Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/4301c9-c0ee-4040-a742-50336f5d340e/1/mGTK3wTvfhonNVwr6seWi2ASIP8.roa
File: mGTK3wTvfhonNVwr6seWi2ASIP8.roa (raw, json)
Hash identifier: aYF3ywz/BlGpMX8QkbZOivZvZOPC3l60CNt4ow7w3FU=
Subject key identifier: 98:64:CA:DF:04:EF:7E:1A:27:35:5C:2B:EA:C7:96:8B:60:12:20:FF
Certificate issuer: /CN=ed5902bdfbd74c33ea76453d145e76f6aa857c41
Certificate serial: 0194206802B75B40D9F0CB21FFA6E611D7E1
Authority key identifier: ED:59:02:BD:FB:D7:4C:33:EA:76:45:3D:14:5E:76:F6:AA:85:7C:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7VkCvfvXTDPqdkU9FF529qqFfEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/4301c9-c0ee-4040-a742-50336f5d340e/1/mGTK3wTvfhonNVwr6seWi2ASIP8.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47658
IP address blocks: 85.116.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:02:b7:5b:40:d9:f0:cb:21:ff:a6:e6:11:d7:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed5902bdfbd74c33ea76453d145e76f6aa857c41
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9864cadf04ef7e1a27355c2beac7968b601220ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0c:32:d9:0f:6f:27:1f:03:cd:88:5c:e2:3c:
43:cd:2d:56:db:7f:8d:ba:55:a4:8e:fb:d2:52:10:
95:7d:68:cf:9a:43:30:17:d1:ef:e0:c6:0f:b6:45:
d0:1b:66:79:4e:6c:1d:18:d7:ec:ab:e8:af:0a:9f:
4b:d6:a3:d9:82:26:1e:80:11:7e:92:29:63:b2:04:
a3:df:10:92:68:94:ab:2b:80:26:48:cd:a2:b6:30:
c7:5b:f9:94:f2:50:f3:ca:13:a7:5f:ac:42:72:90:
cd:48:43:dd:0c:30:81:d0:63:6d:96:29:20:79:05:
52:29:01:94:6b:a5:37:1d:de:ee:ad:2a:dd:84:e4:
5f:8e:06:97:ae:10:7a:c7:92:71:4a:c1:f6:c7:a0:
3c:25:62:8a:5c:0a:75:bf:1c:d4:94:04:7c:9a:9e:
5e:3b:2f:7c:50:48:31:0b:29:20:9f:84:c7:6e:1f:
f8:e2:cd:2a:45:a2:c0:ea:6d:4c:2d:dd:9e:57:b6:
09:99:86:24:55:b6:ff:13:31:c8:83:e6:be:b2:a8:
ca:82:a5:76:65:96:5d:5f:0e:81:54:6f:20:02:21:
00:f5:cc:e3:b0:31:ed:31:07:8d:27:87:a7:77:ce:
a5:3f:24:8b:06:8d:10:6c:18:df:7c:7d:03:87:5f:
ae:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:64:CA:DF:04:EF:7E:1A:27:35:5C:2B:EA:C7:96:8B:60:12:20:FF
X509v3 Authority Key Identifier:
keyid:ED:59:02:BD:FB:D7:4C:33:EA:76:45:3D:14:5E:76:F6:AA:85:7C:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7VkCvfvXTDPqdkU9FF529qqFfEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4301c9-c0ee-4040-a742-50336f5d340e/1/mGTK3wTvfhonNVwr6seWi2ASIP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4301c9-c0ee-4040-a742-50336f5d340e/1/7VkCvfvXTDPqdkU9FF529qqFfEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.40.0/24
