Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/a2LPGgxPjRCbhaJ0YGzULw_WeNY.roa
File: a2LPGgxPjRCbhaJ0YGzULw_WeNY.roa (raw, json)
Hash identifier: QeF0qyF95005Hf/S76ieO1ADkMFOqu6YyBBMEn+NArk=
Subject key identifier: 6B:62:CF:1A:0C:4F:8D:10:9B:85:A2:74:60:6C:D4:2F:0F:D6:78:D6
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019463B0FF2E51CB4B3E054A7DC21E549781
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/a2LPGgxPjRCbhaJ0YGzULw_WeNY.roa
Signing time: Tue 14 Jan 2025 07:22:11 +0000
ROA not before: Tue 14 Jan 2025 07:22:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
85.239.149.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:63:b0:ff:2e:51:cb:4b:3e:05:4a:7d:c2:1e:54:97:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 14 07:22:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b62cf1a0c4f8d109b85a274606cd42f0fd678d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9e:32:bf:bb:5c:4a:77:f9:44:c6:99:4f:72:
56:3c:4d:b5:c7:d9:b2:8a:ea:22:e2:2e:11:6e:0c:
33:45:a6:32:6c:3b:0d:17:4c:fa:bf:ad:e0:08:0d:
2f:51:45:01:83:fe:0a:8b:36:6b:94:d8:e9:22:82:
34:75:4c:5b:94:14:94:9c:05:39:a0:58:fa:4a:40:
1f:07:76:5c:bd:d8:c4:26:58:eb:d3:ce:6b:de:7d:
07:eb:cf:9c:f6:96:97:2f:74:46:e5:59:cc:e2:af:
5b:88:8c:6d:16:a1:e2:02:fe:10:42:1a:6a:00:b5:
87:d2:31:2d:ea:9a:69:b8:42:7c:f4:87:ce:49:31:
ad:bd:0f:e4:db:40:fd:ff:e0:6c:bf:8e:76:ba:85:
f1:ce:60:bb:1e:62:83:9f:06:d9:60:bf:35:88:b2:
bf:a4:86:d2:bf:96:3b:15:0f:49:c5:cd:f3:f2:4a:
74:aa:3c:30:3e:87:62:67:b9:6f:15:b7:6b:f7:0c:
22:53:d6:cd:30:e9:81:a0:64:29:37:86:69:87:f8:
97:e2:63:f7:e1:97:c4:2a:71:e0:7f:0f:fe:04:18:
02:56:80:e2:59:8b:f1:34:97:4e:80:be:06:85:c0:
9b:93:e4:b4:06:13:43:d7:7f:06:e4:3a:6d:81:20:
b3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:62:CF:1A:0C:4F:8D:10:9B:85:A2:74:60:6C:D4:2F:0F:D6:78:D6
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/a2LPGgxPjRCbhaJ0YGzULw_WeNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.146.0/23
85.239.149.0/24
85.239.151.0/24
185.95.156.0/24
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
65:ce:71:8c:02:4a:4d:5c:00:c9:94:2d:89:76:dd:b7:bd:df:
04:bf:85:6b:8e:fc:e3:b2:7d:a1:1f:65:3e:4b:53:25:05:ec:
1f:3d:8b:43:de:3c:81:7d:68:e8:1e:15:80:6d:6e:47:61:49:
64:c4:57:70:70:7b:dc:8c:49:d2:0f:c4:3e:04:f9:03:93:6a:
fb:bc:ce:d2:7a:09:01:71:b5:93:ed:63:10:9c:4d:a3:ee:10:
46:1d:9a:1e:2f:de:0c:73:84:22:64:d0:bf:e1:e2:d6:15:2f:
13:3d:4c:58:55:9b:70:ee:37:8b:79:55:d2:9d:5f:27:55:78:
b6:c3:fa:47:db:31:fb:82:a4:62:6e:26:16:7b:24:67:43:89:
c0:75:c5:ac:40:b1:8c:f1:a5:1b:07:b4:8d:e7:b4:81:ff:39:
8f:0b:e0:f2:09:4d:54:90:c3:35:66:39:d8:be:02:ee:db:1a:
11:68:39:26:5e:a4:2f:3e:f1:19:93:41:87:81:13:ff:19:a6:
18:86:8e:ab:65:2d:cd:db:50:5b:57:a7:9f:45:96:f0:70:d4:
71:f0:d5:c5:32:a3:e0:4e:a7:03:bc:c5:01:bf:a7:a2:a8:fa:
8b:0c:51:fb:fb:10:b5:91:70:84:b3:dc:4d:f1:92:e3:96:0b:
e9:98:d7:e4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRjsP8uUctLPgVKfcIeVJeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMTE0MDcyMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjYyY2YxYTBjNGY4ZDEwOWI4NWEyNzQ2MDZjZDQyZjBmZDY3OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ4yv7tcSnf5RMaZT3JWPE21x9my
iuoi4i4RbgwzRaYybDsNF0z6v63gCA0vUUUBg/4KizZrlNjpIoI0dUxblBSUnAU5
oFj6SkAfB3ZcvdjEJljr085r3n0H68+c9paXL3RG5VnM4q9biIxtFqHiAv4QQhpq
ALWH0jEt6pppuEJ89IfOSTGtvQ/k20D9/+Bsv452uoXxzmC7HmKDnwbZYL81iLK/
pIbSv5Y7FQ9Jxc3z8kp0qjwwPodiZ7lvFbdr9wwiU9bNMOmBoGQpN4Zph/iX4mP3
4ZfEKnHgfw/+BBgCVoDiWYvxNJdOgL4GhcCbk+S0BhND138G5DptgSCzZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGtizxoMT40Qm4WidGBs1C8P1njWMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvYTJMUEdneFBqUkNiaGFKMFlHelVMd19XZU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVe+QAwQB
Ve+SAwQAVe+VAwQAVe+XAwQAuV+cAwQAuV+fMA0GCSqGSIb3DQEBCwUAA4IBAQBl
znGMAkpNXADJlC2Jdt23vd8Ev4Vrjvzjsn2hH2U+S1MlBewfPYtD3jyBfWjoHhWA
bW5HYUlkxFdwcHvcjEnSD8Q+BPkDk2r7vM7SegkBcbWT7WMQnE2j7hBGHZoeL94M
c4QiZNC/4eLWFS8TPUxYVZtw7jeLeVXSnV8nVXi2w/pH2zH7gqRibiYWeyRnQ4nA
dcWsQLGM8aUbB7SN57SB/zmPC+DyCU1UkMM1ZjnYvgLu2xoRaDkmXqQvPvEZk0GH
gRP/GaYYho6rZS3N21BbV6efRZbwcNRx8NXFMqPgTqcDvMUBv6eiqPqLDFH7+xC1
kXCEs9xN8ZLjlgvpmNfk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:32 2025 by rpki-client