Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/t0GTs6yAnpDt4XadQW_yUjBuxh8.roa
File: t0GTs6yAnpDt4XadQW_yUjBuxh8.roa (raw, json)
Hash identifier: glXjbQ82pMc8XAbraQ/DMcTckzj7uW4TVkKEeGKe4kQ=
Subject key identifier: B7:41:93:B3:AC:80:9E:90:ED:E1:76:9D:41:6F:F2:52:30:6E:C6:1F
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2E50C18A4CF41AEF5FD4A1C306F73
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/t0GTs6yAnpDt4XadQW_yUjBuxh8.roa
Signing time: Thu 02 Jan 2025 01:48:11 +0000
ROA not before: Thu 02 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 85.254.29.0/24 maxlen: 24
85.254.178.0/23 maxlen: 23
159.148.131.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:e5:0c:18:a4:cf:41:ae:f5:fd:4a:1c:30:6f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b74193b3ac809e90ede1769d416ff252306ec61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7a:98:d3:56:93:ed:73:84:04:7b:48:9e:fc:
5d:c3:0a:e5:5e:79:21:f5:36:bc:95:96:91:b9:1b:
c1:14:12:63:69:69:3f:09:f8:67:5d:f1:8e:1e:53:
04:bc:5a:c8:4d:d6:70:63:df:28:eb:30:60:9d:30:
2e:9b:3f:d5:4d:25:c1:11:24:de:d2:21:3d:55:39:
39:6d:66:a9:f2:04:87:6d:8c:3d:e2:4d:ac:2a:11:
15:6a:27:27:cb:ae:2e:21:7c:2a:a3:c2:91:c9:68:
83:89:36:74:31:10:59:20:72:d5:c6:2b:5b:3a:b2:
57:3e:4f:f7:af:09:44:49:78:77:d3:38:de:53:b2:
c1:9a:27:fd:6a:22:92:09:b7:fa:4a:85:26:b0:a0:
a0:01:76:9b:a8:22:99:7c:cd:4c:8b:d0:19:e8:6d:
ec:1c:d1:7f:1d:5a:cd:55:f0:68:2e:ef:bd:0d:c3:
91:fa:22:dd:69:64:5f:99:ba:f7:21:7a:80:0a:09:
31:52:de:00:54:0b:68:5b:ea:7a:c3:bd:e3:24:e3:
f7:a3:52:6a:0a:16:1e:ef:45:db:35:02:b4:b2:d8:
e2:af:77:8c:2e:b4:d0:1c:c3:ae:8a:b4:13:e4:e0:
ed:1e:89:4d:d8:7a:4b:24:08:0b:53:a6:a9:bd:8b:
d5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:41:93:B3:AC:80:9E:90:ED:E1:76:9D:41:6F:F2:52:30:6E:C6:1F
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/t0GTs6yAnpDt4XadQW_yUjBuxh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.29.0/24
85.254.178.0/23
159.148.131.0/24
159.148.169.0/24
159.148.177.0/24
185.27.92.0/23
185.27.95.0/24
Signature Algorithm: sha256WithRSAEncryption
20:2a:64:c6:be:e4:15:4b:a7:f7:b6:62:12:29:dd:bb:58:64:
d8:f9:94:42:05:12:3d:f8:c1:ad:2c:83:91:12:af:28:14:95:
57:a6:6a:c0:be:06:01:50:a8:d5:32:bb:b4:55:6d:84:8f:0b:
b0:ab:99:6b:a6:a6:4c:42:39:a7:32:1b:c2:3e:dc:26:fa:8e:
3f:e8:aa:19:09:fb:f6:e6:6d:d9:80:67:fd:60:54:bf:e6:9f:
8c:d2:55:c5:13:66:86:47:7d:2a:00:e8:53:72:38:93:73:e0:
a8:d3:92:44:b5:32:69:2d:02:94:20:00:05:d0:e7:da:e3:be:
53:de:e6:3b:33:8e:cf:1c:ec:18:d1:63:0a:3b:5a:bb:63:98:
c9:07:85:81:b5:f7:c7:76:41:be:8e:ee:4c:f8:3b:9b:49:e3:
bf:7a:47:ba:8d:50:1b:a6:66:4d:81:5d:f8:9c:28:09:c6:54:
9d:f1:14:a9:d6:e0:86:df:b8:d6:83:7f:4c:65:0a:62:8e:6e:
ba:2d:3e:40:47:0f:80:e5:3f:89:0f:d9:33:6b:76:63:4f:07:
de:ba:a6:e4:c5:68:2d:76:16:8e:41:c8:12:c0:c1:03:b9:f4:
72:cd:51:02:4e:04:47:92:ee:39:6f:b0:c5:6c:cd:68:87:fe:
01:ca:a2:fd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQksuUMGKTPQa71/UocMG9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQxOTNiM2FjODA5ZTkwZWRlMTc2OWQ0MTZmZjI1MjMwNmVjNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nqY01aT7XOEBHtInvxdwwrlXnkh
9Ta8lZaRuRvBFBJjaWk/CfhnXfGOHlMEvFrITdZwY98o6zBgnTAumz/VTSXBESTe
0iE9VTk5bWap8gSHbYw94k2sKhEVaicny64uIXwqo8KRyWiDiTZ0MRBZIHLVxitb
OrJXPk/3rwlESXh30zjeU7LBmif9aiKSCbf6SoUmsKCgAXabqCKZfM1Mi9AZ6G3s
HNF/HVrNVfBoLu+9DcOR+iLdaWRfmbr3IXqACgkxUt4AVAtoW+p6w73jJOP3o1Jq
ChYe70XbNQK0stjir3eMLrTQHMOuirQT5ODtHolN2HpLJAgLU6apvYvVpwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLdBk7OsgJ6Q7eF2nUFv8lIwbsYfMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvdDBHVHM2eUFucER0NFhhZFFXX3lVakJ1eGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVf4dAwQB
Vf6yAwQAn5SDAwQAn5SpAwQAn5SxAwQBuRtcAwQAuRtfMA0GCSqGSIb3DQEBCwUA
A4IBAQAgKmTGvuQVS6f3tmISKd27WGTY+ZRCBRI9+MGtLIOREq8oFJVXpmrAvgYB
UKjVMru0VW2Ejwuwq5lrpqZMQjmnMhvCPtwm+o4/6KoZCfv25m3ZgGf9YFS/5p+M
0lXFE2aGR30qAOhTcjiTc+Co05JEtTJpLQKUIAAF0Ofa475T3uY7M47PHOwY0WMK
O1q7Y5jJB4WBtffHdkG+ju5M+DubSeO/eke6jVAbpmZNgV34nCgJxlSd8RSp1uCG
37jWg39MZQpijm66LT5ARw+A5T+JD9kza3ZjTwfeuqbkxWgtdhaOQcgSwMEDufRy
zVECTgRHku45b7DFbM1oh/4ByqL9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:22 2025 by rpki-client