Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/VZ25WVddCqk8ozQ3VxEEwJQIu-Q.roa
File: VZ25WVddCqk8ozQ3VxEEwJQIu-Q.roa (raw, json)
Hash identifier: rJBe0FlOsSKm6xH91g3hHeX32mEQcCBeFnhu3a7jDvM=
Subject key identifier: 55:9D:B9:59:57:5D:0A:A9:3C:A3:34:37:57:11:04:C0:94:08:BB:E4
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01958FBD6B322151F648D52ADD2FB615784F
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/VZ25WVddCqk8ozQ3VxEEwJQIu-Q.roa
Signing time: Thu 13 Mar 2025 13:41:50 +0000
ROA not before: Thu 13 Mar 2025 13:41:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2285
IP address blocks: 90.84.160.0/24 maxlen: 24
90.84.161.0/24 maxlen: 24
90.84.162.0/24 maxlen: 24
90.84.163.0/24 maxlen: 24
90.84.164.0/24 maxlen: 24
90.84.165.0/24 maxlen: 24
90.84.248.0/24 maxlen: 24
90.84.249.0/24 maxlen: 24
90.84.250.0/24 maxlen: 24
2a01:c9c0:8010::/48 maxlen: 64
2a01:c9c0:8012::/48 maxlen: 64
2a01:c9c0:8014::/48 maxlen: 64
2a01:c9c0:8016::/48 maxlen: 64
2a01:c9c0:8018::/48 maxlen: 64
2a01:c9c0:801a::/48 maxlen: 64
2a01:c9c0:801c::/48 maxlen: 64
2a01:c9c0:801e::/48 maxlen: 64
2a01:c9c0:8030::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:bd:6b:32:21:51:f6:48:d5:2a:dd:2f:b6:15:78:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Mar 13 13:41:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=559db959575d0aa93ca33437571104c09408bbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:9b:fa:b3:90:6b:bc:41:8f:6b:cc:53:e7:
64:39:16:80:d4:52:20:0d:f2:af:36:86:23:c8:28:
98:3f:d5:73:6d:91:a4:58:6d:9c:35:d6:ec:ba:51:
fb:bf:8f:f7:94:ec:11:ed:38:f0:a8:15:d0:1b:83:
de:3e:1c:0e:69:eb:29:8b:89:24:1b:d8:02:ef:cf:
7b:a1:33:58:0b:8a:3b:b8:b8:e6:0d:e8:5f:74:ce:
88:e3:c7:b4:96:ad:9b:6f:28:d9:cc:04:55:b4:b8:
e7:f2:39:ef:7d:ee:8a:a2:e6:5c:de:41:37:db:a3:
3e:6b:66:4a:81:df:c2:b2:73:d3:e0:cf:7c:f2:8a:
48:8c:96:60:01:32:5f:8f:d7:21:69:68:f6:d1:b6:
eb:41:a7:e1:bd:d8:e3:9f:91:10:26:95:d9:df:b3:
76:29:38:b4:7d:dd:9f:ce:30:cf:72:15:71:13:96:
49:49:3a:4d:f4:44:40:21:4a:b0:e0:9d:58:dc:aa:
bb:88:21:a0:5d:bd:92:3e:20:44:c3:7d:d0:bb:55:
f3:16:41:3e:a3:bf:83:41:d6:b4:df:9b:78:2b:d4:
50:de:e9:e7:66:77:2d:6e:97:1c:85:9f:b0:c2:02:
78:1e:4d:4a:05:11:dc:62:ec:45:af:bf:b0:12:1a:
d9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9D:B9:59:57:5D:0A:A9:3C:A3:34:37:57:11:04:C0:94:08:BB:E4
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/VZ25WVddCqk8ozQ3VxEEwJQIu-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.160.0-90.84.165.255
90.84.248.0-90.84.250.255
IPv6:
