Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Yq66fZuMgIwKUWGe6Rojv87mneM.roa
File: Yq66fZuMgIwKUWGe6Rojv87mneM.roa (raw, json)
Hash identifier: 6XGZPAlElgKvBjRg8R3tgq0xOSRVI6rF33/1TiiIZA8=
Subject key identifier: 62:AE:BA:7D:9B:8C:80:8C:0A:51:61:9E:E9:1A:23:BF:CE:E6:9D:E3
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019421B263876B2B1C2ABFA726857BB19C3C
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Yq66fZuMgIwKUWGe6Rojv87mneM.roa
Signing time: Wed 01 Jan 2025 11:48:46 +0000
ROA not before: Wed 01 Jan 2025 11:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56679
IP address blocks: 85.143.156.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:63:87:6b:2b:1c:2a:bf:a7:26:85:7b:b1:9c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62aeba7d9b8c808c0a51619ee91a23bfcee69de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:94:b9:71:db:e9:70:fc:f5:13:ea:14:11:22:
46:ed:5b:86:e9:fd:11:2c:fb:fb:0b:7e:94:c5:8a:
fd:6c:7f:06:8f:7c:af:a1:fc:0b:4c:60:f9:5b:dc:
e7:1b:a3:46:c2:f5:cf:19:33:32:7c:53:16:50:0e:
a7:fd:53:7c:a5:47:8d:47:09:56:25:2b:bb:d3:5b:
65:7e:c1:e6:0c:55:12:17:d7:dc:e8:20:35:73:4b:
b5:9b:a0:55:84:6e:41:a3:f8:ad:7f:6f:24:e4:33:
fe:af:44:73:a2:59:35:60:3c:99:5c:44:90:69:3e:
ac:d9:4f:59:af:c4:b1:c6:1e:63:ed:04:3f:d2:f8:
5b:d8:f0:49:66:cd:66:be:6c:73:6c:cc:cd:db:de:
17:2c:ae:01:f8:e8:4e:e0:d5:e3:2e:f6:49:21:bb:
1b:4c:11:26:3c:31:4a:f7:79:92:b8:6b:2c:0c:d2:
09:f2:fd:01:5c:d2:bb:83:01:b6:b7:4f:85:e6:33:
81:f4:58:50:ef:2e:7b:24:a2:66:8d:d2:c0:2b:f7:
6d:4c:05:0e:e3:53:2e:3a:f2:f6:d9:9c:d6:a8:6a:
fc:15:e3:53:11:12:51:e9:b9:de:99:5c:6b:b7:2f:
99:fe:0a:8d:1f:f2:43:28:08:f3:d7:75:cd:6e:c4:
03:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AE:BA:7D:9B:8C:80:8C:0A:51:61:9E:E9:1A:23:BF:CE:E6:9D:E3
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Yq66fZuMgIwKUWGe6Rojv87mneM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.156.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:00:62:9a:27:4b:4a:a8:ab:bf:23:7f:42:8e:f9:41:0b:f7:
f5:f6:ed:54:ea:25:d2:5c:ff:f4:ec:7a:df:e9:91:0c:b5:3b:
ff:af:fb:39:2a:a6:e0:3b:9e:dc:2a:73:26:cb:c3:41:93:b7:
88:0a:3b:92:82:8e:24:f3:02:86:0b:a9:1b:f5:ce:87:57:b1:
dd:19:5c:66:a9:77:c3:a2:a7:31:8e:30:af:15:e8:60:fc:89:
b3:d9:a9:6d:54:1a:43:e3:46:65:5d:11:09:d2:d9:32:be:69:
04:15:e8:b9:c5:29:67:27:c9:ff:71:bd:83:8d:8a:70:ab:26:
30:5c:cc:dc:04:e9:39:f5:8c:fc:87:27:6e:f9:d4:68:c5:7a:
da:6c:cd:0f:55:2f:1c:c6:62:84:4e:f0:3b:e9:b5:a6:c3:ce:
f0:51:47:88:6b:4b:93:f5:a5:5c:3c:ab:cd:87:3e:24:8a:25:
f2:71:77:36:12:3e:0f:62:04:ce:b8:c7:a6:38:17:ec:31:6e:
dc:48:e7:2f:f1:5b:7a:00:ab:2f:f9:08:a7:05:55:66:14:81:
2b:02:3c:2c:d8:67:ea:19:d5:ad:40:f9:4d:02:e1:d8:57:21:
bd:d6:dc:33:a2:92:21:08:71:2a:b6:83:72:0c:f8:d6:70:05:
7b:67:9a:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsmOHayscKr+nJoV7sZw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjUwMTAxMTE0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmFlYmE3ZDliOGM4MDhjMGE1MTYxOWVlOTFhMjNiZmNlZTY5ZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5S5cdvpcPz1E+oUESJG7VuG6f0R
LPv7C36UxYr9bH8Gj3yvofwLTGD5W9znG6NGwvXPGTMyfFMWUA6n/VN8pUeNRwlW
JSu701tlfsHmDFUSF9fc6CA1c0u1m6BVhG5Bo/itf28k5DP+r0Rzolk1YDyZXESQ
aT6s2U9Zr8Sxxh5j7QQ/0vhb2PBJZs1mvmxzbMzN294XLK4B+OhO4NXjLvZJIbsb
TBEmPDFK93mSuGssDNIJ8v0BXNK7gwG2t0+F5jOB9FhQ7y57JKJmjdLAK/dtTAUO
41MuOvL22ZzWqGr8FeNTERJR6bnemVxrty+Z/gqNH/JDKAjz13XNbsQDoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKuun2bjICMClFhnukaI7/O5p3jMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvWXE2NmZadU1nSXdLVVdHZTZSb2p2ODdtbmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVY+cMA0G
CSqGSIb3DQEBCwUAA4IBAQAdAGKaJ0tKqKu/I39CjvlBC/f19u1U6iXSXP/07Hrf
6ZEMtTv/r/s5KqbgO57cKnMmy8NBk7eICjuSgo4k8wKGC6kb9c6HV7HdGVxmqXfD
oqcxjjCvFehg/Imz2altVBpD40ZlXREJ0tkyvmkEFei5xSlnJ8n/cb2DjYpwqyYw
XMzcBOk59Yz8hydu+dRoxXrabM0PVS8cxmKETvA76bWmw87wUUeIa0uT9aVcPKvN
hz4kiiXycXc2Ej4PYgTOuMemOBfsMW7cSOcv8Vt6AKsv+QinBVVmFIErAjws2Gfq
GdWtQPlNAuHYVyG91twzopIhCHEqtoNyDPjWcAV7Z5o0
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:19:38 2025 by rpki-client