Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SKjvjP4gY0WEmMWHkxBx5hw-YjM.roa
File: SKjvjP4gY0WEmMWHkxBx5hw-YjM.roa (raw, json)
Hash identifier: czu1niFpqV85KXxWDwgvxI2xLjGzCV51QfLP/FPCQqM=
Subject key identifier: 48:A8:EF:8C:FE:20:63:45:84:98:C5:87:93:10:71:E6:1C:3E:62:33
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FC2D5C999A86331EF6C60C6175730
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SKjvjP4gY0WEmMWHkxBx5hw-YjM.roa
Signing time: Wed 01 Jan 2025 13:48:14 +0000
ROA not before: Wed 01 Jan 2025 13:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43153
IP address blocks: 85.219.208.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c2:d5:c9:99:a8:63:31:ef:6c:60:c6:17:57:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48a8ef8cfe2063458498c587931071e61c3e6233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:dd:74:ca:3d:0c:e6:67:52:19:f8:2f:a8:
87:d8:ef:55:7c:c3:bb:36:03:c7:86:bd:63:8c:e6:
54:02:91:f1:ad:81:15:81:fd:a2:07:cd:c7:c8:51:
89:c3:2a:f3:bd:1f:17:bf:55:dc:42:03:13:02:6c:
7b:66:77:c8:c5:1b:13:38:fe:f1:41:68:85:1b:a4:
a7:ae:c4:7e:33:a8:af:46:c7:de:82:8a:ab:5b:d7:
b3:e7:f7:63:8f:0d:c2:38:ae:83:bb:c6:97:46:da:
05:3f:6e:33:e6:ae:3b:75:bf:bb:32:10:86:cc:ee:
2a:0c:56:4d:5e:85:5b:58:e0:18:a2:63:a0:b9:69:
4c:c8:6f:9e:45:37:55:5b:c2:01:d8:7f:56:2e:30:
4e:bb:6b:83:09:f4:ec:6a:fb:63:59:39:6e:81:e2:
3c:3b:39:4d:1b:f2:be:fd:d2:d9:8b:e0:73:82:65:
43:29:2e:36:26:80:39:0a:e5:d4:10:19:6c:c2:76:
2e:c9:7c:be:c3:ee:80:2e:84:ca:02:0c:61:9b:1e:
62:e9:48:90:f0:12:4d:31:b3:0f:15:b7:0a:6f:29:
ca:38:fb:07:99:b6:9f:ac:c1:df:f3:4a:0e:f5:59:
ad:98:28:ed:71:1e:ea:8d:86:48:48:ae:62:97:63:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A8:EF:8C:FE:20:63:45:84:98:C5:87:93:10:71:E6:1C:3E:62:33
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SKjvjP4gY0WEmMWHkxBx5hw-YjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.208.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:8c:ac:21:1a:41:ad:1a:cf:20:63:6c:7b:ee:5e:59:1d:e5:
f6:44:b0:84:ce:af:8f:fd:ce:27:0c:8a:9c:80:10:cb:8a:2e:
f6:14:b8:c3:60:76:6a:36:91:52:f8:f3:64:31:2b:e2:bf:52:
90:5c:75:94:83:55:e8:d0:57:97:65:73:b2:7e:1f:34:3d:6e:
1b:9c:3e:3c:24:17:46:2b:3a:0c:2c:91:5c:69:af:d7:8e:62:
95:72:4a:ed:d5:a8:f6:1a:0d:fe:bd:80:2b:d5:ad:f4:0b:36:
9e:3e:6c:9a:e1:be:bc:61:e7:1e:88:62:ab:12:97:46:7b:a1:
30:f0:a6:4d:d4:3b:7d:01:18:be:44:39:a3:76:8d:76:2c:7f:
e5:2f:4b:09:a1:9b:56:99:66:4f:65:66:a6:35:f0:01:29:54:
56:f3:fc:fd:d9:17:1c:f5:27:82:57:23:62:9b:cd:12:71:e4:
0e:57:df:96:ff:38:e8:ba:0e:1a:3b:91:ba:15:48:26:73:8e:
66:35:07:3f:5e:98:d6:ec:c9:6c:7c:9e:7e:6e:60:6a:0a:50:
f9:ea:2b:ea:9d:1a:33:59:55:8a:8a:56:b2:e4:c2:82:39:59:
25:e7:bb:6a:69:e6:f5:60:3d:37:9a:c5:97:e6:6b:1b:ee:0e:
d6:6a:21:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8LVyZmoYzHvbGDGF1cwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGE4ZWY4Y2ZlMjA2MzQ1ODQ5OGM1ODc5MzEwNzFlNjFjM2U2MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3/ddMo9DOZnUhn4L6iH2O9VfMO7
NgPHhr1jjOZUApHxrYEVgf2iB83HyFGJwyrzvR8Xv1XcQgMTAmx7ZnfIxRsTOP7x
QWiFG6SnrsR+M6ivRsfegoqrW9ez5/djjw3COK6Du8aXRtoFP24z5q47db+7MhCG
zO4qDFZNXoVbWOAYomOguWlMyG+eRTdVW8IB2H9WLjBOu2uDCfTsavtjWTlugeI8
OzlNG/K+/dLZi+BzgmVDKS42JoA5CuXUEBlswnYuyXy+w+6ALoTKAgxhmx5i6UiQ
8BJNMbMPFbcKbynKOPsHmbafrMHf80oO9VmtmCjtcR7qjYZISK5il2NENQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEio74z+IGNFhJjFh5MQceYcPmIzMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvU0tqdmpQNGdZMFdFbU1XSGt4Qng1aHctWWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdvQMA0G
CSqGSIb3DQEBCwUAA4IBAQBejKwhGkGtGs8gY2x77l5ZHeX2RLCEzq+P/c4nDIqc
gBDLii72FLjDYHZqNpFS+PNkMSviv1KQXHWUg1Xo0FeXZXOyfh80PW4bnD48JBdG
KzoMLJFcaa/XjmKVckrt1aj2Gg3+vYAr1a30CzaePmya4b68YeceiGKrEpdGe6Ew
8KZN1Dt9ARi+RDmjdo12LH/lL0sJoZtWmWZPZWamNfABKVRW8/z92Rcc9SeCVyNi
m80SceQOV9+W/zjoug4aO5G6FUgmc45mNQc/XpjW7MlsfJ5+bmBqClD56ivqnRoz
WVWKilay5MKCOVkl57tqaeb1YD03msWX5msb7g7WaiFl
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:46:06 2025 by rpki-client