Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/5t5Dcx5tNkWQ_sy57yYX9uF0BSc.roa
File: 5t5Dcx5tNkWQ_sy57yYX9uF0BSc.roa (raw, json)
Hash identifier: PzSrKv8Rw8leyPQ1z/odwxbCskApuD1oeaEEXKXPsNc=
Subject key identifier: E6:DE:43:73:1E:6D:36:45:90:FE:CC:B9:EF:26:17:F6:E1:74:05:27
Certificate issuer: /CN=638d9a5004c592d093cc89b0d90752e279d51854
Certificate serial: 019423D6EC880A9DF03A82A33F73CF4C722E
Authority key identifier: 63:8D:9A:50:04:C5:92:D0:93:CC:89:B0:D9:07:52:E2:79:D5:18:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/5t5Dcx5tNkWQ_sy57yYX9uF0BSc.roa
Signing time: Wed 01 Jan 2025 21:47:55 +0000
ROA not before: Wed 01 Jan 2025 21:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35388
IP address blocks: 85.209.24.0/22 maxlen: 24
2a09:9240::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ec:88:0a:9d:f0:3a:82:a3:3f:73:cf:4c:72:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=638d9a5004c592d093cc89b0d90752e279d51854
Validity
Not Before: Jan 1 21:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6de43731e6d364590feccb9ef2617f6e1740527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:48:50:55:06:3c:aa:96:d8:e7:19:b0:ca:66:
7d:10:f0:da:e4:03:cd:59:16:b8:4c:80:22:af:b9:
92:7f:f0:90:37:9b:9e:56:a4:ea:cb:26:4b:09:c4:
5b:e8:a6:1e:41:30:dc:5b:b4:60:76:9d:50:49:ca:
c0:1e:63:fa:b7:9a:05:b1:e9:1b:78:ff:5d:5c:8d:
c5:40:9f:9f:d7:4b:96:8f:5a:f4:fc:7c:4e:c6:d2:
47:c3:00:1d:e7:e0:49:fd:48:b8:d9:49:e6:1b:cc:
f5:49:f2:37:1e:62:99:15:93:f0:53:0d:09:aa:aa:
18:28:dc:3f:c4:fc:55:2f:ed:d1:2a:a3:3c:98:40:
c9:90:cf:43:8f:28:74:35:e6:18:f8:da:ec:a5:2e:
ea:e3:a4:fe:02:b9:3d:d8:40:2d:9c:a3:e2:77:19:
0c:4e:36:19:cf:95:0c:ae:f4:17:fb:8f:c7:ad:62:
16:2b:ce:c7:d4:4c:48:df:25:9b:92:c0:cd:45:82:
15:61:4d:eb:b5:c6:ef:8a:e5:c9:21:83:88:c2:e0:
b8:c8:86:f4:c6:d0:b2:c2:18:16:84:70:36:a4:5a:
06:c1:bd:2d:4e:87:01:6f:e7:e2:33:38:17:4e:f9:
56:2a:7d:64:94:8a:3f:61:47:e3:8f:1e:de:be:9f:
89:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:DE:43:73:1E:6D:36:45:90:FE:CC:B9:EF:26:17:F6:E1:74:05:27
X509v3 Authority Key Identifier:
keyid:63:8D:9A:50:04:C5:92:D0:93:CC:89:B0:D9:07:52:E2:79:D5:18:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/5t5Dcx5tNkWQ_sy57yYX9uF0BSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.24.0/22
IPv6:
2a09:9240::/29
Signature Algorithm: sha256WithRSAEncryption
88:87:ee:6a:17:3a:1f:3e:6f:5d:6d:60:da:b5:d8:98:d6:03:
