Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/DS67FdpgmqYiE2CK6kJaukzb9lo.roa
File: DS67FdpgmqYiE2CK6kJaukzb9lo.roa (raw, json)
Hash identifier: HfSDCgkCLFir/vHCUHB/cRxT5ahnLIFwfyEr46+8muM=
Subject key identifier: 0D:2E:BB:15:DA:60:9A:A6:22:13:60:8A:EA:42:5A:BA:4C:DB:F6:5A
Certificate issuer: /CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Certificate serial: 0195294E2781BD1585B423CDCF702278807B
Authority key identifier: A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/DS67FdpgmqYiE2CK6kJaukzb9lo.roa
Signing time: Fri 21 Feb 2025 16:19:02 +0000
ROA not before: Fri 21 Feb 2025 16:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210099
IP address blocks: 85.117.236.0/24 maxlen: 24
85.117.237.0/24 maxlen: 24
185.17.113.0/24 maxlen: 24
185.73.200.0/22 maxlen: 22
185.73.200.0/24 maxlen: 24
185.73.201.0/24 maxlen: 24
185.73.202.0/24 maxlen: 24
185.73.203.0/24 maxlen: 24
185.165.77.0/24 maxlen: 24
2a04:7c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:29:4e:27:81:bd:15:85:b4:23:cd:cf:70:22:78:80:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Validity
Not Before: Feb 21 16:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d2ebb15da609aa62213608aea425aba4cdbf65a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1d:53:e5:5e:b3:48:98:44:82:d1:f8:63:8f:
b2:ed:19:fc:c5:9e:bd:aa:54:6f:2f:c7:24:c7:25:
ab:a4:ae:55:84:10:8e:dc:14:96:51:21:c8:69:ca:
63:85:4f:52:e9:63:36:19:4f:2b:57:b7:41:b8:35:
3d:c2:9a:cc:82:21:fd:4a:a7:68:fc:7f:b9:37:fd:
66:88:2d:00:ec:d4:56:a3:ae:14:02:40:71:67:75:
4c:9d:14:9c:2c:75:cc:a9:bb:3e:12:18:a3:f5:d9:
af:69:a4:10:36:a6:d4:c8:55:a7:e9:40:5b:db:df:
e3:84:65:f4:a4:1e:e8:df:fb:df:c7:2a:20:70:30:
79:8b:a1:2b:8b:f2:a5:94:80:8c:5c:36:cd:a9:85:
f8:70:51:b8:39:6a:03:b9:75:9d:1e:13:d1:f2:39:
d4:40:bc:b7:75:cb:60:d0:b3:21:ef:30:50:97:5e:
80:83:7e:57:1a:ee:bd:ee:45:11:2c:6a:8a:30:da:
a8:3d:14:ec:58:f3:4a:e5:1a:a1:ae:d0:08:f1:e5:
d5:69:8a:7c:95:65:47:5e:ae:59:aa:15:fb:82:a5:
58:f7:e4:01:31:1c:db:ae:7f:6d:fd:07:54:82:bb:
21:91:88:c3:ad:f6:78:de:f5:a0:c8:5e:a8:3d:4b:
24:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2E:BB:15:DA:60:9A:A6:22:13:60:8A:EA:42:5A:BA:4C:DB:F6:5A
X509v3 Authority Key Identifier:
keyid:A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/DS67FdpgmqYiE2CK6kJaukzb9lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.236.0/23
185.17.113.0/24
185.73.200.0/22
185.165.77.0/24
IPv6:
