Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/Jf85FwwWGAMm_y1gyBMRf8ZylY8.roa
File: Jf85FwwWGAMm_y1gyBMRf8ZylY8.roa (raw, json)
Hash identifier: hqLNtg3bR55HcspgRfJxtmFSYZlPqsuiPGUD5+xKsFs=
Subject key identifier: 25:FF:39:17:0C:16:18:03:26:FF:2D:60:C8:13:11:7F:C6:72:95:8F
Certificate issuer: /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial: 01942748139085E650161C71A8ECCCB7019F
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/Jf85FwwWGAMm_y1gyBMRf8ZylY8.roa
Signing time: Thu 02 Jan 2025 13:50:22 +0000
ROA not before: Thu 02 Jan 2025 13:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198013
IP address blocks: 94.185.96.0/19 maxlen: 19
94.185.97.0/24 maxlen: 24
94.185.98.0/24 maxlen: 24
94.185.99.0/24 maxlen: 24
94.185.100.0/24 maxlen: 24
94.185.101.0/24 maxlen: 24
94.185.102.0/24 maxlen: 24
94.185.103.0/24 maxlen: 24
94.185.104.0/22 maxlen: 22
94.185.104.0/24 maxlen: 24
94.185.105.0/24 maxlen: 24
94.185.106.0/24 maxlen: 24
94.185.107.0/24 maxlen: 24
94.185.108.0/24 maxlen: 24
94.185.109.0/24 maxlen: 24
94.185.110.0/24 maxlen: 24
94.185.112.0/24 maxlen: 24
94.185.113.0/24 maxlen: 24
94.185.116.0/24 maxlen: 24
94.185.123.0/24 maxlen: 24
2a03:4580::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:13:90:85:e6:50:16:1c:71:a8:ec:cc:b7:01:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Validity
Not Before: Jan 2 13:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25ff39170c16180326ff2d60c813117fc672958f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a0:36:81:56:3b:d5:ad:7f:41:53:18:74:59:
e4:8c:92:e0:17:21:5d:e7:48:aa:4e:74:0e:02:17:
2b:54:7e:92:b3:13:ae:35:09:14:22:ef:91:0b:a3:
c9:4d:7b:e1:f1:ad:5b:47:c1:5e:91:3e:6b:fd:6e:
7b:4f:37:c4:8d:ca:69:c7:28:1d:9e:71:38:df:d6:
c7:7c:aa:28:1c:1e:a4:22:92:77:b6:41:74:a5:91:
85:c2:7f:55:f7:68:d0:7d:fb:75:2f:e7:13:1d:d4:
73:6c:78:a8:fb:ca:bc:ac:86:3c:ec:8f:29:9e:65:
69:5c:4d:39:dc:e6:42:83:63:9a:35:22:54:43:58:
1c:15:a6:5f:e3:2c:05:33:51:41:c8:72:34:92:38:
f0:e2:58:a8:4b:f2:45:a8:c0:2f:a6:db:e6:71:be:
35:2e:67:e9:14:11:7c:19:ba:b9:16:aa:09:0b:f2:
be:e6:26:50:49:3e:8a:17:70:d2:c4:bf:c0:95:11:
e5:8a:78:24:39:e4:94:b1:fe:af:de:7e:13:7d:a3:
f5:0f:ec:9c:84:3c:75:49:97:be:1e:c5:56:54:00:
f9:e5:f0:b6:4f:09:52:54:79:57:b6:68:73:5f:81:
b9:19:0c:9a:03:c5:10:a7:56:70:50:1b:a9:50:87:
19:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FF:39:17:0C:16:18:03:26:FF:2D:60:C8:13:11:7F:C6:72:95:8F
X509v3 Authority Key Identifier:
keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/Jf85FwwWGAMm_y1gyBMRf8ZylY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.185.96.0/19
IPv6:
2a03:4580::/32
Signature Algorithm: sha256WithRSAEncryption
53:03:f7:f4:ae:8d:0e:e0:35:59:32:a2:11:3a:e0:44:2c:ed:
36:0a:95:4b:ce:5d:5f:77:0c:73:b3:1c:6b:e7:a6:46:33:74:
c5:ba:97:99:a5:b8:d3:eb:00:a9:06:41:72:fd:d9:ae:89:41:
6c:9c:81:12:c2:23:7a:bb:37:b6:de:89:d6:3b:87:16:47:e0:
ff:ad:e6:f6:e6:97:77:34:b8:e2:45:05:1b:36:b5:52:10:fb:
a3:26:6f:1a:59:18:50:48:0a:09:a6:88:3e:d9:61:72:9b:79:
3e:9d:af:79:61:f0:c7:71:0e:1b:b6:57:3f:13:92:94:c4:6f:
41:d3:d3:31:7d:9a:d0:84:fe:2b:85:6f:c6:67:a7:ce:e7:f7:
35:fd:35:9d:17:2d:6c:33:80:9f:45:a5:3a:07:88:50:80:f9:
2d:8b:af:85:6f:27:90:b9:d0:b9:91:86:31:32:8e:be:2d:f1:
02:9f:9b:bc:81:c8:92:cc:9f:5c:73:7a:b4:c8:ea:7c:e6:a8:
fe:7a:16:61:70:27:73:ad:54:a9:77:27:b5:0d:dd:33:fa:08:
80:3d:bd:76:b9:00:62:c1:bf:ab:0a:82:58:66:eb:a3:f1:90:
9b:f6:e6:25:01:65:a8:63:a8:aa:f2:92:36:4d:ff:36:48:94:
fb:ca:cc:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSBOQheZQFhxxqOzMtwGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODhiMWI1NjBmOTk4ZWNjZDNhNmVmZjQwNTQzYjU5MjA0
ZDY3YjgwHhcNMjUwMTAyMTM1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWZmMzkxNzBjMTYxODAzMjZmZjJkNjBjODEzMTE3ZmM2NzI5NThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqA2gVY71a1/QVMYdFnkjJLgFyFd
50iqTnQOAhcrVH6SsxOuNQkUIu+RC6PJTXvh8a1bR8FekT5r/W57TzfEjcppxygd
nnE439bHfKooHB6kIpJ3tkF0pZGFwn9V92jQfft1L+cTHdRzbHio+8q8rIY87I8p
nmVpXE053OZCg2OaNSJUQ1gcFaZf4ywFM1FByHI0kjjw4lioS/JFqMAvptvmcb41
LmfpFBF8Gbq5FqoJC/K+5iZQST6KF3DSxL/AlRHlingkOeSUsf6v3n4TfaP1D+yc
hDx1SZe+HsVWVAD55fC2TwlSVHlXtmhzX4G5GQyaA8UQp1ZwUBupUIcZAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCX/ORcMFhgDJv8tYMgTEX/GcpWPMB8GA1UdIwQY
MBaAFCWIsbVg+ZjszTpu/0BUO1kgTWe4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEt
OTlhMDE4OTg4OGI1LzEvSmY4NUZ3d1dHQU1tX3kxZ3lCTVJmOFp5bFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEtOTlhMDE4OTg4OGI1
LzEvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFXrlgMA0E
AgACMAcDBQAqA0WAMA0GCSqGSIb3DQEBCwUAA4IBAQBTA/f0ro0O4DVZMqIROuBE
LO02CpVLzl1fdwxzsxxr56ZGM3TFupeZpbjT6wCpBkFy/dmuiUFsnIESwiN6uze2
3onWO4cWR+D/reb25pd3NLjiRQUbNrVSEPujJm8aWRhQSAoJpog+2WFym3k+na95
YfDHcQ4btlc/E5KUxG9B09MxfZrQhP4rhW/GZ6fO5/c1/TWdFy1sM4CfRaU6B4hQ
gPkti6+FbyeQudC5kYYxMo6+LfECn5u8gciSzJ9cc3q0yOp85qj+ehZhcCdzrVSp
dye1Dd0z+giAPb12uQBiwb+rCoJYZuuj8ZCb9uYlAWWoY6iq8pI2Tf82SJT7ysyl
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:14 2025 by rpki-client