4b:2a:19:d2:0e:a0:ef:63:d1:00:f5:88:e1:55:f0:20:c0:b6:
be:d1:c3:e9:2d:7b:d1:a3:c7:d4:23:a1:aa:30:ac:86:7e:b0:
fc:9e:be:b6:33:96:78:91:12:74:dd:e2:9e:26:8f:b0:f8:d7:
95:e5:a0:57:f6:0b:12:bd:39:73:32:3f:44:68:69:26:7d:fd:
55:87:07:66:09:c6:04:d3:15:77:dd:45:8a:99:79:26:a7:7d:
82:11:87:42:bf:cd:07:83:bb:69:a9:86:47:ad:04:d4:1b:ff:
b5:11:e6:87:12:bf:1e:47:1f:8c:e0:aa:a8:00:5b:ee:1d:c3:
db:a1:32:a3:15:8d:f5:d4:42:1d:b5:23:1e:41:3e:9a:6f:15:
e3:19:e7:4f:99:81:d1:01:f1:e0:90:e7:4d:82:09:b7:b4:e4:
63:3c:c8:0e:fd:3c:85:14:23:fa:82:b9:68:8f:b4:d5:c9:10:
22:8f:58:56:40:64:60:77:cc:40:6d:24:9e:61:58:d6:58:4b:
4a:3e:49:f8:e7:6c:0e:b3:79:f5:b7:f6:1c:a8:99:69:89:47:
8d:51:ed:bc:90:b2:3f:70:a9:8c:13:69:64:55:ba:62:67:7d:
a6:bb:4a:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1uyICp3wOoKjP3PPTHIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzOGQ5YTUwMDRjNTkyZDA5M2NjODliMGQ5MDc1MmUyNzlk
NTE4NTQwHhcNMjUwMTAxMjE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmRlNDM3MzFlNmQzNjQ1OTBmZWNjYjllZjI2MTdmNmUxNzQwNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUhQVQY8qpbY5xmwymZ9EPDa5APN
WRa4TIAir7mSf/CQN5ueVqTqyyZLCcRb6KYeQTDcW7Rgdp1QScrAHmP6t5oFsekb
eP9dXI3FQJ+f10uWj1r0/HxOxtJHwwAd5+BJ/Ui42UnmG8z1SfI3HmKZFZPwUw0J
qqoYKNw/xPxVL+3RKqM8mEDJkM9Djyh0NeYY+NrspS7q46T+Ark92EAtnKPidxkM
TjYZz5UMrvQX+4/HrWIWK87H1ExI3yWbksDNRYIVYU3rtcbviuXJIYOIwuC4yIb0
xtCywhgWhHA2pFoGwb0tTocBb+fiMzgXTvlWKn1klIo/YUfjjx7evp+J5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFObeQ3MebTZFkP7Mue8mF/bhdAUnMB8GA1UdIwQY
MBaAFGONmlAExZLQk8yJsNkHUuJ51RhUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTQyYVVBVEZrdENUekltdzJRZFM0bm5WR0ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wY2Y2ZDctZDhlZi00NGE4LWFhMDct
Nzc2OGQ0ZmJkY2QzLzEvNXQ1RGN4NXROa1dRX3N5NTd5WVg5dUYwQlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wY2Y2ZDctZDhlZi00NGE4LWFhMDctNzc2OGQ0ZmJkY2Qz
LzEvWTQyYVVBVEZrdENUekltdzJRZFM0bm5WR0ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdEYMA0E
AgACMAcDBQMqCZJAMA0GCSqGSIb3DQEBCwUAA4IBAQCIh+5qFzofPm9dbWDatdiY
1gNLKhnSDqDvY9EA9YjhVfAgwLa+0cPpLXvRo8fUI6GqMKyGfrD8nr62M5Z4kRJ0
3eKeJo+w+NeV5aBX9gsSvTlzMj9EaGkmff1VhwdmCcYE0xV33UWKmXkmp32CEYdC
v80Hg7tpqYZHrQTUG/+1EeaHEr8eRx+M4KqoAFvuHcPboTKjFY311EIdtSMeQT6a
bxXjGedPmYHRAfHgkOdNggm3tORjPMgO/TyFFCP6grloj7TVyRAij1hWQGRgd8xA
bSSeYVjWWEtKPkn452wOs3n1t/YcqJlpiUeNUe28kLI/cKmME2lkVbpiZ32mu0r4
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:32:34 2025 by rpki-client