Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/rD1DyuXlotr5xosPSyeJDExCkk4.roa
File: rD1DyuXlotr5xosPSyeJDExCkk4.roa (raw, json)
Hash identifier: vqY5iQLurSqfXlXZ7xp9Cs7NZG2x1ohqMIKv8p8BnDM=
Subject key identifier: AC:3D:43:CA:E5:E5:A2:DA:F9:C6:8B:0F:4B:27:89:0C:4C:42:92:4E
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 019427471A014B07B5239B08B777E8A50DD7
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/rD1DyuXlotr5xosPSyeJDExCkk4.roa
Signing time: Thu 02 Jan 2025 13:49:18 +0000
ROA not before: Thu 02 Jan 2025 13:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210393
IP address blocks: 85.31.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:1a:01:4b:07:b5:23:9b:08:b7:77:e8:a5:0d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 2 13:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac3d43cae5e5a2daf9c68b0f4b27890c4c42924e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d6:a5:eb:7a:91:d7:23:dd:5b:fd:25:26:e7:
bf:de:fb:75:f1:1e:13:db:3a:3f:4b:41:5b:95:53:
29:a3:de:f6:3f:8b:f6:26:89:15:23:ac:7e:80:d2:
96:92:d2:44:66:94:2c:22:61:f2:98:0c:d1:ad:82:
32:12:c4:eb:5e:05:f4:18:0c:5e:b0:3d:e6:c8:11:
ce:2a:64:40:36:43:e0:80:83:ca:8f:c0:21:03:53:
87:3b:cd:98:be:a5:0b:34:98:f0:09:f8:23:71:79:
61:38:f1:60:2a:17:3d:ba:9f:85:12:7a:67:b1:41:
18:74:f8:48:98:c9:36:44:1e:5e:49:7f:98:05:0a:
47:39:e2:25:f2:e2:8c:e3:6f:79:3b:e5:49:b7:50:
d1:5d:58:c1:40:83:39:84:b2:03:e9:69:c2:84:15:
23:1e:d4:17:13:b1:0b:06:00:2c:50:0d:65:67:8e:
5f:40:9b:a5:52:42:c1:9f:50:23:49:8a:ce:29:99:
42:a4:56:08:40:de:d9:e8:f7:dd:98:bc:67:6c:b4:
17:a9:d0:a1:25:5e:3b:ac:d3:f1:6e:9f:32:3d:d9:
d7:9c:73:ea:8e:95:76:0c:24:33:c1:24:0e:ac:b1:
53:18:e1:b2:0a:fe:2b:01:90:fc:06:30:3d:0f:75:
95:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3D:43:CA:E5:E5:A2:DA:F9:C6:8B:0F:4B:27:89:0C:4C:42:92:4E
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/rD1DyuXlotr5xosPSyeJDExCkk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.6.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:20:06:ec:26:04:bd:13:2d:6d:d4:cd:af:73:f6:40:bf:12:
9f:f5:8f:64:2e:a3:11:39:dd:d0:91:5c:8a:36:30:12:43:95:
d3:f7:9c:71:b0:8f:a3:11:31:d4:3c:28:2f:29:4e:69:c7:1f:
9e:d3:c4:9e:bb:68:8d:eb:81:b0:62:fa:d1:c8:5a:ee:4b:5b:
0c:51:4c:31:34:81:b7:ff:37:95:2f:e7:63:cf:00:0e:2d:e9:
4f:f3:6e:f5:6f:10:a2:b1:a6:3d:ae:69:2b:5a:38:f3:9e:5c:
f0:bd:c6:6a:da:70:b6:5b:b9:76:0d:72:3c:d0:67:06:6f:7d:
58:24:de:a8:f1:ba:ea:7b:fe:63:54:dd:19:64:7b:38:a6:a2:
ca:62:d1:da:39:e4:c8:4a:e8:ce:0a:78:ab:28:58:b9:04:65:
73:80:7a:0b:68:cf:15:63:9f:bd:6f:91:a5:85:9f:7f:7b:cd:
1b:7c:ba:ae:a6:62:ab:ad:f5:ec:18:80:aa:84:68:b6:32:dd:
df:88:69:cd:98:5a:17:3b:ab:c4:7b:06:cc:da:01:87:ff:d7:
12:fe:eb:72:7a:35:2f:17:7b:f8:d5:30:2d:7b:a2:db:e6:ba:
c2:50:31:21:b1:c0:87:0a:90:e2:5a:d7:dc:d2:d9:e3:3c:59:
fa:ce:57:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRxoBSwe1I5sIt3fopQ3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjUwMTAyMTM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzNkNDNjYWU1ZTVhMmRhZjljNjhiMGY0YjI3ODkwYzRjNDI5MjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtal63qR1yPdW/0lJue/3vt18R4T
2zo/S0FblVMpo972P4v2JokVI6x+gNKWktJEZpQsImHymAzRrYIyEsTrXgX0GAxe
sD3myBHOKmRANkPggIPKj8AhA1OHO82YvqULNJjwCfgjcXlhOPFgKhc9up+FEnpn
sUEYdPhImMk2RB5eSX+YBQpHOeIl8uKM4295O+VJt1DRXVjBQIM5hLID6WnChBUj
HtQXE7ELBgAsUA1lZ45fQJulUkLBn1AjSYrOKZlCpFYIQN7Z6PfdmLxnbLQXqdCh
JV47rNPxbp8yPdnXnHPqjpV2DCQzwSQOrLFTGOGyCv4rAZD8BjA9D3WVJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKw9Q8rl5aLa+caLD0sniQxMQpJOMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvckQxRHl1WGxvdHI1eG9zUFN5ZUpERXhDa2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVR8GMA0G
CSqGSIb3DQEBCwUAA4IBAQA7IAbsJgS9Ey1t1M2vc/ZAvxKf9Y9kLqMROd3QkVyK
NjASQ5XT95xxsI+jETHUPCgvKU5pxx+e08Seu2iN64GwYvrRyFruS1sMUUwxNIG3
/zeVL+djzwAOLelP8271bxCisaY9rmkrWjjznlzwvcZq2nC2W7l2DXI80GcGb31Y
JN6o8brqe/5jVN0ZZHs4pqLKYtHaOeTISujOCnirKFi5BGVzgHoLaM8VY5+9b5Gl
hZ9/e80bfLqupmKrrfXsGICqhGi2Mt3fiGnNmFoXO6vEewbM2gGH/9cS/utyejUv
F3v41TAte6Lb5rrCUDEhscCHCpDiWtfc0tnjPFn6zldD
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:03:52 2025 by rpki-client