Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/_BNYdzVBVSUeXINGJrysLOoOwfM.roa
File: _BNYdzVBVSUeXINGJrysLOoOwfM.roa (raw, json)
Hash identifier: hYn60LUqBKRakCcFPhMXiHrGnB1pZCgNDpIpAl6eI3k=
Subject key identifier: FC:13:58:77:35:41:55:25:1E:5C:83:46:26:BC:AC:2C:EA:0E:C1:F3
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 019589AE80D60945A7EB3427BAD8156267DA
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/_BNYdzVBVSUeXINGJrysLOoOwfM.roa
Signing time: Wed 12 Mar 2025 09:27:49 +0000
ROA not before: Wed 12 Mar 2025 09:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
216.252.180.0/24 maxlen: 24
216.252.182.0/24 maxlen: 24
216.252.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:ae:80:d6:09:45:a7:eb:34:27:ba:d8:15:62:67:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Mar 12 09:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc135877354155251e5c834626bcac2cea0ec1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2c:f6:4c:c4:bf:79:29:ab:d4:a0:14:a1:da:
1a:9b:7f:67:66:fd:a6:22:a9:52:85:1b:32:18:83:
64:ad:5d:1a:94:8f:d9:d0:1f:3f:4b:9c:55:09:3d:
80:8f:e6:02:99:13:18:7d:18:3a:c6:ec:46:8c:dd:
86:8f:77:30:84:fd:9b:4c:df:85:5e:5f:d6:0a:12:
25:31:8a:f9:40:43:73:88:11:e7:40:67:50:c2:bf:
0e:fd:81:95:7b:6d:ac:48:81:29:4c:f2:2d:48:62:
3d:b3:08:ea:1b:fb:42:56:59:8c:96:61:2a:fc:11:
ee:4e:45:7f:c3:eb:cd:e6:cd:1e:6e:12:04:e5:22:
8a:08:b2:8e:eb:bd:7f:19:23:99:6f:e1:90:67:b6:
36:bd:8d:66:8e:ca:31:5a:78:83:0f:e2:57:ab:04:
af:eb:a9:cf:4d:20:44:3a:87:6d:7f:e8:36:b0:45:
6d:21:50:12:6f:ff:34:e9:e4:b2:7d:80:58:e9:cb:
e4:ae:20:9d:04:87:22:9a:f0:42:6f:5c:26:6d:38:
7d:41:d8:d5:b4:7f:44:ed:cb:de:f2:80:1e:05:c0:
9c:9f:c6:72:f5:c8:a8:d8:64:f4:a5:16:40:f2:53:
2a:03:31:e8:86:af:21:ac:e9:e2:f1:94:b7:fd:a8:
f3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:13:58:77:35:41:55:25:1E:5C:83:46:26:BC:AC:2C:EA:0E:C1:F3
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/_BNYdzVBVSUeXINGJrysLOoOwfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.21.255
85.255.23.0-85.255.31.255
185.114.120.0/22
209.206.0.0/19
216.252.177.0-216.252.180.255
216.252.182.0/23
Signature Algorithm: sha256WithRSAEncryption
82:3f:70:e1:38:27:cc:97:bb:ba:5c:ce:91:ed:c7:50:6e:dd:
94:73:3d:c1:a2:e0:e7:b8:3b:20:16:fe:21:89:5b:d8:2d:fd:
56:57:ab:64:70:82:ef:41:b6:1f:1a:0f:4b:5a:b5:de:d9:14:
1f:89:e0:08:aa:ba:79:b3:79:a1:4a:c0:a4:54:03:5d:31:26:
28:d6:f4:74:da:93:32:52:3b:a9:be:b3:ef:0d:42:f2:6b:bf:
36:8f:45:48:94:a7:56:00:bf:99:d1:42:31:96:4a:ba:89:b0:
06:11:9c:ab:2a:e9:45:63:42:da:b4:f8:f7:48:30:cb:77:87:
99:6c:c9:a9:50:57:c3:75:00:4c:1c:f3:73:44:f7:2d:ad:d6:
3b:14:28:63:4e:74:ba:66:82:bd:c4:38:89:4e:16:d6:d8:a8:
a5:02:50:05:41:d1:26:60:a8:52:86:50:9f:02:de:26:20:fc:
7e:de:b7:47:cb:be:43:52:38:21:c4:7b:29:07:30:1f:3f:33:
9d:2a:3c:8d:09:bb:9c:08:ff:d3:68:d4:11:0e:6f:90:d9:e9:
4a:dd:6c:57:00:6f:5a:31:57:cb:e6:e8:ec:d9:5d:7c:cf:4e:
38:2f:74:f5:50:d3:94:28:d6:a0:6a:a2:4e:85:05:1e:28:35:
c7:98:8a:06
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZWJroDWCUWn6zQnutgVYmfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjUwMzEyMDkyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzEzNTg3NzM1NDE1NTI1MWU1YzgzNDYyNmJjYWMyY2VhMGVjMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiz2TMS/eSmr1KAUodoam39nZv2m
IqlShRsyGINkrV0alI/Z0B8/S5xVCT2Aj+YCmRMYfRg6xuxGjN2Gj3cwhP2bTN+F
Xl/WChIlMYr5QENziBHnQGdQwr8O/YGVe22sSIEpTPItSGI9swjqG/tCVlmMlmEq
/BHuTkV/w+vN5s0ebhIE5SKKCLKO671/GSOZb+GQZ7Y2vY1mjsoxWniDD+JXqwSv
66nPTSBEOodtf+g2sEVtIVASb/806eSyfYBY6cvkriCdBIcimvBCb1wmbTh9QdjV
tH9E7cve8oAeBcCcn8Zy9cio2GT0pRZA8lMqAzHohq8hrOni8ZS3/ajz2QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPwTWHc1QVUlHlyDRia8rCzqDsHzMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvX0JOWWR6VkJWU1VlWElOR0pyeXNMT29Pd2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBVf8QMAwD
BABV/xMDBAFV/xQwDAMEAFX/FwMEBVX/AAMEArlyeAMEBdHOADAMAwQA2PyxAwQA
2Py0AwQB2Py2MA0GCSqGSIb3DQEBCwUAA4IBAQCCP3DhOCfMl7u6XM6R7cdQbt2U
cz3BouDnuDsgFv4hiVvYLf1WV6tkcILvQbYfGg9LWrXe2RQfieAIqrp5s3mhSsCk
VANdMSYo1vR02pMyUjupvrPvDULya782j0VIlKdWAL+Z0UIxlkq6ibAGEZyrKulF
Y0LatPj3SDDLd4eZbMmpUFfDdQBMHPNzRPctrdY7FChjTnS6ZoK9xDiJThbW2Kil
AlAFQdEmYKhShlCfAt4mIPx+3rdHy75DUjghxHspBzAfPzOdKjyNCbucCP/TaNQR
Dm+Q2elK3WxXAG9aMVfL5ujs2V18z044L3T1UNOUKNagaqJOhQUeKDXHmIoG
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:21:55 2025 by rpki-client