Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/51a60c-cf63-443d-9e02-04dd56f70fe3/1/n5SYr_9AWl7ry045zaGcqL0nDKk.roa
File: n5SYr_9AWl7ry045zaGcqL0nDKk.roa (raw, json)
Hash identifier: T+InoEanLxjmmolVeMM0w1zQ5q4vdK0ebBhDTbrVjAU=
Subject key identifier: 9F:94:98:AF:FF:40:5A:5E:EB:CB:4E:39:CD:A1:9C:A8:BD:27:0C:A9
Certificate issuer: /CN=39e87ef03cf171a40ba2bec89e688bb9d3825873
Certificate serial: 019421B1965BCFE9036AAC0E7F819528665C
Authority key identifier: 39:E8:7E:F0:3C:F1:71:A4:0B:A2:BE:C8:9E:68:8B:B9:D3:82:58:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oeh-8DzxcaQLor7InmiLudOCWHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/51a60c-cf63-443d-9e02-04dd56f70fe3/1/n5SYr_9AWl7ry045zaGcqL0nDKk.roa
Signing time: Wed 01 Jan 2025 11:47:53 +0000
ROA not before: Wed 01 Jan 2025 11:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202139
IP address blocks: 85.158.8.0/22 maxlen: 24
2a05:fa80::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:96:5b:cf:e9:03:6a:ac:0e:7f:81:95:28:66:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39e87ef03cf171a40ba2bec89e688bb9d3825873
Validity
Not Before: Jan 1 11:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f9498afff405a5eebcb4e39cda19ca8bd270ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:20:12:16:4c:38:bd:02:d6:cc:b6:6f:ec:02:
4b:69:48:0e:c2:5d:27:35:04:03:12:d1:be:3a:ee:
da:be:09:f6:53:15:6b:8e:ba:19:a7:a8:c2:a7:44:
ef:a6:c7:27:aa:c8:77:33:19:d4:1f:39:af:23:bc:
bd:20:1c:6a:f7:54:17:f7:1f:ff:0e:80:b4:1a:94:
18:5a:08:db:7a:f7:d0:2c:82:77:55:68:f8:b8:d9:
63:7a:c9:4b:2e:2e:ce:ab:32:62:da:d4:e6:0f:8c:
c8:09:ae:7b:82:6a:32:26:51:05:f7:8f:ee:29:62:
3c:14:47:07:d0:07:fb:dc:42:b2:e2:db:4a:c1:83:
0b:a3:f6:5b:6b:a9:32:83:24:21:6c:5a:73:b0:55:
5f:5b:cd:17:13:22:f3:7e:55:b0:b5:a4:01:8a:6a:
55:6f:44:23:50:63:72:3a:48:51:a3:4e:26:eb:a5:
69:ef:17:6b:7d:cf:27:39:e2:f5:e3:d8:4c:9a:de:
b2:db:12:3a:c7:5d:5e:b4:e1:f5:24:66:e8:4b:40:
80:23:4b:96:64:ae:74:73:5e:97:0f:42:55:10:c8:
a1:9f:5b:c3:2a:61:d3:12:f6:78:6c:ca:c9:27:83:
25:db:51:b3:af:91:94:50:58:a5:7b:f8:c7:c8:74:
05:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:94:98:AF:FF:40:5A:5E:EB:CB:4E:39:CD:A1:9C:A8:BD:27:0C:A9
X509v3 Authority Key Identifier:
keyid:39:E8:7E:F0:3C:F1:71:A4:0B:A2:BE:C8:9E:68:8B:B9:D3:82:58:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oeh-8DzxcaQLor7InmiLudOCWHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/51a60c-cf63-443d-9e02-04dd56f70fe3/1/n5SYr_9AWl7ry045zaGcqL0nDKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/51a60c-cf63-443d-9e02-04dd56f70fe3/1/Oeh-8DzxcaQLor7InmiLudOCWHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.8.0/22
