Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/vdLZKDeZrm1csyvUGvTK17cDwbA.roa
File: vdLZKDeZrm1csyvUGvTK17cDwbA.roa (raw, json)
Hash identifier: 4FGoBySJOQZoRoh12OiMAMVHk1hvxrm9AdNoXGLJWFw=
Subject key identifier: BD:D2:D9:28:37:99:AE:6D:5C:B3:2B:D4:1A:F4:CA:D7:B7:03:C1:B0
Certificate issuer: /CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Certificate serial: 0194258F6B3ED5AB9EF0D4F4145E56BDF98F
Authority key identifier: 17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/vdLZKDeZrm1csyvUGvTK17cDwbA.roa
Signing time: Thu 02 Jan 2025 05:49:03 +0000
ROA not before: Thu 02 Jan 2025 05:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42985
IP address blocks: 85.116.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6b:3e:d5:ab:9e:f0:d4:f4:14:5e:56:bd:f9:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Validity
Not Before: Jan 2 05:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd2d9283799ae6d5cb32bd41af4cad7b703c1b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ce:08:5b:1b:76:6e:61:2d:7f:1c:e0:42:00:
32:67:41:50:70:58:3d:8e:04:80:d0:ee:d1:d3:5f:
24:4a:d3:75:51:a0:96:43:d3:16:a9:0a:ff:55:c0:
cb:6f:09:ba:c0:d8:d9:43:28:93:0c:68:c1:e9:17:
2f:c4:12:2b:18:21:26:b8:58:d1:dd:cb:e6:5d:cc:
8d:3a:c9:0a:9e:c5:44:30:a8:39:de:7b:a1:ec:8c:
a4:62:a9:af:2e:41:5a:38:d1:be:8f:97:9e:f0:c4:
43:9b:25:c4:f8:c8:ae:ab:19:c1:b8:f2:1e:ba:f1:
ab:df:10:8d:f8:56:e3:ab:f1:2c:8a:58:02:37:94:
42:68:e8:11:85:5f:4b:2a:10:bb:dd:9b:40:fb:17:
e4:8a:ce:cd:97:71:56:8f:e8:ad:73:5f:93:3d:c6:
03:19:bf:a8:45:07:a7:31:66:c2:41:2f:f6:98:f0:
97:00:13:46:ae:7d:8b:58:2d:0b:38:e9:a1:a1:ce:
85:03:5b:d8:c5:cb:ad:e3:32:34:d0:6d:77:d2:9f:
9a:2b:9c:48:2d:8a:ac:72:bc:d2:50:2f:8a:82:cc:
3b:49:2d:95:09:15:0f:75:5a:34:54:97:ad:b7:90:
18:9b:34:a6:16:47:2e:29:39:38:70:df:63:34:de:
5d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D2:D9:28:37:99:AE:6D:5C:B3:2B:D4:1A:F4:CA:D7:B7:03:C1:B0
X509v3 Authority Key Identifier:
keyid:17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/vdLZKDeZrm1csyvUGvTK17cDwbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.255.0/24
Signature Algorithm: sha256WithRSAEncryption
36:40:d4:0a:bf:09:0c:7b:d0:fd:f7:83:38:47:d5:27:b1:bd:
49:b4:f1:b9:ad:ea:a2:03:54:79:fe:b1:bd:ea:4d:0a:68:b8:
8f:87:0e:67:27:7c:23:ae:13:72:15:ba:33:a3:16:96:3e:f8:
df:1b:23:d0:35:b7:ce:f1:d7:33:95:f1:dd:7d:ea:ea:9b:a3:
5d:0d:6b:71:8e:a2:92:6d:0a:6e:a7:a8:13:1b:66:cd:ec:4f:
80:43:97:fb:18:06:11:60:da:15:1b:15:0e:fa:80:a8:9d:88:
b8:1a:20:f4:b7:82:e2:0a:85:5b:82:e0:fe:7b:6a:be:f4:1f:
3f:a3:b5:96:71:f1:3f:f0:2d:84:57:81:dd:31:20:99:64:a6:
e8:fc:53:bd:eb:02:98:ff:7b:b1:31:a7:ec:f8:df:5d:d7:99:
4a:f9:d9:3b:f8:f8:e3:5e:44:4f:b7:7d:bb:c1:1b:bf:f7:92:
a0:b1:ed:07:1a:7a:71:e3:79:da:47:c5:8a:f2:34:b0:15:e1:
f1:41:41:2a:37:01:e6:55:74:ab:f8:f7:e8:06:1d:33:36:bb:
42:09:14:90:ec:12:ab:f4:19:dd:9c:84:ae:03:41:2c:dc:56:
09:80:be:75:75:bb:1d:ed:aa:a8:36:b8:86:a1:2c:dc:7c:72:
3e:0e:3b:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj2s+1aue8NT0FF5WvfmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGJkNWFjZjFmOWM3NWQxOGExZjc1MDMxMTE0YzQ4ZjBi
MjMzNjMwHhcNMjUwMTAyMDU0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQyZDkyODM3OTlhZTZkNWNiMzJiZDQxYWY0Y2FkN2I3MDNjMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM4IWxt2bmEtfxzgQgAyZ0FQcFg9
jgSA0O7R018kStN1UaCWQ9MWqQr/VcDLbwm6wNjZQyiTDGjB6RcvxBIrGCEmuFjR
3cvmXcyNOskKnsVEMKg53nuh7IykYqmvLkFaONG+j5ee8MRDmyXE+MiuqxnBuPIe
uvGr3xCN+Fbjq/EsilgCN5RCaOgRhV9LKhC73ZtA+xfkis7Nl3FWj+itc1+TPcYD
Gb+oRQenMWbCQS/2mPCXABNGrn2LWC0LOOmhoc6FA1vYxcut4zI00G130p+aK5xI
LYqscrzSUC+Kgsw7SS2VCRUPdVo0VJett5AYmzSmFkcuKTk4cN9jNN5dYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3S2Sg3ma5tXLMr1Br0yte3A8GwMB8GA1UdIwQY
MBaAFBfb1azx+cddGKH3UDERTEjwsjNjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQt
NTgxZGI4N2M4MjFlLzEvdmRMWktEZVpybTFjc3l2VUd2VEsxN2NEd2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQtNTgxZGI4N2M4MjFl
LzEvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXT/MA0G
CSqGSIb3DQEBCwUAA4IBAQA2QNQKvwkMe9D994M4R9Unsb1JtPG5reqiA1R5/rG9
6k0KaLiPhw5nJ3wjrhNyFbozoxaWPvjfGyPQNbfO8dczlfHdferqm6NdDWtxjqKS
bQpup6gTG2bN7E+AQ5f7GAYRYNoVGxUO+oConYi4GiD0t4LiCoVbguD+e2q+9B8/
o7WWcfE/8C2EV4HdMSCZZKbo/FO96wKY/3uxMafs+N9d15lK+dk7+PjjXkRPt327
wRu/95Kgse0HGnpx43naR8WK8jSwFeHxQUEqNwHmVXSr+PfoBh0zNrtCCRSQ7BKr
9BndnISuA0Es3FYJgL51dbsd7aqoNriGoSzcfHI+DjvY
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:19:27 2025 by rpki-client