Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/85iSxDTL8_hFxCz_p-SgtgMM1uM.roa
File: 85iSxDTL8_hFxCz_p-SgtgMM1uM.roa (raw, json)
Hash identifier: tc60rk8NOLgo7Z+pkVFwiailtaupBzltQQFGJL/MBiU=
Subject key identifier: F3:98:92:C4:34:CB:F3:F8:45:C4:2C:FF:A7:E4:A0:B6:03:0C:D6:E3
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC80149C814E65D7A75EAF32327997802
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/85iSxDTL8_hFxCz_p-SgtgMM1uM.roa
Signing time: Tue 02 Jan 2024 02:29:36 +0000
ROA not before: Tue 02 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34872
IP address blocks: 62.3.50.0/24 maxlen: 24
45.154.97.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b641:540::/44 maxlen: 48
2a0c:b641:30::/44 maxlen: 48
2a0c:b641:10::/44 maxlen: 48
2a0f:8400::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b640::/32 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:49:c8:14:e6:5d:7a:75:ea:f3:23:27:99:78:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f39892c434cbf3f845c42cffa7e4a0b6030cd6e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:42:2a:a0:8b:f6:39:cc:1c:dc:1f:40:c5:6a:
ca:5c:15:24:b7:4a:53:b8:88:9a:52:01:49:1e:ef:
cc:db:c9:66:66:33:61:5c:53:97:0e:f7:b4:23:5b:
c6:ca:ba:ec:4c:72:31:fc:88:4e:fb:d9:66:ce:12:
40:75:81:df:af:ce:16:6c:d3:38:2c:68:ca:02:5b:
d0:61:1d:a5:ac:48:91:7c:52:4d:84:09:1a:17:6f:
81:3f:26:33:f5:33:a6:f6:82:89:92:29:ad:37:95:
b5:8d:c4:b1:c4:35:b5:f6:31:2b:ea:05:d1:3c:90:
b7:4e:32:e3:57:1d:ff:52:c4:bb:d4:b5:75:71:20:
12:3c:ba:ad:3c:93:9e:8c:9a:e3:64:87:6c:dc:04:
7a:0c:fb:7e:10:11:8d:7f:75:a4:26:68:54:f5:27:
b1:22:12:e6:7d:01:44:ca:31:05:73:27:d1:46:a1:
07:73:1e:d6:c5:5b:18:57:23:fc:97:ce:cd:37:df:
0f:c3:11:9f:11:3d:a4:19:72:7b:60:d1:71:82:e0:
c4:5f:5c:53:38:72:2a:cc:34:34:4a:cd:d3:47:61:
28:6c:86:e3:1a:26:ee:13:61:11:21:a9:b9:cc:0f:
41:71:38:fe:58:4a:48:24:7a:6c:68:bc:b5:cb:e6:
7d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:98:92:C4:34:CB:F3:F8:45:C4:2C:FF:A7:E4:A0:B6:03:0C:D6:E3
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/85iSxDTL8_hFxCz_p-SgtgMM1uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:30::/44
2a0c:b641:540::/44
2a0c:b641:70f::/48
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
03:00:76:cc:02:5f:c4:ca:5f:f7:66:91:71:fe:71:d8:cb:a4:
a2:67:5c:b1:7e:77:d7:40:3e:c7:53:ec:f5:db:8f:b5:a1:87:
29:b6:f3:5f:0b:71:5e:56:05:06:16:28:3c:01:88:01:4e:6c:
cb:4f:a8:97:e8:7f:ce:db:5e:a8:4d:e3:a1:37:57:4d:6b:58:
34:c8:4e:22:3b:38:d9:fb:ed:e0:18:01:33:6e:90:f1:84:f1:
b3:c8:cd:66:ab:d9:70:fb:3d:c4:7d:81:50:49:54:dc:1c:4d:
3f:ef:7f:ab:61:b5:5b:f3:d3:e0:34:97:9e:d9:0f:2e:2c:96:
79:b4:16:0b:99:9d:0c:bf:16:9a:82:70:77:a3:fc:6b:2e:4f:
e7:0f:d0:3f:9b:c1:0b:77:e1:33:c0:2a:f2:51:ae:50:43:4e:
94:6e:72:c6:00:60:1c:f5:c6:5c:15:b8:73:9b:63:3d:45:b0:
14:23:19:da:b8:e4:2b:a6:5c:8e:f1:db:e6:04:fb:bb:19:cb:
62:f5:69:80:1d:f5:03:2b:de:14:31:16:e3:cc:b8:67:e0:f9:
e5:60:13:f2:89:89:a8:db:43:d3:9d:89:fe:4b:92:22:ba:d1:
6a:6d:b3:15:0a:c7:a4:bd:4c:a5:d4:76:b1:f9:46:85:b4:16:
37:5b:5c:ba
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzIAUnIFOZdenXq8yMnmXgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk4OTJjNDM0Y2JmM2Y4NDVjNDJjZmZhN2U0YTBiNjAzMGNkNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkIqoIv2Ocwc3B9AxWrKXBUkt0pT
uIiaUgFJHu/M28lmZjNhXFOXDve0I1vGyrrsTHIx/IhO+9lmzhJAdYHfr84WbNM4
LGjKAlvQYR2lrEiRfFJNhAkaF2+BPyYz9TOm9oKJkimtN5W1jcSxxDW19jEr6gXR
PJC3TjLjVx3/UsS71LV1cSASPLqtPJOejJrjZIds3AR6DPt+EBGNf3WkJmhU9Sex
IhLmfQFEyjEFcyfRRqEHcx7WxVsYVyP8l87NN98PwxGfET2kGXJ7YNFxguDEX1xT
OHIqzDQ0Ss3TR2EobIbjGibuE2ERIam5zA9BcTj+WEpIJHpsaLy1y+Z9WQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPOYksQ0y/P4RcQs/6fkoLYDDNbjMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvODVpU3hEVEw4X2hGeEN6X3AtU2d0Z01NMXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAYBAIAATASAwQALZphAwQA
PgMyAwQBwhxiMDoEAgACMDQwEAMFBioMtkADBwUqDLZBAAADBwQqDLZBADADBwQq
DLZBBUADBwAqDLZBBw8DBQAqD4QAMA0GCSqGSIb3DQEBCwUAA4IBAQADAHbMAl/E
yl/3ZpFx/nHYy6SiZ1yxfnfXQD7HU+z124+1oYcptvNfC3FeVgUGFig8AYgBTmzL
T6iX6H/O216oTeOhN1dNa1g0yE4iOzjZ++3gGAEzbpDxhPGzyM1mq9lw+z3EfYFQ
SVTcHE0/73+rYbVb89PgNJee2Q8uLJZ5tBYLmZ0MvxaagnB3o/xrLk/nD9A/m8EL
d+EzwCryUa5QQ06UbnLGAGAc9cZcFbhzm2M9RbAUIxnauOQrplyO8dvmBPu7Gcti
9WmAHfUDK94UMRbjzLhn4PnlYBPyiYmo20PTnYn+S5IiutFqbbMVCsekvUyl1Hax
+UaFtBY3W1y6
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:43:30 2025 by rpki-client