Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/OaQgqSYUGPbwHzwKBwLKmN0voFA.roa
File: OaQgqSYUGPbwHzwKBwLKmN0voFA.roa (raw, json)
Hash identifier: VOuJuNbuWIWBnht9LmEQdm8o0ZHVZzAtHUJKoRYJKyc=
Subject key identifier: 39:A4:20:A9:26:14:18:F6:F0:1F:3C:0A:07:02:CA:98:DD:2F:A0:50
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0194FDC1C7729200182C76AD6EB5E6CC0C00
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/OaQgqSYUGPbwHzwKBwLKmN0voFA.roa
Signing time: Thu 13 Feb 2025 05:22:02 +0000
ROA not before: Thu 13 Feb 2025 05:22:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213676
IP address blocks: 85.115.204.0/24 maxlen: 24
85.115.205.0/24 maxlen: 24
85.115.206.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
85.153.65.0/24 maxlen: 24
85.153.80.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fd:c1:c7:72:92:00:18:2c:76:ad:6e:b5:e6:cc:0c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Feb 13 05:22:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39a420a9261418f6f01f3c0a0702ca98dd2fa050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d4:dc:17:3b:95:cc:8b:80:25:2d:26:f3:0b:
e0:a7:3a:6c:ce:1f:2d:81:f3:65:ea:c5:e4:e2:80:
55:3a:83:0f:69:c8:0d:ed:8e:63:01:af:56:3c:15:
7a:f0:c7:23:fa:ba:84:73:62:20:79:1b:d1:07:ef:
1a:65:72:9b:b7:dc:2c:48:6a:72:cf:e1:13:a4:32:
76:d8:83:1c:3e:e9:d3:d5:79:7b:31:f8:ce:12:22:
d7:ea:6d:97:50:a1:96:0d:3a:e6:66:92:e8:e2:1d:
e4:80:2d:69:b4:55:32:01:7e:31:01:e9:53:a8:95:
40:04:0b:be:5e:03:92:7a:35:87:a5:01:b8:26:ce:
4b:9d:61:53:6c:f4:7a:4c:eb:04:d0:e6:ae:3a:de:
7e:93:7f:3b:fc:b4:a7:73:68:b3:d5:7b:c9:37:bb:
ad:e5:e3:a6:82:c4:12:85:ec:5f:f6:40:2a:55:3d:
72:4f:59:19:2a:b0:67:60:46:55:57:45:67:c2:46:
aa:0c:07:21:42:f8:c1:87:0f:ab:20:18:3c:38:fd:
41:22:95:4b:01:24:e1:dd:72:68:cf:81:a6:fc:01:
59:0d:06:31:a0:47:10:24:fb:19:ca:15:c4:39:32:
dc:78:78:94:dc:42:4e:66:58:94:ea:36:7c:ba:57:
cc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A4:20:A9:26:14:18:F6:F0:1F:3C:0A:07:02:CA:98:DD:2F:A0:50
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/OaQgqSYUGPbwHzwKBwLKmN0voFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0-85.115.206.255
85.153.6.0-85.153.8.255
85.153.65.0/24
85.153.80.0/24
85.153.93.0/24
85.153.120.0/22
Signature Algorithm: sha256WithRSAEncryption
25:1e:25:4f:8d:51:c7:69:46:30:0c:ea:dd:dc:3e:0f:8b:fd:
9d:43:cf:d0:2d:c5:07:0e:68:5c:e5:e7:dd:ad:84:a5:81:f9:
dd:46:ef:17:97:11:a8:50:4d:1a:e5:70:f3:4b:04:f2:9a:05:
8d:ae:db:63:66:d6:16:df:7d:0e:ab:fb:5b:9a:a3:c7:1c:88:
5b:b1:f8:a7:2f:5f:e5:fe:5f:10:4c:4a:8d:2d:4a:9d:6c:47:
69:7f:8a:4f:6a:e2:c0:94:1e:1b:b3:4a:f2:56:ff:7e:ed:14:
bc:02:71:75:fc:87:27:17:e4:91:a6:c9:60:fb:7c:18:e5:28:
72:df:16:38:62:df:37:cc:18:31:9f:32:ed:89:c8:f7:0a:c6:
c3:be:4f:31:07:4d:08:e4:a4:1e:c0:53:d5:dd:d5:89:cf:fa:
91:37:e1:65:86:da:9a:1e:85:86:50:6d:06:cb:48:73:31:6a:
e3:b0:c6:51:7e:f9:91:cd:df:47:10:44:58:7a:da:ea:7c:ec:
b7:6b:df:c5:51:7d:84:9d:cc:08:45:75:57:ac:5c:a1:e5:50:
99:3b:ce:4d:ba:ae:4f:e4:73:74:52:37:97:0b:9b:52:70:cd:
01:e8:37:05:94:d8:8a:bf:32:e9:64:19:6f:9b:69:51:68:b6:
17:42:cb:fc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZT9wcdykgAYLHatbrXmzAwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjUwMjEzMDUyMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWE0MjBhOTI2MTQxOGY2ZjAxZjNjMGEwNzAyY2E5OGRkMmZhMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtTcFzuVzIuAJS0m8wvgpzpszh8t
gfNl6sXk4oBVOoMPacgN7Y5jAa9WPBV68Mcj+rqEc2IgeRvRB+8aZXKbt9wsSGpy
z+ETpDJ22IMcPunT1Xl7MfjOEiLX6m2XUKGWDTrmZpLo4h3kgC1ptFUyAX4xAelT
qJVABAu+XgOSejWHpQG4Js5LnWFTbPR6TOsE0OauOt5+k387/LSnc2iz1XvJN7ut
5eOmgsQShexf9kAqVT1yT1kZKrBnYEZVV0VnwkaqDAchQvjBhw+rIBg8OP1BIpVL
ASTh3XJoz4Gm/AFZDQYxoEcQJPsZyhXEOTLceHiU3EJOZliU6jZ8ulfM6wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDmkIKkmFBj28B88CgcCypjdL6BQMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvT2FRZ3FTWVVHUGJ3SHp3S0J3TEttTjB2b0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAJVc8wD
BABVc84wDAMEAVWZBgMEAFWZCAMEAFWZQQMEAFWZUAMEAFWZXQMEAlWZeDANBgkq
hkiG9w0BAQsFAAOCAQEAJR4lT41Rx2lGMAzq3dw+D4v9nUPP0C3FBw5oXOXn3a2E
pYH53UbvF5cRqFBNGuVw80sE8poFja7bY2bWFt99Dqv7W5qjxxyIW7H4py9f5f5f
EExKjS1KnWxHaX+KT2riwJQeG7NK8lb/fu0UvAJxdfyHJxfkkabJYPt8GOUoct8W
OGLfN8wYMZ8y7YnI9wrGw75PMQdNCOSkHsBT1d3Vic/6kTfhZYbamh6FhlBtBstI
czFq47DGUX75kc3fRxBEWHra6nzst2vfxVF9hJ3MCEV1V6xcoeVQmTvOTbquT+Rz
dFI3lwubUnDNAeg3BZTYir8y6WQZb5tpUWi2F0LL/A==
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:32:26 2025 by rpki-client