Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/b7x6ZKsbLCwY_tMdnPo9QIIdiU8.roa
File: b7x6ZKsbLCwY_tMdnPo9QIIdiU8.roa (raw, json)
Hash identifier: ZFZsgVw2f50KESlxtMB2pklQZAw0SjfBRhWTVivxDpk=
Subject key identifier: 6F:BC:7A:64:AB:1B:2C:2C:18:FE:D3:1D:9C:FA:3D:40:82:1D:89:4F
Certificate issuer: /CN=e95cc178cdf5ad9279939e5768ae8883ffbf35eb
Certificate serial: 019425FD88BC62463ED97C35EAF30DC735C0
Authority key identifier: E9:5C:C1:78:CD:F5:AD:92:79:93:9E:57:68:AE:88:83:FF:BF:35:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6VzBeM31rZJ5k55XaK6Ig_-_Nes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/b7x6ZKsbLCwY_tMdnPo9QIIdiU8.roa
Signing time: Thu 02 Jan 2025 07:49:19 +0000
ROA not before: Thu 02 Jan 2025 07:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34557
IP address blocks: 85.9.128.0/18 maxlen: 18
85.9.128.0/24 maxlen: 24
85.9.129.0/24 maxlen: 24
85.9.130.0/24 maxlen: 24
85.9.131.0/24 maxlen: 24
85.9.132.0/24 maxlen: 24
85.9.133.0/24 maxlen: 24
85.9.137.0/24 maxlen: 24
85.9.141.0/24 maxlen: 24
85.9.142.0/24 maxlen: 24
85.9.144.0/24 maxlen: 24
85.9.145.0/24 maxlen: 24
85.9.147.0/24 maxlen: 24
85.9.148.0/24 maxlen: 24
85.9.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:88:bc:62:46:3e:d9:7c:35:ea:f3:0d:c7:35:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e95cc178cdf5ad9279939e5768ae8883ffbf35eb
Validity
Not Before: Jan 2 07:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fbc7a64ab1b2c2c18fed31d9cfa3d40821d894f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:71:1c:fa:73:17:36:f5:3f:f9:a7:3d:9e:d2:
97:f4:f2:4b:b4:e4:1c:a3:60:d1:e3:0e:40:2d:69:
f4:f7:12:30:de:1e:18:b3:d7:2d:c1:7c:34:08:d4:
7e:9a:b8:6d:c3:45:64:56:1a:0f:65:c1:f8:de:df:
98:30:19:5c:e7:0c:46:9a:95:b7:3c:77:e9:a8:8f:
b6:f6:45:9e:e1:6b:96:6d:9a:87:d0:84:24:69:ad:
ee:67:0f:fd:b2:e6:af:2b:c6:71:ee:db:19:c0:1d:
4a:4c:75:e3:fd:89:f5:16:0d:3b:d4:51:dc:6a:75:
c5:78:66:21:70:ef:0d:8f:19:66:f9:4a:bc:02:bb:
71:6a:5a:12:ef:ba:a7:d8:b4:37:bd:18:a5:49:c0:
af:1d:9c:05:f6:85:48:be:65:ce:b9:8a:2e:7c:ad:
19:4c:8c:1c:0e:54:04:24:33:52:5b:b5:55:88:63:
41:93:55:16:8e:b9:9b:b2:f2:ad:b8:c6:7e:fe:05:
ef:7f:3d:44:a6:dd:53:bc:30:62:a1:42:25:84:a7:
bc:f3:66:8e:e2:09:76:c8:7b:3f:af:00:c7:79:93:
e6:7f:30:17:40:c4:6d:bb:87:07:1d:2a:fa:08:97:
f8:1e:c2:10:35:df:01:f5:0a:05:b3:c4:0e:d2:54:
19:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BC:7A:64:AB:1B:2C:2C:18:FE:D3:1D:9C:FA:3D:40:82:1D:89:4F
X509v3 Authority Key Identifier:
