Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/vAZb7s6D6Fuq3D4AHtKSkcv7tbk.roa
File: vAZb7s6D6Fuq3D4AHtKSkcv7tbk.roa (raw, json)
Hash identifier: dNxWOWstiC1jdikcIMTYHaBFr6iCMFTRh+rrcRXQbJw=
Subject key identifier: BC:06:5B:EE:CE:83:E8:5B:AA:DC:3E:00:1E:D2:92:91:CB:FB:B5:B9
Certificate issuer: /CN=0843e9c2487954691227b1e32175d8f7a1cc3ef5
Certificate serial: 019426D9966E751AD4662D7955CA2E0D16CB
Authority key identifier: 08:43:E9:C2:48:79:54:69:12:27:B1:E3:21:75:D8:F7:A1:CC:3E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEPpwkh5VGkSJ7HjIXXY96HMPvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/vAZb7s6D6Fuq3D4AHtKSkcv7tbk.roa
Signing time: Thu 02 Jan 2025 11:49:41 +0000
ROA not before: Thu 02 Jan 2025 11:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212131
IP address blocks: 85.208.168.0/22 maxlen: 22
2a10:ae80::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:96:6e:75:1a:d4:66:2d:79:55:ca:2e:0d:16:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0843e9c2487954691227b1e32175d8f7a1cc3ef5
Validity
Not Before: Jan 2 11:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc065beece83e85baadc3e001ed29291cbfbb5b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:62:5f:d3:ea:74:66:4e:97:43:ac:8d:a6:2b:
11:46:61:2b:62:75:48:2e:0c:d0:5b:e5:06:58:46:
ee:cd:0e:7b:ac:c8:35:e0:de:70:40:22:c6:e2:0d:
e7:e1:c7:d0:fb:97:d4:35:f9:29:16:df:dc:20:03:
80:af:c7:53:5f:5c:78:ca:51:77:44:20:0e:d2:fd:
2d:31:e8:eb:e4:fd:9e:c9:02:52:6d:60:63:a0:1f:
a8:ac:a9:e9:c3:f0:81:69:8c:1c:59:aa:f0:64:fb:
f8:7e:b6:60:d3:29:75:72:90:05:0d:ba:0d:15:48:
06:47:e1:3d:8d:ff:ab:c8:a4:e5:08:e9:05:c9:03:
28:a2:96:de:b7:d1:b3:95:29:8f:bd:39:fd:c9:96:
a6:3b:f6:c1:d4:d2:bc:c6:19:ca:4c:c7:c7:ce:52:
d8:cb:3c:62:c0:a6:37:1f:ff:12:4f:58:9d:db:c9:
48:c4:43:55:e3:dd:72:08:7a:2e:fb:51:dc:46:a6:
49:00:c5:60:a4:cf:9d:76:23:8f:3e:13:bd:0b:38:
4c:94:d0:23:dd:be:7d:b3:95:55:b8:1b:23:8d:63:
46:9f:5d:0e:68:1c:a9:28:27:f3:ca:fa:d5:89:0e:
7e:82:43:03:94:b4:c5:1a:a0:72:5a:21:5d:e9:49:
f9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:06:5B:EE:CE:83:E8:5B:AA:DC:3E:00:1E:D2:92:91:CB:FB:B5:B9
X509v3 Authority Key Identifier:
keyid:08:43:E9:C2:48:79:54:69:12:27:B1:E3:21:75:D8:F7:A1:CC:3E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEPpwkh5VGkSJ7HjIXXY96HMPvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/vAZb7s6D6Fuq3D4AHtKSkcv7tbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0c4e20-d591-415e-a06f-008a508bae9d/1/CEPpwkh5VGkSJ7HjIXXY96HMPvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.168.0/22
IPv6:
