Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/Kw1AzsNWjphqCxFEI8zvxxKk-4E.roa
File: Kw1AzsNWjphqCxFEI8zvxxKk-4E.roa (raw, json)
Hash identifier: 02mwLZVS9V2HuLFBIdWLYALyxWsEeq02GbwMCR2pv1g=
Subject key identifier: 2B:0D:40:CE:C3:56:8E:98:6A:0B:11:44:23:CC:EF:C7:12:A4:FB:81
Certificate issuer: /CN=4982b1719b4fec708ba66b297abe0db08fad0e1e
Certificate serial: 019421B1A70E9EF8EC51C219D6750F35D593
Authority key identifier: 49:82:B1:71:9B:4F:EC:70:8B:A6:6B:29:7A:BE:0D:B0:8F:AD:0E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYKxcZtP7HCLpmsper4NsI-tDh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/Kw1AzsNWjphqCxFEI8zvxxKk-4E.roa
Signing time: Wed 01 Jan 2025 11:47:58 +0000
ROA not before: Wed 01 Jan 2025 11:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201026
IP address blocks: 185.85.220.0/22 maxlen: 24
185.85.220.0/23 maxlen: 23
185.85.220.0/24 maxlen: 24
185.85.221.0/24 maxlen: 24
185.85.222.0/24 maxlen: 24
185.85.223.0/24 maxlen: 24
2a05:aec0::/29 maxlen: 29
2a05:aec0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a7:0e:9e:f8:ec:51:c2:19:d6:75:0f:35:d5:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4982b1719b4fec708ba66b297abe0db08fad0e1e
Validity
Not Before: Jan 1 11:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b0d40cec3568e986a0b114423ccefc712a4fb81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6f:3b:da:6b:87:c9:01:05:28:8e:d6:9c:bd:
cf:9c:db:16:87:8f:3b:61:96:c4:ac:8a:e7:ac:b1:
22:22:22:5f:b1:ba:c1:6a:da:4a:fa:dd:da:b8:c7:
2a:19:b8:58:22:9e:e9:fa:e4:30:f8:9d:04:b5:94:
a3:07:b7:14:14:ae:88:ec:2c:e6:9e:62:44:2c:d6:
f5:61:01:35:4b:14:3a:83:0a:f0:29:72:d3:60:55:
51:10:df:ff:41:ed:63:c5:16:61:b8:00:41:46:d2:
37:f6:a0:2c:fd:ce:8f:9e:67:82:9c:ae:63:c9:de:
b4:0f:63:19:83:5a:6c:16:b9:e8:f9:ce:67:f9:bb:
9a:c9:57:a3:bd:46:95:c3:a7:30:9f:c7:29:52:e4:
4f:37:d1:20:ca:dd:3f:16:c7:42:2c:21:4b:66:0b:
38:c6:4b:5d:6d:b9:2e:8f:89:19:46:8f:74:f1:22:
88:ab:ab:89:3d:27:b9:58:a7:7e:81:3e:3a:6a:2b:
9c:66:29:9e:96:b9:27:12:7f:dd:d8:7c:60:2c:ae:
a7:74:e6:a9:f2:4b:fa:7a:48:ce:28:60:37:bd:97:
65:11:5d:f6:79:f9:88:e3:2d:74:e2:ea:57:68:5c:
84:7f:e3:fa:8b:96:c2:8f:eb:08:3c:ed:ba:fc:7a:
37:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0D:40:CE:C3:56:8E:98:6A:0B:11:44:23:CC:EF:C7:12:A4:FB:81
X509v3 Authority Key Identifier:
keyid:49:82:B1:71:9B:4F:EC:70:8B:A6:6B:29:7A:BE:0D:B0:8F:AD:0E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYKxcZtP7HCLpmsper4NsI-tDh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/Kw1AzsNWjphqCxFEI8zvxxKk-4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/d8f145-1e0d-471d-8536-ae6b84c28195/1/SYKxcZtP7HCLpmsper4NsI-tDh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.220.0/22
