Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/JVzuM8B6ofXxJRTwKSOh4uQnHZ8.roa
File: JVzuM8B6ofXxJRTwKSOh4uQnHZ8.roa (raw, json)
Hash identifier: 6kzBk5+13Ftt6UqtqHrn3x6NbCUjc2KzWe2+5j/AkQM=
Subject key identifier: 25:5C:EE:33:C0:7A:A1:F5:F1:25:14:F0:29:23:A1:E2:E4:27:1D:9F
Certificate issuer: /CN=295579f5b673dbe2ebba348cfb0f56124cde7048
Certificate serial: 019424B3E5F5E41346DC02DC05E0F511E597
Authority key identifier: 29:55:79:F5:B6:73:DB:E2:EB:BA:34:8C:FB:0F:56:12:4C:DE:70:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVV59bZz2-LrujSM-w9WEkzecEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/JVzuM8B6ofXxJRTwKSOh4uQnHZ8.roa
Signing time: Thu 02 Jan 2025 01:49:17 +0000
ROA not before: Thu 02 Jan 2025 01:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56647
IP address blocks: 185.94.84.0/23 maxlen: 23
185.94.86.0/24 maxlen: 24
185.168.112.0/24 maxlen: 24
185.168.113.0/24 maxlen: 24
2a04:2d00::/48 maxlen: 48
2a04:2d01::/48 maxlen: 48
2a0b:f600::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e5:f5:e4:13:46:dc:02:dc:05:e0:f5:11:e5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295579f5b673dbe2ebba348cfb0f56124cde7048
Validity
Not Before: Jan 2 01:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=255cee33c07aa1f5f12514f02923a1e2e4271d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b0:fb:80:a1:d0:cd:c7:9f:26:62:75:02:b6:
29:e9:da:3f:ad:1e:d8:a9:a5:ec:95:23:81:8d:ac:
fc:50:84:81:48:3e:4f:14:95:19:c8:fc:c0:34:cf:
2d:e8:84:2e:05:b9:cc:86:3e:aa:3c:9c:5d:7c:9a:
31:fb:0c:25:d6:d9:42:5f:4c:9a:0c:38:73:40:b3:
9a:69:bb:d5:a6:c1:c5:9b:c4:d4:a9:92:59:33:d3:
76:d9:83:ef:14:c4:e0:53:3a:86:78:6c:8b:2f:66:
7d:a7:d5:d2:62:78:03:ab:52:cc:87:78:ec:fe:d0:
f5:34:6e:77:40:8c:d9:e9:28:b9:a2:ec:a8:9e:f2:
f7:be:04:2a:2b:91:1d:62:eb:7c:a3:60:a8:93:5a:
8c:02:d7:c6:c7:dd:06:ed:e4:56:23:12:6f:64:e9:
b7:2a:0b:3a:a7:88:9b:1e:6a:8b:7f:05:11:22:a1:
20:ae:48:22:f4:f1:8a:63:7b:ab:a6:7c:20:0b:61:
a3:b9:34:32:a1:9b:0f:48:dc:4f:13:cc:f5:56:c3:
d3:89:84:3a:35:9c:ff:50:bf:7b:43:9d:c1:5f:5a:
61:a2:60:c3:a3:32:12:6d:f4:01:6b:05:88:61:50:
50:91:67:86:c1:80:98:80:30:e8:2b:fc:82:3a:f3:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5C:EE:33:C0:7A:A1:F5:F1:25:14:F0:29:23:A1:E2:E4:27:1D:9F
X509v3 Authority Key Identifier:
keyid:29:55:79:F5:B6:73:DB:E2:EB:BA:34:8C:FB:0F:56:12:4C:DE:70:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVV59bZz2-LrujSM-w9WEkzecEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/JVzuM8B6ofXxJRTwKSOh4uQnHZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/KVV59bZz2-LrujSM-w9WEkzecEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.84.0-185.94.86.255
185.168.112.0/23