Signature Algorithm: sha256WithRSAEncryption
68:a4:ec:75:8b:5d:bd:6c:be:2b:64:b3:91:84:11:6b:38:08:
41:5f:14:e3:7a:3b:11:c6:54:35:da:44:d9:c7:51:e9:71:0c:
a0:4a:a8:4c:1e:b0:b8:5f:d7:db:bb:94:70:ea:66:f1:d2:06:
2d:35:eb:84:ae:f2:60:22:bc:b0:34:93:81:25:bc:62:66:10:
d3:26:83:3b:35:97:13:74:d4:40:7f:e0:2a:95:4a:dd:c6:3f:
ec:59:21:a0:68:8e:4c:9e:54:f5:c0:c9:84:68:94:eb:84:5d:
98:48:93:3e:54:20:68:2a:f2:50:53:3f:9a:dc:ab:f9:90:76:
c6:fb:c0:88:d9:f6:11:51:b8:b3:a4:74:c6:11:24:d7:b7:ec:
7d:cd:8a:04:31:74:4c:77:68:69:a6:7d:87:ec:3f:37:5b:83:
96:c0:70:4c:eb:b7:9d:bb:18:49:17:90:2f:96:15:b6:05:7d:
10:43:dc:aa:82:22:cf:66:82:0d:e8:ff:0c:56:f4:4c:13:e3:
5a:c5:f6:d5:f2:cc:26:e6:15:0c:fa:67:6a:53:7c:21:66:26:
3e:b3:0a:ed:90:f6:b4:e2:c5:7e:99:fe:0b:d5:af:56:8d:c8:
9d:7d:d0:90:1a:7a:26:0f:de:b4:4e:1c:b9:8d:c4:c0:41:bf:
cb:70:77:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaAK3W0DZ8Msh/6bmEdfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNTkwMmJkZmJkNzRjMzNlYTc2NDUzZDE0NWU3NmY2YWE4
NTdjNDEwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODY0Y2FkZjA0ZWY3ZTFhMjczNTVjMmJlYWM3OTY4YjYwMTIyMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngwy2Q9vJx8DzYhc4jxDzS1W23+N
ulWkjvvSUhCVfWjPmkMwF9Hv4MYPtkXQG2Z5TmwdGNfsq+ivCp9L1qPZgiYegBF+
kiljsgSj3xCSaJSrK4AmSM2itjDHW/mU8lDzyhOnX6xCcpDNSEPdDDCB0GNtlikg
eQVSKQGUa6U3Hd7urSrdhORfjgaXrhB6x5JxSsH2x6A8JWKKXAp1vxzUlAR8mp5e
Oy98UEgxCykgn4THbh/44s0qRaLA6m1MLd2eV7YJmYYkVbb/EzHIg+a+sqjKgqV2
ZZZdXw6BVG8gAiEA9czjsDHtMQeNJ4end86lPySLBo0QbBjffH0Dh1+uWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhkyt8E734aJzVcK+rHlotgEiD/MB8GA1UdIwQY
MBaAFO1ZAr3710wz6nZFPRRedvaqhXxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1ZrQ3ZmdlhURFBxZGtVOUZGNTI5cXFGZkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80MzAxYzktYzBlZS00MDQwLWE3NDIt
NTAzMzZmNWQzNDBlLzEvbUdUSzN3VHZmaG9uTlZ3cjZzZVdpMkFTSVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80MzAxYzktYzBlZS00MDQwLWE3NDItNTAzMzZmNWQzNDBl
LzEvN1ZrQ3ZmdlhURFBxZGtVOUZGNTI5cXFGZkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXQoMA0G
CSqGSIb3DQEBCwUAA4IBAQBopOx1i129bL4rZLORhBFrOAhBXxTjejsRxlQ12kTZ
x1HpcQygSqhMHrC4X9fbu5Rw6mbx0gYtNeuErvJgIrywNJOBJbxiZhDTJoM7NZcT
dNRAf+AqlUrdxj/sWSGgaI5MnlT1wMmEaJTrhF2YSJM+VCBoKvJQUz+a3Kv5kHbG
+8CI2fYRUbizpHTGESTXt+x9zYoEMXRMd2hppn2H7D83W4OWwHBM67eduxhJF5Av
lhW2BX0QQ9yqgiLPZoIN6P8MVvRME+NaxfbV8swm5hUM+mdqU3whZiY+swrtkPa0
4sV+mf4L1a9WjcidfdCQGnomD960Thy5jcTAQb/LcHeV
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:10:23 2025 by rpki-client