Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Ab0KrkCX4bonQlfPusdrmlxNaOM.roa
File: Ab0KrkCX4bonQlfPusdrmlxNaOM.roa (raw, json)
Hash identifier: FqrT6IgjJi4VbO0sT+ZhF40qbHQ6yLB4WUIg0oNkYbA=
Subject key identifier: 01:BD:0A:AE:40:97:E1:BA:27:42:57:CF:BA:C7:6B:9A:5C:4D:68:E3
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0193B62733D9AFB4137A711F9A365CAB7757
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Ab0KrkCX4bonQlfPusdrmlxNaOM.roa
Signing time: Wed 11 Dec 2024 14:37:22 +0000
ROA not before: Wed 11 Dec 2024 14:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29262
IP address blocks: 185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:27:33:d9:af:b4:13:7a:71:1f:9a:36:5c:ab:77:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Dec 11 14:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01bd0aae4097e1ba274257cfbac76b9a5c4d68e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:16:fc:63:54:1b:f7:ec:b1:72:7f:90:de:42:
86:5f:6e:13:aa:8c:df:55:38:36:80:10:1e:3e:f2:
01:a5:32:8d:c5:72:8e:c5:cb:5e:b4:ac:e2:d3:0c:
ce:83:15:ae:85:64:1d:39:6a:48:84:dc:e2:b4:95:
74:49:6b:d1:63:bf:2d:af:f2:3f:ff:3f:a6:8b:6f:
96:db:ac:58:e8:b1:9d:bd:51:49:29:d6:00:2d:41:
20:46:fc:a5:9e:23:e0:8b:12:df:25:b1:c0:b4:8c:
ee:bf:ea:60:eb:8f:09:f5:2e:55:70:08:79:fa:43:
22:0a:7d:a8:3d:aa:df:65:7d:a0:ec:a6:4b:29:14:
77:a8:82:3c:6d:92:10:f4:e1:cc:2f:c6:3c:e8:c5:
98:05:bf:51:69:1e:c0:0d:29:d6:66:80:72:06:66:
47:a1:8e:4d:0b:04:ad:0c:9c:3f:fa:46:a5:31:8d:
fd:ab:4e:ae:db:d4:2b:67:34:73:c9:69:88:67:10:
b3:96:64:12:3e:1b:f9:e7:f0:de:c9:95:6c:46:5c:
1c:ee:8b:e1:92:49:52:04:7b:f8:71:8c:a8:5b:6d:
9a:5a:0e:7b:22:76:d0:db:b2:61:cd:3f:d4:c6:5d:
0b:da:80:67:a6:c8:11:73:a9:e7:3e:04:ed:db:ad:
3a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BD:0A:AE:40:97:E1:BA:27:42:57:CF:BA:C7:6B:9A:5C:4D:68:E3
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Ab0KrkCX4bonQlfPusdrmlxNaOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
IPv6:
2a0b:6780::/29
2a0c:67c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:a9:a8:b2:50:40:86:2b:dc:34:79:ed:ff:e4:3b:29:9d:29:
87:82:0a:fc:9d:f1:a0:cb:87:aa:dd:dd:6d:dd:dd:01:bb:bd:
14:d7:b2:4e:16:03:24:47:f7:4a:99:23:97:f2:68:b1:da:ca:
98:ab:d9:8a:c3:fb:fb:ed:b1:b7:4c:f1:6c:72:a1:3a:83:8e:
74:a1:89:ca:a4:cc:fc:e5:b8:4a:28:dc:c1:e4:d3:fe:a4:09:
d6:8c:30:47:26:a7:b6:8d:c9:0e:fc:7d:ee:ef:74:11:45:1b:
20:d8:f1:c4:80:08:3e:0f:26:e7:c6:34:3d:a5:84:e2:24:87:
7e:68:f8:cc:a2:ea:3b:26:5e:80:8d:4e:ed:e6:98:c9:94:28:
29:9b:35:47:c4:c0:85:48:03:75:dc:3e:25:6e:13:f9:17:2d:
5a:a8:57:45:09:ef:41:98:b6:c9:c8:6a:12:64:7b:17:9f:cf:
3f:f4:f6:f4:51:c4:1a:31:0c:7b:ed:1c:44:2c:3f:fd:89:e6:
b4:2c:a3:ac:2c:44:70:c0:81:02:39:1d:da:3f:33:4d:31:cf:
d6:03:dc:ae:47:b8:63:2f:b6:6e:a5:41:4e:dd:db:f2:73:4b:
60:48:9c:ad:8c:5c:08:81:41:5d:53:4f:6b:5e:64:af:7f:7e:
66:45:a9:0f
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZO2JzPZr7QTenEfmjZcq3dXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQxMjExMTQzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJkMGFhZTQwOTdlMWJhMjc0MjU3Y2ZiYWM3NmI5YTVjNGQ2OGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhb8Y1Qb9+yxcn+Q3kKGX24Tqozf
VTg2gBAePvIBpTKNxXKOxctetKzi0wzOgxWuhWQdOWpIhNzitJV0SWvRY78tr/I/
/z+mi2+W26xY6LGdvVFJKdYALUEgRvylniPgixLfJbHAtIzuv+pg648J9S5VcAh5
+kMiCn2oParfZX2g7KZLKRR3qII8bZIQ9OHML8Y86MWYBb9RaR7ADSnWZoByBmZH
oY5NCwStDJw/+kalMY39q06u29QrZzRzyWmIZxCzlmQSPhv55/DeyZVsRlwc7ovh
kklSBHv4cYyoW22aWg57InbQ27JhzT/Uxl0L2oBnpsgRc6nnPgTt2606KwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFAG9Cq5Al+G6J0JXz7rHa5pcTWjjMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvQWIwS3JrQ1g0Ym9uUWxmUHVzZHJtbHhOYU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBuBAIAATBoMAwDBAC5
Vb0DBAa5VYAwDAMEALlV7QMEBLlV4AMEALlWBQMEALlWDTAMAwQAuVaZAwQAuVaa
AwQCuVakAwQAuVcYAwQBuVcaMAwDBAC5V3kDBAK5V3gDBAC5YjwDBAK5d1ADBAC5
jSAwFAQCAAIwDgMFAyoLZ4ADBQMqDGfAMA0GCSqGSIb3DQEBCwUAA4IBAQB1qaiy
UECGK9w0ee3/5DspnSmHggr8nfGgy4eq3d1t3d0Bu70U17JOFgMkR/dKmSOX8mix
2sqYq9mKw/v77bG3TPFscqE6g450oYnKpMz85bhKKNzB5NP+pAnWjDBHJqe2jckO
/H3u73QRRRsg2PHEgAg+DybnxjQ9pYTiJId+aPjMouo7Jl6AjU7t5pjJlCgpmzVH
xMCFSAN13D4lbhP5Fy1aqFdFCe9BmLbJyGoSZHsXn88/9Pb0UcQaMQx77RxELD/9
iea0LKOsLERwwIECOR3aPzNNMc/WA9yuR7hjL7ZupUFO3dvyc0tgSJytjFwIgUFd
U09rXmSvf35mRakP
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:00:16 2025 by rpki-client