2a01:c9c0:8010::/48
2a01:c9c0:8012::/48
2a01:c9c0:8014::/48
2a01:c9c0:8016::/48
2a01:c9c0:8018::/48
2a01:c9c0:801a::/48
2a01:c9c0:801c::/48
2a01:c9c0:801e::/48
2a01:c9c0:8030::/48
Signature Algorithm: sha256WithRSAEncryption
4e:8f:51:ef:6f:a1:71:c7:f5:06:6b:57:da:cc:c5:60:d9:56:
4b:1a:97:9b:a8:11:e2:25:a6:07:76:f3:14:1e:cf:39:86:4c:
c9:93:d6:9b:fd:53:2c:f3:73:ae:07:40:b9:fe:cd:22:a1:d3:
ef:11:ed:41:b0:f8:93:7f:18:f5:7b:70:82:7d:60:ae:15:1d:
b6:99:4d:08:57:5f:41:3c:c0:4a:c3:60:b2:59:a7:3e:cb:33:
9a:3a:d1:6a:c1:88:8e:9e:00:77:72:4f:e9:00:4d:c0:6f:d3:
63:4f:4d:7d:0a:3c:17:7b:7c:5a:36:bd:e6:0e:eb:6f:f8:00:
05:0c:8b:ba:42:e2:6b:12:f8:69:b6:81:24:e9:d8:cd:c7:95:
2d:36:e8:f1:2a:05:58:bb:84:ea:46:53:bf:d2:00:13:73:c8:
f4:a5:ff:22:0b:bf:41:53:d5:18:d2:2c:1a:59:e8:fd:32:c6:
f1:9d:d9:a5:e8:be:8e:3b:4c:2e:f3:a9:f3:78:d0:15:4a:7c:
c6:12:d6:ac:1d:d0:1f:a2:ce:a2:c7:7b:e4:a8:13:8b:2f:7b:
e1:04:bc:5d:11:b9:f7:ca:a8:73:d1:20:24:ba:2b:52:45:de:
c2:4d:69:b8:61:f0:07:f8:35:6e:87:7b:74:0f:14:59:16:b1:
68:2b:be:df
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZWPvWsyIVH2SNUq3S+2FXhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMzEzMTM0MTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTlkYjk1OTU3NWQwYWE5M2NhMzM0Mzc1NzExMDRjMDk0MDhiYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNWb+rOQa7xBj2vMU+dkORaA1FIg
DfKvNoYjyCiYP9VzbZGkWG2cNdbsulH7v4/3lOwR7TjwqBXQG4PePhwOaespi4kk
G9gC7897oTNYC4o7uLjmDehfdM6I48e0lq2bbyjZzARVtLjn8jnvfe6KouZc3kE3
26M+a2ZKgd/CsnPT4M988opIjJZgATJfj9chaWj20bbrQafhvdjjn5EQJpXZ37N2
KTi0fd2fzjDPchVxE5ZJSTpN9ERAIUqw4J1Y3Kq7iCGgXb2SPiBEw33Qu1XzFkE+
o7+DQda035t4K9RQ3unnZnctbpcchZ+wwgJ4Hk1KBRHcYuxFr7+wEhrZAQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFFWduVlXXQqpPKM0N1cRBMCUCLvkMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvVloyNVdWZGRDcWs4b3pRM1Z4RUV3SlFJdS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wIgQCAAEwHDAMAwQFWlSg
AwQBWlSkMAwDBANaVPgDBABaVPowVwQCAAIwUQMHACoBycCAEAMHACoBycCAEgMH
ACoBycCAFAMHACoBycCAFgMHACoBycCAGAMHACoBycCAGgMHACoBycCAHAMHACoB
ycCAHgMHACoBycCAMDANBgkqhkiG9w0BAQsFAAOCAQEATo9R72+hccf1BmtX2szF
YNlWSxqXm6gR4iWmB3bzFB7POYZMyZPWm/1TLPNzrgdAuf7NIqHT7xHtQbD4k38Y
9Xtwgn1grhUdtplNCFdfQTzASsNgslmnPsszmjrRasGIjp4Ad3JP6QBNwG/TY09N
fQo8F3t8Wja95g7rb/gABQyLukLiaxL4abaBJOnYzceVLTbo8SoFWLuE6kZTv9IA
E3PI9KX/Igu/QVPVGNIsGlno/TLG8Z3Zpei+jjtMLvOp83jQFUp8xhLWrB3QH6LO
osd75KgTiy974QS8XRG598qoc9EgJLorUkXewk1puGHwB/g1bod7dA8UWRaxaCu+
3w==
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:15:29 2025 by rpki-client