Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/68f178-8cec-4745-8bd8-080eb52ef458/1/S-S9p8D8sxXMsJ_gDtueVamxSCQ.roa
File: S-S9p8D8sxXMsJ_gDtueVamxSCQ.roa (raw, json)
Hash identifier: XsUxQPkJMa9qRgg/rrFRrwHV0KaNkF99TNefhqm5Hs8=
Subject key identifier: 4B:E4:BD:A7:C0:FC:B3:15:CC:B0:9F:E0:0E:DB:9E:55:A9:B1:48:24
Certificate issuer: /CN=c485c1c3921e190fbb2a40eb0e0d509f7415a0eb
Certificate serial: 0188C83088F9E5F41B76DC4DB12F75CAA8B6
Authority key identifier: C4:85:C1:C3:92:1E:19:0F:BB:2A:40:EB:0E:0D:50:9F:74:15:A0:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xIXBw5IeGQ-7KkDrDg1Qn3QVoOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/68f178-8cec-4745-8bd8-080eb52ef458/1/S-S9p8D8sxXMsJ_gDtueVamxSCQ.roa
Signing time: Sat 17 Jun 2023 07:10:03 +0000
ROA not before: Sat 17 Jun 2023 07:10:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62440
IP address blocks: 185.35.129.0/24 maxlen: 24
185.35.128.0/24 maxlen: 24
185.35.128.0/22 maxlen: 22
185.35.131.0/24 maxlen: 24
185.35.130.0/24 maxlen: 24
212.94.30.0/24 maxlen: 24
212.94.29.0/24 maxlen: 24
212.94.25.0/24 maxlen: 24
212.94.31.0/24 maxlen: 24
212.94.27.0/24 maxlen: 24
212.94.26.0/24 maxlen: 24
212.94.28.0/24 maxlen: 24
212.94.16.0/24 maxlen: 24
212.94.16.0/20 maxlen: 20
212.94.17.0/24 maxlen: 24
212.94.23.0/24 maxlen: 24
212.94.22.0/24 maxlen: 24
212.94.18.0/24 maxlen: 24
212.94.24.0/24 maxlen: 24
212.94.20.0/24 maxlen: 24
212.94.19.0/24 maxlen: 24
212.94.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c8:30:88:f9:e5:f4:1b:76:dc:4d:b1:2f:75:ca:a8:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c485c1c3921e190fbb2a40eb0e0d509f7415a0eb
Validity
Not Before: Jun 17 07:10:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4be4bda7c0fcb315ccb09fe00edb9e55a9b14824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1e:49:b4:57:b9:48:16:1c:6e:50:d6:63:bc:
50:a7:81:d1:cd:a9:c5:d2:1a:87:94:0f:77:ec:a8:
44:a5:69:a4:61:88:10:51:ab:6a:fd:e9:7a:dd:9a:
42:69:c1:6c:fe:ff:a9:13:6e:ae:22:02:f5:3d:7a:
94:9c:d9:16:cf:19:b8:65:de:3b:7a:40:d1:c6:d7:
55:84:02:42:4a:c1:3e:2d:01:f3:76:3d:a9:98:b7:
0e:bf:64:2d:6c:8e:72:6c:67:aa:aa:61:74:bd:0e:
03:3a:ac:66:0e:19:c5:5c:32:2d:5a:e0:cf:33:97:
ec:b9:be:81:a0:89:07:27:ed:e7:b7:1e:08:c1:23:
22:54:d7:a3:f1:83:89:1b:3d:97:3c:4c:73:6d:cc:
f6:f6:4a:72:71:09:ef:3d:da:fd:40:0b:aa:20:aa:
45:7c:34:eb:4c:c7:a6:f4:d0:57:2f:09:74:75:6a:
ae:6b:18:4b:2f:c1:10:df:34:0f:e5:bc:ee:b8:69:
f9:e5:82:32:ba:a3:38:25:a0:3b:38:f8:2a:a3:5d:
fb:6e:45:9c:26:19:2e:94:48:99:0c:30:90:af:ce:
3d:b0:90:a6:2b:f5:6a:55:18:79:96:1d:4a:6b:b4:
2b:10:8e:bd:fc:5b:36:91:b6:8c:1e:71:9e:cc:ff:
b0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E4:BD:A7:C0:FC:B3:15:CC:B0:9F:E0:0E:DB:9E:55:A9:B1:48:24
X509v3 Authority Key Identifier:
