Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/v-FzkOfor23ZpEfwEBhRNq77PYQ.roa
File: v-FzkOfor23ZpEfwEBhRNq77PYQ.roa (raw, json)
Hash identifier: 70g9UjyCtQwjoHFmC+0L0k8nJTqUlni/8z8zZMtL+E4=
Subject key identifier: BF:E1:73:90:E7:E8:AF:6D:D9:A4:47:F0:10:18:51:36:AE:FB:3D:84
Certificate issuer: /CN=97bcbee44f4cef091985e546a6854f9ccb2ada8a
Certificate serial: 019420D5D1B36C472344BC134DC935289033
Authority key identifier: 97:BC:BE:E4:4F:4C:EF:09:19:85:E5:46:A6:85:4F:9C:CB:2A:DA:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l7y-5E9M7wkZheVGpoVPnMsq2oo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/v-FzkOfor23ZpEfwEBhRNq77PYQ.roa
Signing time: Wed 01 Jan 2025 07:47:51 +0000
ROA not before: Wed 01 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20546
IP address blocks: 185.85.0.0/24 maxlen: 24
185.85.1.0/24 maxlen: 24
185.85.2.0/24 maxlen: 24
185.85.3.0/24 maxlen: 24
185.85.3.192/27 maxlen: 27
2a05:a940::/32 maxlen: 32
2a05:a941::/32 maxlen: 32
2a05:a942::/32 maxlen: 32
2a05:a943::/32 maxlen: 32
2a05:a944::/32 maxlen: 32
2a05:a944::/48 maxlen: 48
2a05:a945::/32 maxlen: 32
2a05:a946::/32 maxlen: 32
2a05:a947::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d1:b3:6c:47:23:44:bc:13:4d:c9:35:28:90:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bcbee44f4cef091985e546a6854f9ccb2ada8a
Validity
Not Before: Jan 1 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfe17390e7e8af6dd9a447f010185136aefb3d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1f:1d:1b:38:17:9a:81:51:6d:0f:52:16:0c:
0b:ab:4c:9f:1c:e2:09:29:c7:c6:78:f8:7b:49:ed:
7d:cb:a4:96:f8:8a:e0:71:45:25:8d:98:92:7d:34:
3e:ac:4d:ad:17:53:7f:77:a8:70:72:87:24:b0:e7:
de:31:5d:be:32:ac:90:08:d2:a5:ca:16:36:f8:42:
0f:11:64:f5:07:79:f9:49:e4:20:8f:3b:ac:2b:95:
a6:ff:f5:9c:8a:23:31:8d:18:08:b3:81:0c:0c:6f:
32:07:14:bb:04:1b:3e:21:23:80:13:62:28:54:ba:
42:c0:57:a6:32:6e:3f:91:ba:a2:27:ed:61:c1:09:
59:46:c7:4b:2d:d9:3a:44:7e:33:72:eb:73:6f:de:
7f:68:04:44:41:bc:63:a4:f5:2d:3d:04:e8:99:03:
f5:8c:e6:ef:1d:17:e4:0a:de:7c:fe:2a:6c:89:93:
54:c8:9c:6d:7c:a1:0a:fc:fd:1a:a5:07:ff:e7:35:
8c:4e:d4:fb:24:aa:a0:6d:74:9a:03:89:f4:c3:22:
5c:0d:62:6d:4d:c6:81:a0:f5:d4:c4:d2:e5:58:4d:
f5:f4:8e:f3:fd:ca:a7:c8:ec:3a:54:76:11:ae:5d:
87:7e:bc:b1:69:13:0f:d7:38:75:c4:a9:d3:85:66:
75:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E1:73:90:E7:E8:AF:6D:D9:A4:47:F0:10:18:51:36:AE:FB:3D:84
X509v3 Authority Key Identifier:
keyid:97:BC:BE:E4:4F:4C:EF:09:19:85:E5:46:A6:85:4F:9C:CB:2A:DA:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l7y-5E9M7wkZheVGpoVPnMsq2oo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/v-FzkOfor23ZpEfwEBhRNq77PYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/l7y-5E9M7wkZheVGpoVPnMsq2oo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.0.0/22
