Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/dp3d8NyouQg-8K-HGzN9kV_bfNA.roa
File: dp3d8NyouQg-8K-HGzN9kV_bfNA.roa (raw, json)
Hash identifier: GLpCUVZVMuFtRdyRKpet07ejBXymc1KwigcRGf3bciE=
Subject key identifier: 76:9D:DD:F0:DC:A8:B9:08:3E:F0:AF:87:1B:33:7D:91:5F:DB:7C:D0
Certificate issuer: /CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Certificate serial: 0194258F6A729493BA62F0BEAB80BCADF1EF
Authority key identifier: 17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/dp3d8NyouQg-8K-HGzN9kV_bfNA.roa
Signing time: Thu 02 Jan 2025 05:49:03 +0000
ROA not before: Thu 02 Jan 2025 05:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34699
IP address blocks: 85.116.224.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6a:72:94:93:ba:62:f0:be:ab:80:bc:ad:f1:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Validity
Not Before: Jan 2 05:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=769dddf0dca8b9083ef0af871b337d915fdb7cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:78:ba:29:0a:67:53:ab:0a:12:26:6b:50:b6:
c6:1f:1b:1d:35:69:9c:d6:07:50:42:ea:f0:71:4c:
f9:7e:68:c0:7f:a3:70:80:5d:24:07:b2:ab:bf:c2:
52:43:f4:e5:4c:53:87:ff:4c:e1:d9:4e:84:4a:e3:
0a:7f:3e:46:f9:28:c1:9b:24:2f:46:40:f5:72:7d:
9d:1b:7e:93:37:c4:22:90:1f:6c:f0:4d:b1:08:72:
7d:fc:71:4e:1c:99:07:ad:2f:ad:0a:ce:3e:5c:b4:
81:1c:72:d6:70:fe:2a:9a:02:4b:38:79:2d:1b:2f:
7f:12:60:b2:64:1f:73:4f:d2:c1:02:52:38:60:4b:
9a:9f:e5:8b:00:dc:3c:08:f0:36:97:52:40:f6:2b:
74:ef:a2:fa:14:95:aa:e3:d6:3a:5a:62:1a:03:e5:
e7:3a:ed:0c:96:ca:6d:ec:45:b3:70:b7:d0:ef:bd:
cf:ed:0e:60:07:d2:7f:30:c5:20:21:59:e8:4d:16:
38:c6:bb:6a:66:4d:0c:7e:e7:c7:5c:d9:06:85:ee:
3b:7d:7a:38:ff:d2:93:f4:99:98:87:1a:6f:0b:a2:
3a:9a:84:62:6c:dc:e2:1d:d1:89:02:4f:dd:a6:e6:
c1:c6:18:d1:84:ac:f1:15:b6:a4:28:d0:60:1b:eb:
d6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:9D:DD:F0:DC:A8:B9:08:3E:F0:AF:87:1B:33:7D:91:5F:DB:7C:D0
X509v3 Authority Key Identifier:
keyid:17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/dp3d8NyouQg-8K-HGzN9kV_bfNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.224.0/20
Signature Algorithm: sha256WithRSAEncryption
55:71:dd:ff:0c:51:87:d2:75:39:47:75:16:ad:d9:dc:60:28:
d4:30:2a:0b:8e:fe:34:9b:2e:b4:db:39:82:da:d0:b7:aa:ce:
1a:85:ec:2a:2a:92:cf:10:28:a5:ea:0a:9b:0c:48:96:14:9e:
ba:61:a3:28:3a:3b:84:54:48:62:87:10:4e:b9:c3:64:cb:93:
1b:98:4a:09:93:6b:51:53:61:6c:32:2e:64:bf:88:4c:48:d6:
74:b1:49:a8:ef:b8:bb:1e:79:d1:d9:45:30:b7:3e:25:6e:0b:
27:b5:22:ec:38:f1:34:69:6c:41:42:13:4e:38:ec:ba:2b:a5:
a2:6f:47:a7:c9:32:4a:c5:8e:b0:90:19:f8:72:c7:1e:5d:ad:
5b:38:48:fb:de:92:bb:57:7f:ea:bc:b0:f1:96:e4:3d:75:83:
bb:b1:f8:07:90:11:ff:c5:71:a2:16:21:c6:f2:db:e1:fe:a0:
cf:fb:29:cd:1c:34:c8:18:e1:ea:ac:32:35:cc:9a:f9:72:bc:
b2:f7:3b:88:29:0f:ba:dd:e9:9c:e7:b7:97:6e:64:98:2a:c4:
27:64:75:19:0d:77:59:e5:71:6e:22:54:37:b0:f5:44:ca:70:
9b:b3:6f:3f:0e:46:ea:1c:0e:2b:f7:d0:10:d9:9a:44:20:db:
f2:c6:72:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj2pylJO6YvC+q4C8rfHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGJkNWFjZjFmOWM3NWQxOGExZjc1MDMxMTE0YzQ4ZjBi
MjMzNjMwHhcNMjUwMTAyMDU0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjlkZGRmMGRjYThiOTA4M2VmMGFmODcxYjMzN2Q5MTVmZGI3Y2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3i6KQpnU6sKEiZrULbGHxsdNWmc
1gdQQurwcUz5fmjAf6NwgF0kB7Krv8JSQ/TlTFOH/0zh2U6ESuMKfz5G+SjBmyQv
RkD1cn2dG36TN8QikB9s8E2xCHJ9/HFOHJkHrS+tCs4+XLSBHHLWcP4qmgJLOHkt
Gy9/EmCyZB9zT9LBAlI4YEuan+WLANw8CPA2l1JA9it076L6FJWq49Y6WmIaA+Xn
Ou0Mlspt7EWzcLfQ773P7Q5gB9J/MMUgIVnoTRY4xrtqZk0MfufHXNkGhe47fXo4
/9KT9JmYhxpvC6I6moRibNziHdGJAk/dpubBxhjRhKzxFbakKNBgG+vWMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHad3fDcqLkIPvCvhxszfZFf23zQMB8GA1UdIwQY
MBaAFBfb1azx+cddGKH3UDERTEjwsjNjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQt
NTgxZGI4N2M4MjFlLzEvZHAzZDhOeW91UWctOEstSEd6TjlrVl9iZk5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQtNTgxZGI4N2M4MjFl
LzEvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEVXTgMA0G
CSqGSIb3DQEBCwUAA4IBAQBVcd3/DFGH0nU5R3UWrdncYCjUMCoLjv40my602zmC
2tC3qs4ahewqKpLPECil6gqbDEiWFJ66YaMoOjuEVEhihxBOucNky5MbmEoJk2tR
U2FsMi5kv4hMSNZ0sUmo77i7HnnR2UUwtz4lbgsntSLsOPE0aWxBQhNOOOy6K6Wi
b0enyTJKxY6wkBn4csceXa1bOEj73pK7V3/qvLDxluQ9dYO7sfgHkBH/xXGiFiHG
8tvh/qDP+ynNHDTIGOHqrDI1zJr5cryy9zuIKQ+63emc57eXbmSYKsQnZHUZDXdZ
5XFuIlQ3sPVEynCbs28/DkbqHA4r99AQ2ZpEINvyxnJ5
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:55:24 2025 by rpki-client