Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/sId5K04MuNzDrV7JjoafXNRATrU.roa
File: sId5K04MuNzDrV7JjoafXNRATrU.roa (raw, json)
Hash identifier: c9K2d3wbOg2QoEGGWWmmlRXcKof1alf7zD4SEHKIWBQ=
Subject key identifier: B0:87:79:2B:4E:0C:B8:DC:C3:AD:5E:C9:8E:86:9F:5C:D4:40:4E:B5
Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Certificate serial: 019422FBDF39E9304D9119648B469A4E7476
Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/sId5K04MuNzDrV7JjoafXNRATrU.roa
Signing time: Wed 01 Jan 2025 17:48:39 +0000
ROA not before: Wed 01 Jan 2025 17:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51405
IP address blocks: 85.208.4.0/22 maxlen: 24
2a09:8840::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:df:39:e9:30:4d:91:19:64:8b:46:9a:4e:74:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Validity
Not Before: Jan 1 17:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b087792b4e0cb8dcc3ad5ec98e869f5cd4404eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:44:43:61:c7:8a:b9:c9:e4:ba:21:33:0e:24:
46:6e:54:67:ac:1f:c1:a5:82:12:d2:46:b5:c6:e3:
d2:9d:89:c9:cf:04:00:38:15:6e:be:e7:65:7f:f7:
fb:3c:82:48:90:17:5a:1f:97:87:ad:2d:96:cf:b9:
36:da:ea:41:51:7f:b6:ae:4d:1a:6a:b1:6d:7f:ea:
71:07:94:09:e1:45:55:c9:cf:27:e8:48:ad:e1:2b:
de:60:07:57:c2:04:de:ff:49:94:b8:3d:ab:c2:b5:
fd:aa:e7:8d:b3:23:9d:85:82:2a:fe:04:f2:bc:e3:
64:bf:db:f3:1a:f3:f8:55:83:82:01:0e:5f:40:86:
e2:a1:97:f0:33:c6:15:84:2b:f5:32:9f:0a:9a:61:
96:b6:0f:ef:c3:98:14:dd:dd:ea:e1:36:75:ae:48:
9f:be:b3:0c:dd:df:fe:32:af:af:0a:78:37:63:41:
02:2d:5f:90:48:c0:2e:09:55:e6:94:b6:61:18:05:
01:eb:18:3b:95:29:18:51:d8:05:7b:95:8c:35:11:
e2:bf:87:51:5a:91:c4:36:44:52:0f:1f:a5:f3:83:
97:08:b7:36:89:82:eb:09:de:9f:83:42:a6:c3:0a:
e5:69:45:cf:5e:c1:50:28:b8:47:73:62:a2:51:1b:
86:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:87:79:2B:4E:0C:B8:DC:C3:AD:5E:C9:8E:86:9F:5C:D4:40:4E:B5
X509v3 Authority Key Identifier:
keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/sId5K04MuNzDrV7JjoafXNRATrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.4.0/22
IPv6:
2a09:8840::/29
Signature Algorithm: sha256WithRSAEncryption
4f:64:6b:90:4a:e2:dc:4e:3e:e2:02:a2:e9:8c:00:50:db:3b:
54:ad:32:ac:86:80:1c:d0:62:23:84:1d:f9:de:a6:62:75:c7:
96:48:48:eb:df:96:ba:df:a0:a6:18:e2:fd:11:fb:34:39:ef:
2d:62:b1:a6:90:eb:93:c1:24:a6:71:f1:e8:a4:ad:eb:22:5a:
c0:65:f4:a6:55:ce:4b:c3:c7:c9:34:9e:8e:5f:93:15:80:4b:
46:ba:c5:bd:1e:66:8a:c9:cd:88:1e:24:1b:e1:36:91:b7:de:
e0:5c:5b:69:b0:1f:3e:51:9e:81:04:05:87:7a:37:dc:50:d5:
32:0b:17:e9:9b:3e:0b:98:db:c7:2b:21:d4:94:29:35:7f:f0:
98:9e:a9:28:3e:83:a8:c6:fd:03:25:c1:8c:a0:d7:8e:82:a0:
4d:9e:8a:27:d1:05:af:0f:a0:97:19:2a:31:74:01:5d:21:9b:
2e:95:f0:3d:0e:99:b8:5d:ac:4f:cb:f0:fc:66:47:1d:47:d6:
14:b6:3c:03:25:69:1d:bf:de:42:02:cf:da:ca:4a:d9:c8:6b:
aa:fa:38:82:7f:80:32:16:0b:4f:dd:21:53:39:87:8c:19:3f:
19:6f:d5:6d:44:87:a8:df:02:d6:b3:ac:81:dd:90:6e:61:75:
0b:7b:07:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+9856TBNkRlki0aaTnR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWM3OGIzMDVmYjQ5Y2JkNDAwNWQ0NDI3YzFmNjJjNmE0
NTVhNjgwHhcNMjUwMTAxMTc0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDg3NzkyYjRlMGNiOGRjYzNhZDVlYzk4ZTg2OWY1Y2Q0NDA0ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnERDYceKucnkuiEzDiRGblRnrB/B
pYIS0ka1xuPSnYnJzwQAOBVuvudlf/f7PIJIkBdaH5eHrS2Wz7k22upBUX+2rk0a
arFtf+pxB5QJ4UVVyc8n6Eit4SveYAdXwgTe/0mUuD2rwrX9queNsyOdhYIq/gTy
vONkv9vzGvP4VYOCAQ5fQIbioZfwM8YVhCv1Mp8KmmGWtg/vw5gU3d3q4TZ1rkif
vrMM3d/+Mq+vCng3Y0ECLV+QSMAuCVXmlLZhGAUB6xg7lSkYUdgFe5WMNRHiv4dR
WpHENkRSDx+l84OXCLc2iYLrCd6fg0KmwwrlaUXPXsFQKLhHc2KiURuGWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLCHeStODLjcw61eyY6Gn1zUQE61MB8GA1UdIwQY
MBaAFJcceLMF+0nL1ABdRCfB9ixqRVpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEt
MWMyNzU4NjUxZWZhLzEvc0lkNUswNE11TnpEclY3SmpvYWZYTlJBVHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEtMWMyNzU4NjUxZWZh
LzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdAEMA0E
AgACMAcDBQMqCYhAMA0GCSqGSIb3DQEBCwUAA4IBAQBPZGuQSuLcTj7iAqLpjABQ
2ztUrTKshoAc0GIjhB353qZidceWSEjr35a636CmGOL9Efs0Oe8tYrGmkOuTwSSm
cfHopK3rIlrAZfSmVc5Lw8fJNJ6OX5MVgEtGusW9HmaKyc2IHiQb4TaRt97gXFtp
sB8+UZ6BBAWHejfcUNUyCxfpmz4LmNvHKyHUlCk1f/CYnqkoPoOoxv0DJcGMoNeO
gqBNnoon0QWvD6CXGSoxdAFdIZsulfA9Dpm4XaxPy/D8ZkcdR9YUtjwDJWkdv95C
As/aykrZyGuq+jiCf4AyFgtP3SFTOYeMGT8Zb9VtRIeo3wLWs6yB3ZBuYXULewcQ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net