2a04:7c1::/32
Signature Algorithm: sha256WithRSAEncryption
46:df:74:92:a7:18:4f:ba:f3:c0:52:02:b6:30:52:18:2c:1d:
8e:8f:8b:53:12:88:db:11:69:ab:25:0c:83:c3:7d:c5:74:73:
84:84:dc:25:67:d3:46:b3:4a:c3:32:47:b8:99:46:8b:81:61:
d3:4c:e5:75:a7:b3:ec:29:b3:7c:f1:1f:7e:6a:38:49:95:8a:
21:95:5f:e5:32:48:0a:61:f0:09:9a:93:e5:73:c2:51:4e:5d:
63:0a:2e:1f:5a:f1:4f:53:bf:68:47:5a:88:68:1d:56:da:57:
ef:8d:e9:73:46:aa:8e:3d:e7:f1:b2:1a:3c:9f:d6:55:ff:17:
4c:df:c2:97:9e:77:79:ef:13:34:b0:db:13:04:09:bb:24:74:
cb:a0:91:c8:c0:5a:d7:6a:2c:6b:b4:f5:89:a3:ec:ad:a2:0d:
4a:71:ee:ff:36:32:97:0b:07:12:e4:ac:30:90:7e:01:ee:7f:
ad:d2:b3:71:f3:58:de:5c:b1:70:f3:ff:07:84:df:25:61:62:
53:84:8a:44:b6:d4:a9:fc:cb:b0:56:c6:c4:8a:80:36:ea:2e:
f1:ab:36:6b:34:5c:72:6f:68:9f:80:6c:d9:da:2c:ef:d4:3c:
7d:19:7e:21:70:de:00:43:f3:53:60:53:60:73:94:0f:c1:76:
21:92:6e:0e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZUpTieBvRWFtCPNz3AieIB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmRkOWRhZDc1ODc3ZjdkMjhkMTRlMDhkYzU1YjEzMzBi
ZDEzYjcwHhcNMjUwMjIxMTYxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJlYmIxNWRhNjA5YWE2MjIxMzYwOGFlYTQyNWFiYTRjZGJmNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0B1T5V6zSJhEgtH4Y4+y7Rn8xZ69
qlRvL8ckxyWrpK5VhBCO3BSWUSHIacpjhU9S6WM2GU8rV7dBuDU9wprMgiH9Sqdo
/H+5N/1miC0A7NRWo64UAkBxZ3VMnRScLHXMqbs+Ehij9dmvaaQQNqbUyFWn6UBb
29/jhGX0pB7o3/vfxyogcDB5i6Eri/KllICMXDbNqYX4cFG4OWoDuXWdHhPR8jnU
QLy3dctg0LMh7zBQl16Ag35XGu697kURLGqKMNqoPRTsWPNK5RqhrtAI8eXVaYp8
lWVHXq5ZqhX7gqVY9+QBMRzbrn9t/QdUgrshkYjDrfZ43vWgyF6oPUskOwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA0uuxXaYJqmIhNgiupCWrpM2/ZaMB8GA1UdIwQY
MBaAFKdt2drXWHf30o0U4I3FWxMwvRO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQt
MmFjNmZmNzViZWIwLzEvRFM2N0ZkcGdtcVlpRTJDSzZrSmF1a3piOWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQtMmFjNmZmNzViZWIw
LzEvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBVXXsAwQA
uRFxAwQCuUnIAwQAuaVNMA0EAgACMAcDBQAqBAfBMA0GCSqGSIb3DQEBCwUAA4IB
AQBG33SSpxhPuvPAUgK2MFIYLB2Oj4tTEojbEWmrJQyDw33FdHOEhNwlZ9NGs0rD
Mke4mUaLgWHTTOV1p7PsKbN88R9+ajhJlYohlV/lMkgKYfAJmpPlc8JRTl1jCi4f
WvFPU79oR1qIaB1W2lfvjelzRqqOPefxsho8n9ZV/xdM38KXnnd57xM0sNsTBAm7
JHTLoJHIwFrXaixrtPWJo+ytog1Kce7/NjKXCwcS5KwwkH4B7n+t0rNx81jeXLFw
8/8HhN8lYWJThIpEttSp/MuwVsbEioA26i7xqzZrNFxyb2ifgGzZ2izv1Dx9GX4h
cN4AQ/NTYFNgc5QPwXYhkm4O
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:13:01 2025 by rpki-client