Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/z0zrbZGTZ0iqKhgiO4o-T6JBleI.roa
File: z0zrbZGTZ0iqKhgiO4o-T6JBleI.roa (raw, json)
Hash identifier: ToFqBI4XuElIAABZ+J4JnW1Geuu40xhhzkV2D52WyP0=
Subject key identifier: CF:4C:EB:6D:91:93:67:48:AA:2A:18:22:3B:8A:3E:4F:A2:41:95:E2
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019426D9B7DBAADEAADA4A976A2B9D443481
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/z0zrbZGTZ0iqKhgiO4o-T6JBleI.roa
Signing time: Thu 02 Jan 2025 11:49:50 +0000
ROA not before: Thu 02 Jan 2025 11:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48124
IP address blocks: 85.140.112.0/22 maxlen: 22
85.140.112.0/23 maxlen: 23
85.140.114.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b7:db:aa:de:aa:da:4a:97:6a:2b:9d:44:34:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 11:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf4ceb6d91936748aa2a18223b8a3e4fa24195e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:64:63:29:96:2b:d5:f8:96:fe:8f:65:e6:8b:
cc:4f:84:ac:74:ed:6e:84:0e:ab:81:ae:e4:83:5b:
28:fa:ed:52:4e:f3:56:32:2a:2a:63:33:c3:a2:57:
1f:2e:ab:27:3a:2e:fc:54:4d:bc:91:28:f5:6e:eb:
6f:e2:8f:ce:4e:b6:43:f2:aa:1d:40:bb:32:5f:ef:
aa:71:47:9e:84:5d:3e:2b:0e:dc:e5:36:b4:8e:43:
0b:2d:a7:41:f5:17:1a:f0:e3:ea:72:b6:8b:d0:9f:
8c:d4:9a:a2:0d:96:74:5d:0f:4a:ac:88:47:17:22:
a7:96:31:d3:fc:f1:f3:b6:96:89:a4:16:e6:bc:7c:
91:14:df:be:ec:13:26:28:0e:84:83:f8:80:bf:b2:
b1:6c:f8:12:77:c9:bd:2c:22:a7:ed:7c:0f:a0:08:
0a:d3:1b:46:e9:8d:d0:79:4d:29:4e:07:82:c4:95:
1d:fa:fd:68:3c:a5:6f:4e:d9:d7:71:4f:92:f6:53:
55:1b:f6:9d:f5:7d:bb:1c:c8:a1:1e:b3:9b:98:2e:
3e:8e:c9:8d:ff:dc:e2:43:e7:80:25:ad:7e:15:eb:
21:0c:49:11:f3:69:d5:7c:c2:0e:8f:c3:32:62:24:
03:69:38:1e:96:14:e5:70:ca:16:5d:30:fa:0c:70:
98:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4C:EB:6D:91:93:67:48:AA:2A:18:22:3B:8A:3E:4F:A2:41:95:E2
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/z0zrbZGTZ0iqKhgiO4o-T6JBleI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.112.0/22
Signature Algorithm: sha256WithRSAEncryption
06:3a:5b:d1:a0:8a:08:0b:81:71:c6:1a:b5:db:b5:d1:2d:1f:
95:15:f3:0d:57:9d:c3:73:bd:4e:69:16:07:6a:23:35:68:57:
61:36:a4:e0:05:b3:f3:56:fb:91:aa:86:0d:8b:17:d0:e1:d4:
0a:c6:05:4b:98:27:fe:b0:07:17:01:dc:b2:2f:43:4f:5b:e6:
73:4a:89:9b:ff:fa:95:f2:3e:1e:e0:bb:95:5e:d7:02:43:2a:
42:9c:dc:ff:68:18:88:27:d7:98:c8:ca:78:b6:5a:c9:c6:7f:
49:70:bb:ee:6a:8c:f8:60:74:d5:b9:e3:a5:ed:ba:0b:80:e8:
3e:8f:ba:49:ff:83:9f:aa:a4:10:ee:b2:d7:50:09:1d:9c:5a:
1a:20:c0:53:1c:f3:56:4d:0e:74:f0:de:8d:59:f7:45:13:ac:
e9:07:92:24:d6:50:7d:9f:b3:1a:6d:fc:4f:b6:d1:ba:6b:ef:
78:fa:79:d8:c8:4c:1c:85:fb:e3:12:74:6b:2f:15:35:15:1c:
e6:67:dc:7e:3e:ea:cf:02:01:da:0f:53:a7:a1:f8:77:f5:a5:
cc:6f:d7:13:06:c2:70:c7:41:dc:67:8d:ff:98:2d:b5:58:9d:
4b:35:2f:ae:68:2f:af:5a:21:ac:1b:e6:0a:9c:8e:cb:c3:48:
7f:a1:a6:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2bfbqt6q2kqXaiudRDSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTAyMTE0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRjZWI2ZDkxOTM2NzQ4YWEyYTE4MjIzYjhhM2U0ZmEyNDE5NWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2RjKZYr1fiW/o9l5ovMT4SsdO1u
hA6rga7kg1so+u1STvNWMioqYzPDolcfLqsnOi78VE28kSj1butv4o/OTrZD8qod
QLsyX++qcUeehF0+Kw7c5Ta0jkMLLadB9Rca8OPqcraL0J+M1JqiDZZ0XQ9KrIhH
FyKnljHT/PHztpaJpBbmvHyRFN++7BMmKA6Eg/iAv7KxbPgSd8m9LCKn7XwPoAgK
0xtG6Y3QeU0pTgeCxJUd+v1oPKVvTtnXcU+S9lNVG/ad9X27HMihHrObmC4+jsmN
/9ziQ+eAJa1+FeshDEkR82nVfMIOj8MyYiQDaTgelhTlcMoWXTD6DHCYjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9M622Rk2dIqioYIjuKPk+iQZXiMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvejB6cmJaR1RaMGlxS2hnaU80by1UNkpCbGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVYxwMA0G
CSqGSIb3DQEBCwUAA4IBAQAGOlvRoIoIC4Fxxhq127XRLR+VFfMNV53Dc71OaRYH
aiM1aFdhNqTgBbPzVvuRqoYNixfQ4dQKxgVLmCf+sAcXAdyyL0NPW+ZzSomb//qV
8j4e4LuVXtcCQypCnNz/aBiIJ9eYyMp4tlrJxn9JcLvuaoz4YHTVueOl7boLgOg+
j7pJ/4OfqqQQ7rLXUAkdnFoaIMBTHPNWTQ508N6NWfdFE6zpB5Ik1lB9n7MabfxP
ttG6a+94+nnYyEwchfvjEnRrLxU1FRzmZ9x+PurPAgHaD1Onofh39aXMb9cTBsJw
x0HcZ43/mC21WJ1LNS+uaC+vWiGsG+YKnI7Lw0h/oaag
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:47:59 2025 by rpki-client