Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3a9txfAIukaQX0frtviU30pkYGM.roa
File: 3a9txfAIukaQX0frtviU30pkYGM.roa (raw, json)
Hash identifier: Vmj6s6i5HgJGU/tX0jPWada9uEBamxhEPJAtc/gULeo=
Subject key identifier: DD:AF:6D:C5:F0:08:BA:46:90:5F:47:EB:B6:F8:94:DF:4A:64:60:63
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0194274728BD66AC15C3270B96EC27DDC7D6
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3a9txfAIukaQX0frtviU30pkYGM.roa
Signing time: Thu 02 Jan 2025 13:49:22 +0000
ROA not before: Thu 02 Jan 2025 13:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29262
IP address blocks: 185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:28:bd:66:ac:15:c3:27:0b:96:ec:27:dd:c7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddaf6dc5f008ba46905f47ebb6f894df4a646063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:39:ab:6f:fd:5d:6d:b8:bd:34:ff:93:1d:2c:
e7:9b:0a:73:f7:ca:3a:7e:32:d5:fa:9e:ed:8e:74:
e9:16:c6:5c:0f:74:88:f9:cf:2d:ae:48:60:ec:5f:
51:19:55:e2:c2:f8:7e:03:fb:8b:0d:2b:37:9c:04:
ea:d7:9a:0b:4c:af:1a:10:4d:b2:66:ff:f2:86:68:
dd:13:3d:f7:ee:46:f0:49:aa:4e:60:52:23:c6:51:
96:5e:1b:83:10:09:55:68:a7:00:9d:f4:b1:95:76:
41:97:3c:f9:c2:66:ea:a0:1d:bc:e4:26:d8:32:2a:
ae:d5:65:8d:02:dd:71:dd:6c:aa:72:24:9f:8f:dd:
93:4f:81:59:bc:6c:07:19:e6:eb:da:cb:74:f2:84:
ad:71:91:0a:1a:82:5a:88:60:0b:e1:07:bd:28:02:
82:37:4f:dc:9c:ba:46:16:2b:fe:ef:c2:6d:02:45:
a8:e9:1c:01:dc:40:ae:b0:96:46:e9:92:8e:bc:03:
3e:57:7a:bd:d2:49:2a:fa:65:0a:ce:c0:05:11:45:
66:7c:6c:ce:56:b5:a1:20:32:cd:cc:3b:cd:a3:76:
d5:07:c0:9f:3c:89:2c:d0:b0:2d:6c:a4:75:d2:f2:
1d:7c:3e:7e:23:6b:a8:8f:27:3e:f4:10:49:52:cb:
cd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AF:6D:C5:F0:08:BA:46:90:5F:47:EB:B6:F8:94:DF:4A:64:60:63
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3a9txfAIukaQX0frtviU30pkYGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
IPv6:
2a0b:6780::/29
2a0c:67c0::/29
Signature Algorithm: sha256WithRSAEncryption
25:2d:fe:04:d7:3f:78:40:e7:e6:1a:7a:b2:20:18:19:2c:26:
62:70:ec:18:16:5b:e3:03:c1:39:3b:47:bc:46:a0:ac:2e:bf:
f4:31:ea:1e:c7:ca:69:e8:aa:23:e9:fb:c8:a7:a9:12:0a:7d:
b7:c5:97:35:a5:c4:18:12:d3:af:d6:ef:4c:e9:e9:fe:fd:a6:
1e:32:14:b7:fd:83:aa:58:ef:cf:40:cd:86:69:e6:d7:4e:7b:
5d:0d:ae:fd:6d:56:50:c5:aa:c2:04:4a:bd:91:31:be:62:9d:
ec:74:1a:24:0f:19:e2:cc:04:87:f4:03:19:0e:8c:dc:75:3d:
e3:f8:2b:db:ef:ef:20:8f:99:97:22:14:45:97:4a:bc:5d:fa:
2b:3a:a1:29:82:4c:96:13:d3:58:7c:be:c0:22:39:11:0a:6f:
f6:58:c7:72:0b:1c:bc:d6:1c:85:c6:a5:3c:20:cc:21:32:01:
db:5a:f3:88:83:2a:5b:46:45:73:1a:00:c0:9f:80:09:3b:ca:
04:bd:3d:0a:13:72:0a:da:8f:37:b8:6e:a8:f8:20:b2:f2:b8:
08:1a:3f:61:75:ec:00:29:0f:26:e1:30:24:ad:68:8b:ab:ef:
32:80:8b:c0:92:0b:ef:b3:44:3b:d6:78:27:ad:de:63:08:8f:
8e:dd:33:ff
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQnRyi9ZqwVwycLluwn3cfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFmNmRjNWYwMDhiYTQ2OTA1ZjQ3ZWJiNmY4OTRkZjRhNjQ2MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjmrb/1dbbi9NP+THSznmwpz98o6
fjLV+p7tjnTpFsZcD3SI+c8trkhg7F9RGVXiwvh+A/uLDSs3nATq15oLTK8aEE2y
Zv/yhmjdEz337kbwSapOYFIjxlGWXhuDEAlVaKcAnfSxlXZBlzz5wmbqoB285CbY
Miqu1WWNAt1x3WyqciSfj92TT4FZvGwHGebr2st08oStcZEKGoJaiGAL4Qe9KAKC
N0/cnLpGFiv+78JtAkWo6RwB3ECusJZG6ZKOvAM+V3q90kkq+mUKzsAFEUVmfGzO
VrWhIDLNzDvNo3bVB8CfPIks0LAtbKR10vIdfD5+I2uojyc+9BBJUsvNTQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFN2vbcXwCLpGkF9H67b4lN9KZGBjMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvM2E5dHhmQUl1a2FRWDBmcnR2aVUzMHBrWUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBuBAIAATBoMAwDBAC5
Vb0DBAa5VYAwDAMEALlV7QMEBLlV4AMEALlWBQMEALlWDTAMAwQAuVaZAwQAuVaa
AwQCuVakAwQAuVcYAwQBuVcaMAwDBAC5V3kDBAK5V3gDBAC5YjwDBAK5d1ADBAC5
jSAwFAQCAAIwDgMFAyoLZ4ADBQMqDGfAMA0GCSqGSIb3DQEBCwUAA4IBAQAlLf4E
1z94QOfmGnqyIBgZLCZicOwYFlvjA8E5O0e8RqCsLr/0Meoex8pp6Koj6fvIp6kS
Cn23xZc1pcQYEtOv1u9M6en+/aYeMhS3/YOqWO/PQM2GaebXTntdDa79bVZQxarC
BEq9kTG+Yp3sdBokDxnizASH9AMZDozcdT3j+Cvb7+8gj5mXIhRFl0q8XforOqEp
gkyWE9NYfL7AIjkRCm/2WMdyCxy81hyFxqU8IMwhMgHbWvOIgypbRkVzGgDAn4AJ
O8oEvT0KE3IK2o83uG6o+CCy8rgIGj9hdewAKQ8m4TAkrWiLq+8ygIvAkgvvs0Q7
1ngnrd5jCI+O3TP/
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:34:17 2025 by rpki-client