IPv6:
2a05:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
8c:d5:10:e6:75:ac:60:41:64:b6:02:2d:b4:34:51:b9:17:78:
a0:21:bc:ea:68:76:71:bc:6c:ef:d9:df:a4:ad:76:c8:f8:3c:
26:3e:f1:55:1d:59:31:73:16:b8:03:c9:e1:f0:52:62:ce:38:
bb:8b:ad:09:22:fc:6e:49:9c:f3:ca:85:ad:b4:8d:be:0b:47:
c9:41:10:3d:be:d5:a6:6c:71:2d:91:69:ad:53:0b:12:24:ac:
21:50:35:04:86:31:f6:b8:28:30:d1:f5:0b:44:d5:b0:79:02:
de:e4:80:5a:54:f9:81:7a:17:83:35:f2:cf:5c:8b:22:53:6e:
fd:d6:b1:67:38:7b:4f:ab:83:23:e1:1b:27:b2:2b:37:ad:14:
4c:c4:0a:fb:29:aa:0c:c3:bf:00:fc:e7:76:84:18:ff:e8:4d:
f5:0b:4a:e0:2d:83:c6:5b:a8:71:6b:06:5c:99:c9:19:c1:14:
a0:40:7c:d4:a1:09:2e:b3:4b:ff:23:e5:42:fc:83:65:f2:08:
e0:08:e1:1f:46:e1:fb:73:6f:9c:d3:29:d3:ac:99:58:61:90:
7e:10:8e:68:f9:a5:01:98:5a:09:54:2b:6c:62:31:15:3a:71:
65:f1:47:51:c6:43:2e:d6:56:2c:46:72:ff:34:95:4c:1c:b8:
f7:da:07:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsZZbz+kDaqwOf4GVKGZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZTg3ZWYwM2NmMTcxYTQwYmEyYmVjODllNjg4YmI5ZDM4
MjU4NzMwHhcNMjUwMTAxMTE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjk0OThhZmZmNDA1YTVlZWJjYjRlMzljZGExOWNhOGJkMjcwY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSASFkw4vQLWzLZv7AJLaUgOwl0n
NQQDEtG+Ou7avgn2UxVrjroZp6jCp0Tvpscnqsh3MxnUHzmvI7y9IBxq91QX9x//
DoC0GpQYWgjbevfQLIJ3VWj4uNljeslLLi7OqzJi2tTmD4zICa57gmoyJlEF94/u
KWI8FEcH0Af73EKy4ttKwYMLo/Zba6kygyQhbFpzsFVfW80XEyLzflWwtaQBimpV
b0QjUGNyOkhRo04m66Vp7xdrfc8nOeL149hMmt6y2xI6x11etOH1JGboS0CAI0uW
ZK50c16XD0JVEMihn1vDKmHTEvZ4bMrJJ4Ml21Gzr5GUUFile/jHyHQF6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ+UmK//QFpe68tOOc2hnKi9JwypMB8GA1UdIwQY
MBaAFDnofvA88XGkC6K+yJ5oi7nTglhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2VoLThEenhjYVFMb3I3SW5taUx1ZE9DV0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81MWE2MGMtY2Y2My00NDNkLTllMDIt
MDRkZDU2ZjcwZmUzLzEvbjVTWXJfOUFXbDdyeTA0NXphR2NxTDBuREtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81MWE2MGMtY2Y2My00NDNkLTllMDItMDRkZDU2ZjcwZmUz
LzEvT2VoLThEenhjYVFMb3I3SW5taUx1ZE9DV0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVZ4IMA0E
AgACMAcDBQMqBfqAMA0GCSqGSIb3DQEBCwUAA4IBAQCM1RDmdaxgQWS2Ai20NFG5
F3igIbzqaHZxvGzv2d+krXbI+DwmPvFVHVkxcxa4A8nh8FJizji7i60JIvxuSZzz
yoWttI2+C0fJQRA9vtWmbHEtkWmtUwsSJKwhUDUEhjH2uCgw0fULRNWweQLe5IBa
VPmBeheDNfLPXIsiU2791rFnOHtPq4Mj4Rsnsis3rRRMxAr7KaoMw78A/Od2hBj/
6E31C0rgLYPGW6hxawZcmckZwRSgQHzUoQkus0v/I+VC/INl8gjgCOEfRuH7c2+c
0ynTrJlYYZB+EI5o+aUBmFoJVCtsYjEVOnFl8UdRxkMu1lYsRnL/NJVMHLj32gdr
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:46 2025 by rpki-client on console.sobornost.net