keyid:E9:5C:C1:78:CD:F5:AD:92:79:93:9E:57:68:AE:88:83:FF:BF:35:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6VzBeM31rZJ5k55XaK6Ig_-_Nes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/b7x6ZKsbLCwY_tMdnPo9QIIdiU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/6VzBeM31rZJ5k55XaK6Ig_-_Nes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.128.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:f1:30:5a:b1:fe:cd:33:2f:f2:d4:d9:72:c2:ef:a1:e4:54:
47:1e:5b:20:59:7d:38:70:d0:68:3f:29:03:21:c3:cb:83:02:
f1:9e:28:e8:15:76:9c:a9:9a:a3:a0:b3:ac:d5:48:ca:ba:bc:
fc:70:45:a6:29:f9:e4:be:11:eb:7f:f2:7d:68:85:6a:4f:ca:
15:d8:85:e1:92:3d:f7:cc:a6:51:40:f1:21:87:cd:f6:f5:73:
72:86:3e:61:41:a5:10:78:34:2e:5c:3c:69:54:f0:2e:e9:a0:
bb:fe:b3:89:f3:bb:5f:f4:9b:09:c8:b9:8c:8e:27:3b:36:07:
49:19:78:63:4a:ba:b5:d9:d6:ea:45:f4:92:16:71:da:05:17:
80:85:53:bb:ea:c6:55:1a:f8:b1:20:94:36:ef:ef:3b:52:7c:
0d:88:0b:3a:f9:80:03:5e:4e:81:cf:5e:8b:ef:5d:75:37:a6:
8a:b4:e3:32:12:5c:a1:e2:20:5e:fd:b9:b2:8b:23:1e:db:b8:
f8:e7:83:30:09:4f:cc:72:d4:55:9a:55:e8:67:f1:7b:a0:5f:
72:a5:8e:3a:fd:41:d1:21:10:21:07:86:95:f2:92:0a:b3:19:
12:2e:ca:2f:c1:89:5e:47:c1:00:e2:29:9d:52:c2:4e:2b:2d:
58:f9:ce:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/Yi8YkY+2Xw16vMNxzXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NWNjMTc4Y2RmNWFkOTI3OTkzOWU1NzY4YWU4ODgzZmZi
ZjM1ZWIwHhcNMjUwMTAyMDc0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJjN2E2NGFiMWIyYzJjMThmZWQzMWQ5Y2ZhM2Q0MDgyMWQ4OTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXEc+nMXNvU/+ac9ntKX9PJLtOQc
o2DR4w5ALWn09xIw3h4Ys9ctwXw0CNR+mrhtw0VkVhoPZcH43t+YMBlc5wxGmpW3
PHfpqI+29kWe4WuWbZqH0IQkaa3uZw/9suavK8Zx7tsZwB1KTHXj/Yn1Fg071FHc
anXFeGYhcO8Njxlm+Uq8ArtxaloS77qn2LQ3vRilScCvHZwF9oVIvmXOuYoufK0Z
TIwcDlQEJDNSW7VViGNBk1UWjrmbsvKtuMZ+/gXvfz1Ept1TvDBioUIlhKe882aO
4gl2yHs/rwDHeZPmfzAXQMRtu4cHHSr6CJf4HsIQNd8B9QoFs8QO0lQZrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+8emSrGywsGP7THZz6PUCCHYlPMB8GA1UdIwQY
MBaAFOlcwXjN9a2SeZOeV2iuiIP/vzXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlZ6QmVNMzFyWko1azU1WGFLNklnXy1fTmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MzI0NjMtYzJkYy00Y2I4LWJjNGYt
MmRmOTlkODEyM2I3LzEvYjd4NlpLc2JMQ3dZX3RNZG5QbzlRSUlkaVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MzI0NjMtYzJkYy00Y2I4LWJjNGYtMmRmOTlkODEyM2I3
LzEvNlZ6QmVNMzFyWko1azU1WGFLNklnXy1fTmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGVQmAMA0G
CSqGSIb3DQEBCwUAA4IBAQAK8TBasf7NMy/y1Nlywu+h5FRHHlsgWX04cNBoPykD
IcPLgwLxnijoFXacqZqjoLOs1UjKurz8cEWmKfnkvhHrf/J9aIVqT8oV2IXhkj33
zKZRQPEhh8329XNyhj5hQaUQeDQuXDxpVPAu6aC7/rOJ87tf9JsJyLmMjic7NgdJ
GXhjSrq12dbqRfSSFnHaBReAhVO76sZVGvixIJQ27+87UnwNiAs6+YADXk6Bz16L
7111N6aKtOMyElyh4iBe/bmyiyMe27j454MwCU/MctRVmlXoZ/F7oF9ypY46/UHR
IRAhB4aV8pIKsxkSLsovwYleR8EA4imdUsJOKy1Y+c60
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:02:37 2025 by rpki-client