Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/zGMv1As8Hv8Fxv1gB-c88BhITcE.roa
File: zGMv1As8Hv8Fxv1gB-c88BhITcE.roa (raw, json)
Hash identifier: K6xVO0WERXRACmfOMNkBdnHrZHxxKkoLysM1EdrhvV8=
Subject key identifier: CC:63:2F:D4:0B:3C:1E:FF:05:C6:FD:60:07:E7:3C:F0:18:48:4D:C1
Certificate issuer: /CN=7a6735b7a553a1680c11add3e48c3635b53979ca
Certificate serial: 01856D6F4BFAA19747F7B39D7CCA4A50381E
Authority key identifier: 7A:67:35:B7:A5:53:A1:68:0C:11:AD:D3:E4:8C:36:35:B5:39:79:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/zGMv1As8Hv8Fxv1gB-c88BhITcE.roa
Signing time: Sun 01 Jan 2023 13:04:48 +0000
ROA not before: Sun 01 Jan 2023 13:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49604
IP address blocks: 185.31.240.0/22 maxlen: 24
85.234.246.0/23 maxlen: 24
85.234.242.0/23 maxlen: 23
85.234.244.0/23 maxlen: 23
217.146.64.0/20 maxlen: 24
85.222.232.0/22 maxlen: 24
2a02:29ea:1e::/48 maxlen: 48
2a02:29ea:14::/48 maxlen: 48
2a02:29e8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:4b:fa:a1:97:47:f7:b3:9d:7c:ca:4a:50:38:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a6735b7a553a1680c11add3e48c3635b53979ca
Validity
Not Before: Jan 1 13:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc632fd40b3c1eff05c6fd6007e73cf018484dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:86:b0:ed:fc:8c:45:18:8f:5b:c7:3b:c4:83:
ff:1e:4e:e0:6b:84:cb:84:85:a1:c1:e8:a0:54:fa:
8a:b8:c3:7d:d8:53:e0:fc:8e:61:71:c4:ef:52:af:
00:18:f9:88:be:03:ba:68:55:5c:6b:e5:b5:41:65:
db:93:5a:64:25:aa:40:f4:f0:7c:2f:0f:8b:c8:f2:
6e:4b:d3:cc:a9:4f:30:4d:c0:65:d5:30:f4:2b:8e:
ba:46:dd:5d:3e:86:26:5e:45:e1:65:f3:3f:fd:5a:
d4:be:e2:65:dc:05:15:fe:e4:6e:a0:f0:28:fe:61:
96:30:a2:a6:1e:e2:ca:8f:ee:5d:67:74:18:d5:03:
ca:91:33:5e:31:6a:41:1d:53:5d:ee:70:cc:c1:af:
6f:ef:9e:4e:c6:79:5c:7e:3b:97:fe:4c:34:a3:66:
84:b1:72:c7:6c:43:9f:eb:38:5a:81:d5:4e:ad:eb:
c5:cd:04:0a:51:e9:07:55:7d:de:e8:d2:e2:fb:36:
f5:25:b9:89:e6:76:c7:4a:6b:ea:0b:9d:4f:8e:dd:
d8:59:83:b5:1e:91:a6:f4:b3:64:24:b1:fe:60:5b:
4b:46:8a:20:7d:15:eb:75:1f:85:c5:d6:d9:84:b4:
43:f2:bb:4c:f8:68:6e:3a:12:20:5b:8e:0d:2e:d6:
e4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:63:2F:D4:0B:3C:1E:FF:05:C6:FD:60:07:E7:3C:F0:18:48:4D:C1
X509v3 Authority Key Identifier:
keyid:7A:67:35:B7:A5:53:A1:68:0C:11:AD:D3:E4:8C:36:35:B5:39:79:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/zGMv1As8Hv8Fxv1gB-c88BhITcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/emc1t6VToWgMEa3T5Iw2NbU5eco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.232.0/22
85.234.242.0-85.234.247.255
185.31.240.0/22
217.146.64.0/20
IPv6:
2a02:29e8::/32
2a02:29ea:14::/48
