Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/5-1oK7ZffFqStfo7QWXqKcGuZfk.roa
File: 5-1oK7ZffFqStfo7QWXqKcGuZfk.roa (raw, json)
Hash identifier: ae86GvhPxW1Ea0shedYB3VtmcIvsIfxJLLLA1E/5h/A=
Subject key identifier: E7:ED:68:2B:B6:5F:7C:5A:92:B5:FA:3B:41:65:EA:29:C1:AE:65:F9
Certificate issuer: /CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Certificate serial: 01960103D4338C100CCA9328E221A252EB21
Authority key identifier: 89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/5-1oK7ZffFqStfo7QWXqKcGuZfk.roa
Signing time: Fri 04 Apr 2025 13:35:49 +0000
ROA not before: Fri 04 Apr 2025 13:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22773
IP address blocks: 85.204.148.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:01:03:d4:33:8c:10:0c:ca:93:28:e2:21:a2:52:eb:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Validity
Not Before: Apr 4 13:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7ed682bb65f7c5a92b5fa3b4165ea29c1ae65f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:26:cc:97:73:42:b3:6f:84:21:66:b5:18:fa:
85:0f:67:85:91:29:cf:ae:80:92:ce:c1:96:c2:da:
7d:a6:3c:33:66:8d:dc:2c:c5:a5:5d:fa:85:d7:3a:
01:3a:6e:36:df:39:f5:34:0c:ef:40:d1:dd:34:68:
16:7e:a1:50:62:d7:d7:47:7c:05:64:46:c2:4f:60:
ae:bd:97:d6:a6:82:85:8e:99:6c:c6:96:b4:21:26:
43:7f:06:03:b0:bd:8a:c5:66:26:22:a6:be:1e:c8:
04:e1:58:6a:7a:c3:b6:15:6d:78:9a:5f:44:c0:3d:
c2:8e:3f:1c:d4:df:d7:91:6d:0a:5e:b2:93:a0:e6:
f6:8f:71:e9:a4:19:a0:74:dd:fe:f2:1a:8f:26:4d:
e2:63:e5:c1:98:09:38:d2:9d:4e:53:d4:f4:4e:09:
ee:ea:e7:5a:3d:bc:20:67:be:7f:39:54:8d:a2:40:
7a:60:0d:bb:95:bf:26:ac:43:b9:6d:36:28:09:8a:
1e:89:8d:95:b1:55:80:0a:46:01:93:48:02:04:69:
85:89:9f:3e:67:18:23:de:e1:6d:fd:12:2d:c4:7e:
c6:37:62:18:cf:78:d6:15:dc:da:41:42:02:6b:4f:
56:75:cc:1c:12:c6:63:6d:47:c1:82:42:e0:79:ef:
af:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:ED:68:2B:B6:5F:7C:5A:92:B5:FA:3B:41:65:EA:29:C1:AE:65:F9
X509v3 Authority Key Identifier:
keyid:89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/5-1oK7ZffFqStfo7QWXqKcGuZfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/iXj_XaszxC2mX-Thq_vKTq-90qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.148.0/22
Signature Algorithm: sha256WithRSAEncryption
95:d3:db:a3:da:d2:58:28:c0:8c:5c:f5:a7:fb:46:0e:9a:b5:
36:ff:21:fa:1f:b8:f1:eb:d9:7a:f9:b6:df:18:c1:df:d8:16:
20:02:58:6b:a1:13:21:23:83:79:42:e4:06:35:9a:06:d5:83:
b1:c5:c3:01:97:e1:0a:f4:22:54:66:2d:3f:37:b4:27:df:23:
8c:50:20:0e:4c:a4:8f:85:51:01:31:50:6f:6b:07:d4:88:cc:
48:d7:f1:53:d6:aa:9f:c0:8d:93:b4:79:8f:92:d8:6c:40:c0:
0d:4b:dc:aa:00:29:c5:46:84:f1:58:d2:05:65:e5:25:a2:81:
09:ce:da:0d:29:2b:6d:95:bc:fb:a8:d0:4d:ee:55:69:d5:e1:
86:4b:d3:de:34:5f:06:91:76:fa:e5:0d:58:14:2f:b5:e1:1f:
9d:f5:1c:ce:10:07:1b:a7:66:c5:98:fc:f8:cb:9c:b8:2b:63:
ad:58:82:86:fd:43:19:dc:10:68:6c:c2:11:3b:60:0a:48:d4:
92:43:1b:f0:73:11:2f:2e:11:94:bd:d0:f3:96:3a:2e:75:da:
a0:ed:e9:53:51:a7:c6:8f:b4:fe:bf:17:05:b7:54:5c:4b:04:
48:f9:fa:62:8d:e9:fd:85:96:45:01:75:f2:b8:ee:fe:0e:42:
a2:ca:e4:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYBA9QzjBAMypMo4iGiUushMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NzhmZjVkYWIzM2M0MmRhNjVmZTRlMWFiZmJjYTRlYWZi
ZGQyYWEwHhcNMjUwNDA0MTMzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2VkNjgyYmI2NWY3YzVhOTJiNWZhM2I0MTY1ZWEyOWMxYWU2NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCbMl3NCs2+EIWa1GPqFD2eFkSnP
roCSzsGWwtp9pjwzZo3cLMWlXfqF1zoBOm423zn1NAzvQNHdNGgWfqFQYtfXR3wF
ZEbCT2CuvZfWpoKFjplsxpa0ISZDfwYDsL2KxWYmIqa+HsgE4VhqesO2FW14ml9E
wD3Cjj8c1N/XkW0KXrKToOb2j3HppBmgdN3+8hqPJk3iY+XBmAk40p1OU9T0Tgnu
6udaPbwgZ75/OVSNokB6YA27lb8mrEO5bTYoCYoeiY2VsVWACkYBk0gCBGmFiZ8+
Zxgj3uFt/RItxH7GN2IYz3jWFdzaQUICa09WdcwcEsZjbUfBgkLgee+vNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOftaCu2X3xakrX6O0Fl6inBrmX5MB8GA1UdIwQY
MBaAFIl4/12rM8Qtpl/k4av7yk6vvdKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQt
ZDAyZDk2YzM2Y2EzLzEvNS0xb0s3WmZmRnFTdGZvN1FXWHFLY0d1WmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQtZDAyZDk2YzM2Y2Ez
LzEvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVcyUMA0G
CSqGSIb3DQEBCwUAA4IBAQCV09uj2tJYKMCMXPWn+0YOmrU2/yH6H7jx69l6+bbf
GMHf2BYgAlhroRMhI4N5QuQGNZoG1YOxxcMBl+EK9CJUZi0/N7Qn3yOMUCAOTKSP
hVEBMVBvawfUiMxI1/FT1qqfwI2TtHmPkthsQMANS9yqACnFRoTxWNIFZeUlooEJ
ztoNKSttlbz7qNBN7lVp1eGGS9PeNF8GkXb65Q1YFC+14R+d9RzOEAcbp2bFmPz4
y5y4K2OtWIKG/UMZ3BBobMIRO2AKSNSSQxvwcxEvLhGUvdDzljouddqg7elTUafG
j7T+vxcFt1RcSwRI+fpijen9hZZFAXXyuO7+DkKiyuRv
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net