2a10:ae80::/29
Signature Algorithm: sha256WithRSAEncryption
c5:15:d7:70:64:ef:c6:ee:6b:60:ad:a9:d0:95:9b:66:32:24:
94:f9:1b:28:24:fe:f8:9a:34:cc:4e:02:b5:55:68:5d:86:c3:
a9:48:99:c8:f0:d6:00:f3:4d:62:c7:49:01:f0:d3:d3:3f:c9:
7a:60:de:fd:d4:e5:b1:44:d4:4e:a1:17:90:be:ea:2a:e7:d1:
0b:ee:a4:63:e7:33:e8:b9:e5:a7:23:f2:aa:89:85:0d:72:d1:
d1:27:75:bc:41:27:37:b3:07:eb:9c:c2:d9:ef:fe:6a:06:12:
7d:12:2a:c1:47:7c:76:ee:92:0c:80:88:38:3a:71:b5:33:c2:
32:4d:92:c7:f9:e3:5d:2b:e3:02:c8:f6:01:d9:6d:63:d8:70:
a5:84:58:06:37:c2:b6:8e:38:47:01:72:36:e6:6d:d5:d1:a8:
fe:ba:87:cf:d4:5a:82:16:1a:84:5b:cb:5b:d3:b4:84:05:2f:
ca:f0:c8:2b:20:c2:ec:29:29:f1:ff:43:00:1b:9c:1f:a1:91:
e9:5a:96:fe:c0:39:59:39:ee:6c:48:f5:1a:f0:7d:92:44:31:
2a:83:57:19:3c:dc:a0:80:e3:1c:49:25:c9:2d:d5:27:17:c9:
f0:55:0c:04:34:f8:c1:84:ea:31:55:50:d6:d4:bb:76:da:6d:
e4:73:fc:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2ZZudRrUZi15VcouDRbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDNlOWMyNDg3OTU0NjkxMjI3YjFlMzIxNzVkOGY3YTFj
YzNlZjUwHhcNMjUwMTAyMTE0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA2NWJlZWNlODNlODViYWFkYzNlMDAxZWQyOTI5MWNiZmJiNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGJf0+p0Zk6XQ6yNpisRRmErYnVI
LgzQW+UGWEbuzQ57rMg14N5wQCLG4g3n4cfQ+5fUNfkpFt/cIAOAr8dTX1x4ylF3
RCAO0v0tMejr5P2eyQJSbWBjoB+orKnpw/CBaYwcWarwZPv4frZg0yl1cpAFDboN
FUgGR+E9jf+ryKTlCOkFyQMoopbet9GzlSmPvTn9yZamO/bB1NK8xhnKTMfHzlLY
yzxiwKY3H/8ST1id28lIxENV491yCHou+1HcRqZJAMVgpM+ddiOPPhO9CzhMlNAj
3b59s5VVuBsjjWNGn10OaBypKCfzyvrViQ5+gkMDlLTFGqByWiFd6Un5BwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLwGW+7Og+hbqtw+AB7SkpHL+7W5MB8GA1UdIwQY
MBaAFAhD6cJIeVRpEiex4yF12PehzD71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VQcHdraDVWR2tTSjdIaklYWFk5NkhNUHZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYzRlMjAtZDU5MS00MTVlLWEwNmYt
MDA4YTUwOGJhZTlkLzEvdkFaYjdzNkQ2RnVxM0Q0QUh0S1NrY3Y3dGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8wYzRlMjAtZDU5MS00MTVlLWEwNmYtMDA4YTUwOGJhZTlk
LzEvQ0VQcHdraDVWR2tTSjdIaklYWFk5NkhNUHZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdCoMA0E
AgACMAcDBQMqEK6AMA0GCSqGSIb3DQEBCwUAA4IBAQDFFddwZO/G7mtgranQlZtm
MiSU+RsoJP74mjTMTgK1VWhdhsOpSJnI8NYA801ix0kB8NPTP8l6YN791OWxRNRO
oReQvuoq59EL7qRj5zPoueWnI/KqiYUNctHRJ3W8QSc3swfrnMLZ7/5qBhJ9EirB
R3x27pIMgIg4OnG1M8IyTZLH+eNdK+MCyPYB2W1j2HClhFgGN8K2jjhHAXI25m3V
0aj+uofP1FqCFhqEW8tb07SEBS/K8MgrIMLsKSnx/0MAG5wfoZHpWpb+wDlZOe5s
SPUa8H2SRDEqg1cZPNyggOMcSSXJLdUnF8nwVQwENPjBhOoxVVDW1Lt22m3kc/xd
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:39:37 2025 by rpki-client