IPv6:
2a05:a940::/29
Signature Algorithm: sha256WithRSAEncryption
33:9e:11:88:64:4e:d0:ee:6e:c8:bd:b7:58:ab:9e:bb:be:12:
7b:2f:1c:eb:b0:a1:bb:31:d9:bb:24:7e:40:1b:0c:cd:08:e1:
30:03:59:1c:e7:3d:d5:e1:d3:73:70:8e:5f:2d:c5:29:0d:44:
b7:2e:1b:ca:c8:96:f5:0a:ea:55:72:1d:b8:fe:89:c0:aa:08:
4b:51:94:65:38:87:24:4d:8c:ad:7b:12:2b:08:ba:ac:f7:d5:
69:63:89:22:73:45:dd:ea:0c:9a:6e:71:c0:d6:95:90:6e:39:
f0:39:04:48:8b:76:e9:fd:84:f4:9d:e0:07:31:a0:25:4c:0f:
f9:c2:20:ea:3c:88:e9:65:79:ec:5a:31:0d:a3:35:a8:15:6b:
da:2e:c2:f6:8f:6e:1f:7b:f2:69:7e:58:17:1c:8d:df:0d:0d:
f5:9f:ef:99:9d:63:ac:64:23:dd:08:fc:9c:e0:35:6c:6f:ca:
05:61:5a:7a:0a:fb:a7:19:ab:27:35:18:eb:41:7a:0e:3b:e4:
75:c8:cd:33:b3:f3:51:f3:8b:74:f0:09:a7:17:cb:f5:f6:d3:
e7:54:ec:fc:85:ae:25:f7:03:98:6e:ec:5e:b8:1f:6b:e5:cf:
d4:84:1c:3a:9a:39:9a:dd:85:87:29:e0:08:ea:b0:4d:ee:78:
83:ed:fe:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1dGzbEcjRLwTTck1KJAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmNiZWU0NGY0Y2VmMDkxOTg1ZTU0NmE2ODU0ZjljY2Iy
YWRhOGEwHhcNMjUwMTAxMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmUxNzM5MGU3ZThhZjZkZDlhNDQ3ZjAxMDE4NTEzNmFlZmIzZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwB8dGzgXmoFRbQ9SFgwLq0yfHOIJ
KcfGePh7Se19y6SW+IrgcUUljZiSfTQ+rE2tF1N/d6hwcocksOfeMV2+MqyQCNKl
yhY2+EIPEWT1B3n5SeQgjzusK5Wm//WciiMxjRgIs4EMDG8yBxS7BBs+ISOAE2Io
VLpCwFemMm4/kbqiJ+1hwQlZRsdLLdk6RH4zcutzb95/aAREQbxjpPUtPQTomQP1
jObvHRfkCt58/ipsiZNUyJxtfKEK/P0apQf/5zWMTtT7JKqgbXSaA4n0wyJcDWJt
TcaBoPXUxNLlWE319I7z/cqnyOw6VHYRrl2HfryxaRMP1zh1xKnThWZ1nQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL/hc5Dn6K9t2aRH8BAYUTau+z2EMB8GA1UdIwQY
MBaAFJe8vuRPTO8JGYXlRqaFT5zLKtqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDd5LTVFOU03d2taaGVWR3BvVlBuTXNxMm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wYjJlZWYtNzVlOS00M2IyLTkwODgt
ODMwM2FkMTM3MWRkLzEvdi1GemtPZm9yMjNacEVmd0VCaFJOcTc3UFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wYjJlZWYtNzVlOS00M2IyLTkwODgtODMwM2FkMTM3MWRk
LzEvbDd5LTVFOU03d2taaGVWR3BvVlBuTXNxMm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVUAMA0E
AgACMAcDBQMqBalAMA0GCSqGSIb3DQEBCwUAA4IBAQAznhGIZE7Q7m7IvbdYq567
vhJ7LxzrsKG7Mdm7JH5AGwzNCOEwA1kc5z3V4dNzcI5fLcUpDUS3LhvKyJb1CupV
ch24/onAqghLUZRlOIckTYytexIrCLqs99VpY4kic0Xd6gyabnHA1pWQbjnwOQRI
i3bp/YT0neAHMaAlTA/5wiDqPIjpZXnsWjENozWoFWvaLsL2j24fe/JpflgXHI3f
DQ31n++ZnWOsZCPdCPyc4DVsb8oFYVp6CvunGasnNRjrQXoOO+R1yM0zs/NR84t0
8AmnF8v19tPnVOz8ha4l9wOYbuxeuB9r5c/UhBw6mjma3YWHKeAI6rBN7niD7f5a
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:53:19 2025 by rpki-client