Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/B2jMay6lm09bJFq6feXp41W6bBE.roa
File: B2jMay6lm09bJFq6feXp41W6bBE.roa (raw, json)
Hash identifier: vZLrKc5Thh7MD4kKiewtZAW8QEJ64gCtMf4dtbayj+g=
Subject key identifier: 07:68:CC:6B:2E:A5:9B:4F:5B:24:5A:BA:7D:E5:E9:E3:55:BA:6C:11
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019426D9B94A72D17D0A83850C8AE83A7254
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/B2jMay6lm09bJFq6feXp41W6bBE.roa
Signing time: Thu 02 Jan 2025 11:49:50 +0000
ROA not before: Thu 02 Jan 2025 11:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48612
IP address blocks: 85.140.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b9:4a:72:d1:7d:0a:83:85:0c:8a:e8:3a:72:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 11:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0768cc6b2ea59b4f5b245aba7de5e9e355ba6c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a3:f9:20:db:eb:8f:ed:07:e5:f4:2b:16:ba:
a6:3c:f6:07:87:06:56:8b:37:46:c3:44:21:2b:c7:
fc:bb:5b:6a:cc:da:a4:11:f3:26:65:7f:38:03:4c:
76:d4:07:30:8d:61:e0:33:ff:3b:b5:45:ec:6f:f9:
e5:9e:82:be:da:d1:c4:66:b1:51:86:17:cb:c0:94:
ff:ca:c0:bd:2f:0e:63:06:4d:86:62:fc:e0:c8:c6:
2d:68:d3:50:33:00:61:23:65:17:64:3b:71:8e:dd:
07:60:4d:4e:68:3a:a5:bc:8e:2c:f9:eb:d7:1f:a5:
0f:33:e7:10:09:fd:46:df:0d:37:36:d1:b3:83:c1:
02:96:82:e6:19:76:5c:c3:0a:b6:5a:ca:63:5f:10:
90:cf:eb:35:bb:10:f9:55:1b:5f:bc:8f:4c:ac:37:
38:f3:c3:e4:2c:75:2d:1e:c9:37:a9:8c:48:97:1a:
eb:fb:87:87:6a:3f:ea:e2:d6:fc:79:7c:52:be:0c:
b9:a7:80:72:3d:cb:5f:ae:d5:39:28:64:04:fa:20:
e5:5f:41:d5:df:27:9c:45:c2:74:80:ff:7f:ea:42:
51:f6:c1:47:5a:81:91:70:0b:37:be:b7:74:e2:b9:
d1:75:fe:05:d2:b4:d0:aa:63:57:8d:c2:44:47:5d:
9d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:68:CC:6B:2E:A5:9B:4F:5B:24:5A:BA:7D:E5:E9:E3:55:BA:6C:11
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/B2jMay6lm09bJFq6feXp41W6bBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.126.0/24
Signature Algorithm: sha256WithRSAEncryption
83:67:d3:65:4a:e1:c8:6b:03:ec:c0:e5:38:50:e6:18:9b:d1:
5b:fd:cd:03:78:6f:dc:3e:4a:fb:8f:06:d6:35:50:9f:7b:cb:
3c:12:5a:bd:5e:54:b2:96:29:6b:71:a0:f5:1a:64:91:fa:74:
60:1b:4b:9b:4c:2f:b7:ed:fe:3e:97:21:da:67:3b:a8:f2:3f:
25:72:1c:f7:95:da:9f:94:86:54:fb:b6:ec:6c:34:47:b9:54:
c4:ab:fe:dd:bd:56:e5:fe:90:e6:23:38:28:de:71:ac:73:d3:
8f:2d:9b:b4:a7:27:82:94:40:a4:10:7e:e0:da:fb:ba:66:d0:
b7:5c:9c:f4:57:d6:93:f6:d8:66:5b:ff:65:90:44:25:42:3d:
78:2a:82:b9:79:de:26:fc:eb:96:52:0f:e1:50:d8:da:04:13:
ce:30:ab:53:12:5f:48:d5:bc:8c:ed:54:0a:57:25:9f:e2:d0:
18:e1:b5:84:da:26:cb:4b:da:d7:53:41:60:03:39:ae:6a:98:
fa:d9:d3:ca:b5:78:2c:25:6c:55:1b:b5:aa:ea:b8:a7:56:10:
7c:49:41:ea:f6:b2:be:b1:fa:89:4a:4e:42:51:be:a9:da:ee:
bd:bd:46:f4:12:47:94:fa:71:0c:61:1f:fa:6d:e7:94:f1:65:
e7:d2:b4:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2blKctF9CoOFDIroOnJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTAyMTE0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzY4Y2M2YjJlYTU5YjRmNWIyNDVhYmE3ZGU1ZTllMzU1YmE2YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqP5INvrj+0H5fQrFrqmPPYHhwZW
izdGw0QhK8f8u1tqzNqkEfMmZX84A0x21AcwjWHgM/87tUXsb/nlnoK+2tHEZrFR
hhfLwJT/ysC9Lw5jBk2GYvzgyMYtaNNQMwBhI2UXZDtxjt0HYE1OaDqlvI4s+evX
H6UPM+cQCf1G3w03NtGzg8ECloLmGXZcwwq2WspjXxCQz+s1uxD5VRtfvI9MrDc4
88PkLHUtHsk3qYxIlxrr+4eHaj/q4tb8eXxSvgy5p4ByPctfrtU5KGQE+iDlX0HV
3yecRcJ0gP9/6kJR9sFHWoGRcAs3vrd04rnRdf4F0rTQqmNXjcJER12dKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdozGsupZtPWyRaun3l6eNVumwRMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvQjJqTWF5NmxtMDliSkZxNmZlWHA0MVc2YkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYx+MA0G
CSqGSIb3DQEBCwUAA4IBAQCDZ9NlSuHIawPswOU4UOYYm9Fb/c0DeG/cPkr7jwbW
NVCfe8s8Elq9XlSylilrcaD1GmSR+nRgG0ubTC+37f4+lyHaZzuo8j8lchz3ldqf
lIZU+7bsbDRHuVTEq/7dvVbl/pDmIzgo3nGsc9OPLZu0pyeClECkEH7g2vu6ZtC3
XJz0V9aT9thmW/9lkEQlQj14KoK5ed4m/OuWUg/hUNjaBBPOMKtTEl9I1byM7VQK
VyWf4tAY4bWE2ibLS9rXU0FgAzmuapj62dPKtXgsJWxVG7Wq6rinVhB8SUHq9rK+
sfqJSk5CUb6p2u69vUb0EkeU+nEMYR/6beeU8WXn0rRP
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:58:43 2025 by rpki-client