IPv6:
2a04:2d00::/48
2a04:2d01::/48
2a0b:f600::/48
Signature Algorithm: sha256WithRSAEncryption
a8:f7:7e:8d:9c:46:3b:0e:7e:f4:91:16:9b:e7:06:73:72:fc:
7d:39:9b:d3:15:d1:a1:08:bb:4e:46:5b:78:6c:c3:9f:9a:0d:
4e:c9:45:8a:6b:bc:c3:a1:33:31:32:c3:44:86:e0:49:10:d3:
e7:21:7a:4b:08:e3:75:91:8e:63:ed:3c:13:b2:64:72:09:3e:
67:b0:b7:fe:4b:1f:c4:21:88:5f:30:e3:83:ed:87:1b:cb:d3:
56:96:8b:fc:83:e3:72:0c:89:ad:95:ec:0d:49:0a:59:8f:be:
ed:af:cf:54:50:25:e9:15:31:42:65:de:02:4e:d8:91:31:34:
de:2c:1d:3d:1f:e0:5f:6b:40:84:59:43:25:1d:c6:80:81:b5:
c3:99:14:20:29:e5:6f:61:96:45:c2:31:37:cb:f2:1a:e1:6c:
aa:b5:82:c5:11:6d:69:9b:16:38:50:4a:fb:09:12:be:31:25:
75:a8:d5:3e:70:2c:c5:83:0d:9c:40:0d:f7:9b:35:46:5d:7f:
a2:0e:9d:bf:41:70:4d:93:64:7a:09:71:e3:c9:5e:23:39:3b:
3c:9e:f2:e2:31:4c:6b:c3:83:47:0d:8d:c4:4a:bc:7b:fe:26:
b1:7e:62:71:bd:a6:d6:19:af:ef:da:14:99:30:40:b2:07:b1:
99:e9:18:9f
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZQks+X15BNG3ALcBeD1EeWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTU3OWY1YjY3M2RiZTJlYmJhMzQ4Y2ZiMGY1NjEyNGNk
ZTcwNDgwHhcNMjUwMTAyMDE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTVjZWUzM2MwN2FhMWY1ZjEyNTE0ZjAyOTIzYTFlMmU0MjcxZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorD7gKHQzcefJmJ1ArYp6do/rR7Y
qaXslSOBjaz8UISBSD5PFJUZyPzANM8t6IQuBbnMhj6qPJxdfJox+wwl1tlCX0ya
DDhzQLOaabvVpsHFm8TUqZJZM9N22YPvFMTgUzqGeGyLL2Z9p9XSYngDq1LMh3js
/tD1NG53QIzZ6Si5ouyonvL3vgQqK5EdYut8o2Cok1qMAtfGx90G7eRWIxJvZOm3
Kgs6p4ibHmqLfwURIqEgrkgi9PGKY3urpnwgC2GjuTQyoZsPSNxPE8z1VsPTiYQ6
NZz/UL97Q53BX1phomDDozISbfQBawWIYVBQkWeGwYCYgDDoK/yCOvMtbQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFCVc7jPAeqH18SUU8CkjoeLkJx2fMB8GA1UdIwQY
MBaAFClVefW2c9vi67o0jPsPVhJM3nBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZWNTliWnoyLUxydWpTTS13OVdFa3plY0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xNTc0YzktMDFkNS00OGZkLTk4MGYt
MzQzYzRkMjRjMjNiLzEvSlZ6dU04QjZvZlh4SlJUd0tTT2g0dVFuSFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xNTc0YzktMDFkNS00OGZkLTk4MGYtMzQzYzRkMjRjMjNi
LzEvS1ZWNTliWnoyLUxydWpTTS13OVdFa3plY0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAaBAIAATAUMAwDBAK5XlQD
BAC5XlYDBAG5qHAwIQQCAAIwGwMHACoELQAAAAMHACoELQEAAAMHACoL9gAAADAN
BgkqhkiG9w0BAQsFAAOCAQEAqPd+jZxGOw5+9JEWm+cGc3L8fTmb0xXRoQi7TkZb
eGzDn5oNTslFimu8w6EzMTLDRIbgSRDT5yF6SwjjdZGOY+08E7Jkcgk+Z7C3/ksf
xCGIXzDjg+2HG8vTVpaL/IPjcgyJrZXsDUkKWY++7a/PVFAl6RUxQmXeAk7YkTE0
3iwdPR/gX2tAhFlDJR3GgIG1w5kUICnlb2GWRcIxN8vyGuFsqrWCxRFtaZsWOFBK
+wkSvjEldajVPnAsxYMNnEAN95s1Rl1/og6dv0FwTZNkeglx48leIzk7PJ7y4jFM
a8ODRw2NxEq8e/4msX5icb2m1hmv79oUmTBAsgexmekYnw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:32:11 2025 by rpki-client