6e:f3:36:fb:24:16:
81:19:2b:a8:76:af:32:4a:21:79:e6:fc:c7:8c:4b:
06:80:1d:96:43:c3:90:da:8a:3e:61:a3:28:60:bf:
f2:25:da:d2:a8:82:e8:b6:56:df:99:2a:9b:97:ad:
38:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:22:93:5C:54:B2:74:1E:B7:C9:1E:FE:29:3A:E4:0C:D0:A6:57:0A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cyKTXFSydB63yR7-KTrkDNCmVwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
66:2d:99:18:27:a3:e6:1a:95:77:5b:7e:e9:99:a0:60:eb:24:
bf:7f:52:54:8c:d2:3a:d2:40:fe:43:cf:4f:22:a5:ea:ad:14:
a5:45:71:e7:c7:08:6a:d2:2d:25:4e:29:8b:ee:93:61:4b:c5:
e8:ff:84:fd:de:65:0b:5d:0c:12:8e:e6:85:5f:27:de:a4:1a:
73:e4:62:84:47:d0:c7:f5:c2:b0:23:52:c0:32:41:48:e7:fb:
6d:3a:a1:2a:19:18:4b:34:57:8f:2d:32:87:f3:06:a5:ff:54:
ca:64:6e:a7:31:83:ca:0a:2e:60:e4:d3:6b:84:60:c4:52:77:
08:27:8a:72:0e:5f:fd:2e:2b:90:d1:69:d6:cd:83:b1:e6:14:
37:70:67:52:72:6f:a1:b2:5a:ea:e7:78:17:45:48:e3:ec:f1:
b0:7c:9c:eb:03:d5:97:b8:bb:e6:89:59:23:0e:dd:89:6f:22:
aa:b1:32:de:f8:f3:e9:bf:92:bd:c5:72:d3:99:34:f8:e5:c1:
cd:57:05:83:35:03:af:34:de:a6:44:27:bf:43:f7:3a:4f:3d:
27:9c:c4:e6:4a:2a:53:43:21:68:f8:9a:ca:99:bb:74:d2:3f:
8b:c8:b9:47:4a:c1:80:91:1b:4a:fa:b5:7d:2f:e6:01:02:da:
aa:9f:34:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJKcAZAlxoieBH4GpulLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzIyOTM1YzU0YjI3NDFlYjdjOTFlZmUyOTNhZTQwY2QwYTY1NzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny4iemmq7Kr2PDvCaDfXhDtEjEj0
RarOFwQ6+1BXYrcVqmaRGmsUNu08GDu5uUhAZVfBw/8L3S8N20WbBkqZle/4NLxn
T5t2Cq3gRbN944J4rq/4d1WFqhAbu+qh86zkD38RzOwtVGD3xc3p6Xv2S1+XX5Tc
/CmpKDQMBr6TzRlwQZEDf8qqrU9/dg9ReCYr13HdJkfO6woT9PqQnSauEegSxNyd
SbKym5L5OXgMDUrHgloMke5lThrn97ubjSBedInSKWKVtZ3Z8FBu8zb7JBaBGSuo
dq8ySiF55vzHjEsGgB2WQ8OQ2oo+YaMoYL/yJdrSqILotlbfmSqbl604awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMik1xUsnQet8ke/ik65AzQplcKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvY3lLVFhGU3lkQjYzeVI3LUtUcmtETkNtVndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGHMA0G
CSqGSIb3DQEBCwUAA4IBAQBmLZkYJ6PmGpV3W37pmaBg6yS/f1JUjNI60kD+Q89P
IqXqrRSlRXHnxwhq0i0lTimL7pNhS8Xo/4T93mULXQwSjuaFXyfepBpz5GKER9DH
9cKwI1LAMkFI5/ttOqEqGRhLNFePLTKH8wal/1TKZG6nMYPKCi5g5NNrhGDEUncI
J4pyDl/9LiuQ0WnWzYOx5hQ3cGdScm+hslrq53gXRUjj7PGwfJzrA9WXuLvmiVkj
Dt2JbyKqsTLe+PPpv5K9xXLTmTT45cHNVwWDNQOvNN6mRCe/Q/c6Tz0nnMTmSipT
QyFo+JrKmbt00j+LyLlHSsGAkRtK+rV9L+YBAtqqnzR0
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:45 2025 by rpki-client