keyid:C4:85:C1:C3:92:1E:19:0F:BB:2A:40:EB:0E:0D:50:9F:74:15:A0:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xIXBw5IeGQ-7KkDrDg1Qn3QVoOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/68f178-8cec-4745-8bd8-080eb52ef458/1/S-S9p8D8sxXMsJ_gDtueVamxSCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/68f178-8cec-4745-8bd8-080eb52ef458/1/xIXBw5IeGQ-7KkDrDg1Qn3QVoOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.128.0/22
212.94.16.0/20
Signature Algorithm: sha256WithRSAEncryption
25:45:2e:eb:fd:40:ec:29:14:6c:9b:d9:b4:7c:90:d0:98:b6:
9c:8f:ee:92:ed:52:a8:b4:1a:9a:3d:50:ad:9d:76:56:dd:78:
34:70:03:cd:8b:ce:6d:eb:87:2e:a7:7a:84:74:50:8d:9f:82:
4f:da:c9:d7:5d:17:5f:67:c5:a7:27:a0:c2:b3:d3:5d:8f:73:
ee:bf:fa:9f:0f:0c:ca:49:45:d9:8f:7a:d3:52:ac:25:94:1a:
46:f2:2f:55:5f:05:0e:4e:e9:55:54:ee:40:fb:f4:a8:ac:0b:
74:f0:a2:7f:c3:28:85:e4:6f:fc:4a:a0:ee:68:2c:11:1b:27:
85:3e:f3:95:53:74:f6:96:e7:aa:22:6e:57:0a:3e:46:11:a6:
65:c2:7a:c3:42:85:60:cd:4f:9b:c8:24:ea:53:22:8f:04:1d:
f7:03:52:48:75:80:d7:73:b7:b8:73:14:99:4b:9e:5b:7d:2e:
41:92:da:df:f6:f6:b1:88:12:e8:69:a1:b9:ec:01:49:23:bd:
4f:7d:20:41:eb:24:f6:2e:94:1a:5d:ed:be:83:84:5f:06:6d:
4b:a5:e2:bb:4d:05:d5:d1:cc:62:e9:83:14:68:03:2b:89:64:
96:46:38:d4:ec:0e:a5:e4:f9:61:48:07:03:b9:fb:cc:71:96:
c3:ec:f6:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjIMIj55fQbdtxNsS91yqi2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ODVjMWMzOTIxZTE5MGZiYjJhNDBlYjBlMGQ1MDlmNzQx
NWEwZWIwHhcNMjMwNjE3MDcxMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmU0YmRhN2MwZmNiMzE1Y2NiMDlmZTAwZWRiOWU1NWE5YjE0ODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB5JtFe5SBYcblDWY7xQp4HRzanF
0hqHlA937KhEpWmkYYgQUatq/el63ZpCacFs/v+pE26uIgL1PXqUnNkWzxm4Zd47
ekDRxtdVhAJCSsE+LQHzdj2pmLcOv2QtbI5ybGeqqmF0vQ4DOqxmDhnFXDItWuDP
M5fsub6BoIkHJ+3ntx4IwSMiVNej8YOJGz2XPExzbcz29kpycQnvPdr9QAuqIKpF
fDTrTMem9NBXLwl0dWquaxhLL8EQ3zQP5bzuuGn55YIyuqM4JaA7OPgqo137bkWc
JhkulEiZDDCQr849sJCmK/VqVRh5lh1Ka7QrEI69/Fs2kbaMHnGezP+wRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEvkvafA/LMVzLCf4A7bnlWpsUgkMB8GA1UdIwQY
MBaAFMSFwcOSHhkPuypA6w4NUJ90FaDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveElYQnc1SWVHUS03S2tEckRnMVFuM1FWb09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi82OGYxNzgtOGNlYy00NzQ1LThiZDgt
MDgwZWI1MmVmNDU4LzEvUy1TOXA4RDhzeFhNc0pfZ0R0dWVWYW14U0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi82OGYxNzgtOGNlYy00NzQ1LThiZDgtMDgwZWI1MmVmNDU4
LzEveElYQnc1SWVHUS03S2tEckRnMVFuM1FWb09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSOAAwQE
1F4QMA0GCSqGSIb3DQEBCwUAA4IBAQAlRS7r/UDsKRRsm9m0fJDQmLacj+6S7VKo
tBqaPVCtnXZW3Xg0cAPNi85t64cup3qEdFCNn4JP2snXXRdfZ8WnJ6DCs9Ndj3Pu
v/qfDwzKSUXZj3rTUqwllBpG8i9VXwUOTulVVO5A+/SorAt08KJ/wyiF5G/8SqDu
aCwRGyeFPvOVU3T2lueqIm5XCj5GEaZlwnrDQoVgzU+byCTqUyKPBB33A1JIdYDX
c7e4cxSZS55bfS5Bktrf9vaxiBLoaaG57AFJI71PfSBB6yT2LpQaXe2+g4RfBm1L
peK7TQXV0cxi6YMUaAMriWSWRjjU7A6l5PlhSAcDufvMcZbD7PZo
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:13:17 2025 by rpki-client