2a02:29ea:1e::/48
Signature Algorithm: sha256WithRSAEncryption
4d:f4:81:0a:77:67:df:9b:92:00:00:3f:88:d0:6e:f7:30:ab:
47:04:0f:87:51:48:d7:8e:1e:0a:c6:78:c0:34:2f:0d:cc:ee:
91:74:65:af:2d:65:71:72:ec:48:83:c3:2a:a5:2d:16:36:89:
a5:9c:e7:ec:d3:99:21:19:22:03:ee:b1:ff:25:b5:f5:1b:ac:
e6:f4:a8:cd:8a:f0:0d:f3:b4:7c:13:87:9b:f8:a8:53:96:a0:
03:64:71:31:53:2a:e5:0f:a7:d2:e9:88:7e:9f:5d:d9:f8:20:
2b:29:95:ea:21:a0:fa:5b:c6:71:6f:47:1f:51:94:87:72:48:
e6:fb:65:e9:5a:ad:a0:5e:f8:dc:a0:93:1b:ca:84:c0:91:ce:
f7:49:9c:f9:b6:30:be:64:fc:11:f5:b6:f5:73:20:20:81:53:
ec:3f:a8:cc:9c:4b:c2:5d:5a:49:a0:fd:f5:fe:3b:71:bd:c8:
ac:26:30:fe:6e:0d:47:8b:2e:c0:c7:4d:39:15:25:fd:f3:77:
71:37:5d:09:cd:16:99:0e:2f:a4:07:bf:e2:a4:1d:8c:44:89:
34:9d:b8:77:f4:9c:20:e6:f2:0e:09:84:33:43:3d:84:34:3c:
2e:1a:0b:5c:ec:93:54:f5:57:2a:32:25:19:c3:6e:49:fc:f8:
93:aa:2e:75
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVtb0v6oZdH97OdfMpKUDgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNjczNWI3YTU1M2ExNjgwYzExYWRkM2U0OGMzNjM1YjUz
OTc5Y2EwHhcNMjMwMTAxMTMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzYzMmZkNDBiM2MxZWZmMDVjNmZkNjAwN2U3M2NmMDE4NDg0ZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Yaw7fyMRRiPW8c7xIP/Hk7ga4TL
hIWhweigVPqKuMN92FPg/I5hccTvUq8AGPmIvgO6aFVca+W1QWXbk1pkJapA9PB8
Lw+LyPJuS9PMqU8wTcBl1TD0K466Rt1dPoYmXkXhZfM//VrUvuJl3AUV/uRuoPAo
/mGWMKKmHuLKj+5dZ3QY1QPKkTNeMWpBHVNd7nDMwa9v755OxnlcfjuX/kw0o2aE
sXLHbEOf6zhagdVOrevFzQQKUekHVX3e6NLi+zb1JbmJ5nbHSmvqC51Pjt3YWYO1
HpGm9LNkJLH+YFtLRoogfRXrdR+FxdbZhLRD8rtM+GhuOhIgW44NLtbkPwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMxjL9QLPB7/Bcb9YAfnPPAYSE3BMB8GA1UdIwQY
MBaAFHpnNbelU6FoDBGt0+SMNjW1OXnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW1jMXQ2VlRvV2dNRWEzVDVJdzJOYlU1ZWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjI2NDctMDk1MC00NmE0LWI1NmQt
MzRlYjY3YjQ3NWY2LzEvekdNdjFBczhIdjhGeHYxZ0ItYzg4QmhJVGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjI2NDctMDk1MC00NmE0LWI1NmQtMzRlYjY3YjQ3NWY2
LzEvZW1jMXQ2VlRvV2dNRWEzVDVJdzJOYlU1ZWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAmBAIAATAgAwQCVd7oMAwD
BAFV6vIDBANV6vADBAK5H/ADBATZkkAwHwQCAAIwGQMFACoCKegDBwAqAinqABQD
BwAqAinqAB4wDQYJKoZIhvcNAQELBQADggEBAE30gQp3Z9+bkgAAP4jQbvcwq0cE
D4dRSNeOHgrGeMA0Lw3M7pF0Za8tZXFy7EiDwyqlLRY2iaWc5+zTmSEZIgPusf8l
tfUbrOb0qM2K8A3ztHwTh5v4qFOWoANkcTFTKuUPp9LpiH6fXdn4ICspleohoPpb
xnFvRx9RlIdySOb7ZelaraBe+NygkxvKhMCRzvdJnPm2ML5k/BH1tvVzICCBU+w/
qMycS8JdWkmg/fX+O3G9yKwmMP5uDUeLLsDHTTkVJf3zd3E3XQnNFpkOL6QHv+Kk
HYxEiTSduHf0nCDm8g4JhDNDPYQ0PC4aC1zsk1T1VyoyJRnDbkn8+JOqLnU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:51:12 2025 by rpki-client