Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9ATHMDpOhgxh88NgrqIA6dVM3Gk.roa
File: 9ATHMDpOhgxh88NgrqIA6dVM3Gk.roa (raw, json)
Hash identifier: Ds72d/xwNa+mvoqRa6cLUlNcXhPkz/dsrYaEbqH+Oh4=
Subject key identifier: F4:04:C7:30:3A:4E:86:0C:61:F3:C3:60:AE:A2:00:E9:D5:4C:DC:69
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228D9BC0779BD14FA4F14FE349A5B430
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9ATHMDpOhgxh88NgrqIA6dVM3Gk.roa
Signing time: Wed 01 Jan 2025 15:48:13 +0000
ROA not before: Wed 01 Jan 2025 15:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34418
IP address blocks: 85.153.153.0/24 maxlen: 24
85.153.154.0/24 maxlen: 24
176.236.215.0/24 maxlen: 24
212.252.208.0/23 maxlen: 23
212.252.208.0/24 maxlen: 24
212.252.209.0/24 maxlen: 24
212.252.210.0/23 maxlen: 23
212.252.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9b:c0:77:9b:d1:4f:a4:f1:4f:e3:49:a5:b4:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f404c7303a4e860c61f3c360aea200e9d54cdc69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:2f:0c:83:28:12:9d:22:03:27:03:2c:d3:55:
53:1b:91:55:b4:d3:f7:cc:0b:82:00:c0:da:e1:ce:
4e:63:72:d3:08:bb:e6:cf:0a:fe:67:e0:21:b5:a9:
c2:37:41:45:8f:5d:86:14:aa:d5:15:76:33:f1:af:
e3:aa:ff:14:c6:c8:c9:b9:f0:b0:8f:0e:ff:5b:ac:
19:a4:17:a2:94:c7:35:7e:17:59:c8:f3:b0:fd:07:
fd:ff:33:29:6f:04:c6:8a:12:ae:de:30:2d:61:05:
15:7a:04:a5:b9:56:40:94:e4:6d:5f:be:ac:1d:de:
45:ab:a5:22:05:a4:f2:91:e4:4b:36:f7:67:48:ff:
3d:aa:a3:93:ce:ea:15:f7:75:fe:c5:6a:56:ab:e5:
58:4a:2a:bc:4b:8e:c1:ad:84:c4:6f:b0:86:b7:e9:
1d:07:ac:cc:8a:34:9a:9e:a2:f8:87:9e:3f:90:c3:
f0:94:77:e8:f1:62:df:7b:78:c5:82:58:5f:fd:5f:
67:f3:f0:23:71:eb:a0:33:4c:e2:d6:2e:24:e0:62:
b6:05:a9:8a:b2:e6:57:d4:e8:61:4f:c8:81:34:47:
e0:0e:ba:7b:ed:3a:91:6e:c7:cc:46:7c:7e:0a:e2:
1a:2e:44:e6:f2:1b:41:eb:69:fb:80:26:de:f5:f1:
45:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:04:C7:30:3A:4E:86:0C:61:F3:C3:60:AE:A2:00:E9:D5:4C:DC:69
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9ATHMDpOhgxh88NgrqIA6dVM3Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.153.0-85.153.154.255
176.236.215.0/24
212.252.208.0/22
Signature Algorithm: sha256WithRSAEncryption
14:c3:4f:f0:e7:0c:08:db:9c:85:f2:7a:78:cc:37:56:45:17:
8a:45:6e:ac:38:f6:0f:29:70:7e:38:a2:23:c3:d6:3b:1c:0e:
fb:eb:c4:84:ec:ba:db:d4:a7:48:eb:a1:93:02:b0:29:d5:73:
4b:4b:a4:19:21:22:cb:3c:a6:22:44:81:3b:31:48:61:81:64:
d5:6a:1f:81:ed:82:bc:aa:cf:0d:e0:0d:c0:82:26:85:77:d6:
5e:8a:9a:70:3a:57:de:9a:16:d9:52:d5:74:e5:d3:dd:26:38:
fb:89:c9:fa:c0:1a:3a:f2:40:15:cb:aa:05:c8:ff:a6:80:93:
ef:66:07:77:d7:4a:9a:af:25:8a:7b:42:1a:d1:32:43:9b:bf:
13:15:94:39:f1:b5:20:cc:ec:2b:3a:06:f1:8d:44:0b:2d:15:
e5:49:51:1d:d0:6b:7a:3e:b5:3c:0c:a2:bf:7c:79:c3:b5:4a:
86:f6:f3:71:85:1b:56:f8:79:ff:7a:00:36:d7:ea:58:84:f7:
23:7c:89:95:eb:26:25:29:95:9e:36:67:5b:2e:d2:6f:56:00:
3e:89:9f:c3:58:2a:9e:a9:ba:fb:c0:cf:b1:2a:70:82:ce:41:
90:6b:65:2e:b7:49:69:54:78:80:d3:0c:fc:1a:90:08:0d:15:
d8:13:af:bf
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQijZvAd5vRT6TxT+NJpbQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDA0YzczMDNhNGU4NjBjNjFmM2MzNjBhZWEyMDBlOWQ1NGNkYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8S8MgygSnSIDJwMs01VTG5FVtNP3
zAuCAMDa4c5OY3LTCLvmzwr+Z+AhtanCN0FFj12GFKrVFXYz8a/jqv8UxsjJufCw
jw7/W6wZpBeilMc1fhdZyPOw/Qf9/zMpbwTGihKu3jAtYQUVegSluVZAlORtX76s
Hd5Fq6UiBaTykeRLNvdnSP89qqOTzuoV93X+xWpWq+VYSiq8S47BrYTEb7CGt+kd
B6zMijSanqL4h54/kMPwlHfo8WLfe3jFglhf/V9n8/AjceugM0zi1i4k4GK2BamK
suZX1OhhT8iBNEfgDrp77TqRbsfMRnx+CuIaLkTm8htB62n7gCbe9fFF3QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPQExzA6ToYMYfPDYK6iAOnVTNxpMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvOUFUSE1EcE9oZ3hoODhOZ3JxSUE2ZFZNM0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABVmZkD
BABVmZoDBACw7NcDBALU/NAwDQYJKoZIhvcNAQELBQADggEBABTDT/DnDAjbnIXy
enjMN1ZFF4pFbqw49g8pcH44oiPD1jscDvvrxITsutvUp0jroZMCsCnVc0tLpBkh
Iss8piJEgTsxSGGBZNVqH4Htgryqzw3gDcCCJoV31l6KmnA6V96aFtlS1XTl090m
OPuJyfrAGjryQBXLqgXI/6aAk+9mB3fXSpqvJYp7QhrRMkObvxMVlDnxtSDM7Cs6
BvGNRAstFeVJUR3Qa3o+tTwMor98ecO1Sob283GFG1b4ef96ADbX6liE9yN8iZXr
JiUplZ42Z1su0m9WAD6Jn8NYKp6puvvAz7EqcILOQZBrZS63SWlUeIDTDPwakAgN
FdgTr78=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:32:00 2025 by rpki-client