IPv6:
2a05:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
92:97:4f:12:e7:f4:61:45:71:65:3e:7d:db:9f:26:34:78:df:
cf:7d:80:22:e1:38:26:20:1f:2d:c8:7e:45:b4:9d:7e:19:d0:
e4:9c:ab:c4:44:99:aa:89:fc:c7:cf:a0:80:90:29:83:a0:2a:
b3:5f:20:a4:a9:0a:48:7e:f1:e0:32:75:49:11:3b:ae:e8:2e:
42:08:a1:99:ed:8b:a0:00:8e:a3:2c:ca:61:2c:29:59:86:4a:
12:31:dc:3b:8a:96:92:9b:91:43:91:54:7e:81:1c:8f:f9:b2:
de:24:98:18:f9:7f:1f:21:74:c4:c6:ee:93:7f:96:08:18:65:
58:c0:7b:55:6f:1d:81:98:64:04:84:cd:70:90:5d:e2:5a:b8:
7e:e2:7d:8e:c2:85:90:ee:a3:cc:d2:ee:d2:7c:6e:29:53:c0:
3c:5c:0a:d7:f3:34:2f:d7:af:d4:53:d4:65:e6:eb:c5:ea:00:
1b:8d:a7:89:d3:8c:fc:b6:aa:ce:a3:c9:fc:46:ad:4e:3a:da:
f1:37:33:e2:c3:c8:2a:61:d4:ab:b7:b6:bf:c8:44:eb:0b:2e:
eb:50:c3:e4:3c:37:ae:58:72:95:2d:4d:48:19:c7:ba:f8:81:
dd:c2:16:fa:18:c4:0d:d2:62:e9:8a:91:c2:62:70:89:3a:e9:
b2:d8:48:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsacOnvjsUcIZ1nUPNdWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODJiMTcxOWI0ZmVjNzA4YmE2NmIyOTdhYmUwZGIwOGZh
ZDBlMWUwHhcNMjUwMTAxMTE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjBkNDBjZWMzNTY4ZTk4NmEwYjExNDQyM2NjZWZjNzEyYTRmYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2m872muHyQEFKI7WnL3PnNsWh487
YZbErIrnrLEiIiJfsbrBatpK+t3auMcqGbhYIp7p+uQw+J0EtZSjB7cUFK6I7Czm
nmJELNb1YQE1SxQ6gwrwKXLTYFVREN//Qe1jxRZhuABBRtI39qAs/c6PnmeCnK5j
yd60D2MZg1psFrno+c5n+buayVejvUaVw6cwn8cpUuRPN9Egyt0/FsdCLCFLZgs4
xktdbbkuj4kZRo908SKIq6uJPSe5WKd+gT46aiucZimelrknEn/d2HxgLK6ndOap
8kv6ekjOKGA3vZdlEV32efmI4y104upXaFyEf+P6i5bCj+sIPO26/Ho3SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCsNQM7DVo6YagsRRCPM78cSpPuBMB8GA1UdIwQY
MBaAFEmCsXGbT+xwi6ZrKXq+DbCPrQ4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lLeGNadFA3SENMcG1zcGVyNE5zSS10RGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kOGYxNDUtMWUwZC00NzFkLTg1MzYt
YWU2Yjg0YzI4MTk1LzEvS3cxQXpzTldqcGhxQ3hGRUk4enZ4eEtrLTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9kOGYxNDUtMWUwZC00NzFkLTg1MzYtYWU2Yjg0YzI4MTk1
LzEvU1lLeGNadFA3SENMcG1zcGVyNE5zSS10RGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVXcMA0E
AgACMAcDBQMqBa7AMA0GCSqGSIb3DQEBCwUAA4IBAQCSl08S5/RhRXFlPn3bnyY0
eN/PfYAi4TgmIB8tyH5FtJ1+GdDknKvERJmqifzHz6CAkCmDoCqzXyCkqQpIfvHg
MnVJETuu6C5CCKGZ7YugAI6jLMphLClZhkoSMdw7ipaSm5FDkVR+gRyP+bLeJJgY
+X8fIXTExu6Tf5YIGGVYwHtVbx2BmGQEhM1wkF3iWrh+4n2OwoWQ7qPM0u7SfG4p
U8A8XArX8zQv16/UU9Rl5uvF6gAbjaeJ04z8tqrOo8n8Rq1OOtrxNzPiw8gqYdSr
t7a/yETrCy7rUMPkPDeuWHKVLU1IGce6+IHdwhb6GMQN0mLpipHCYnCJOumy2Ej1
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:13:06 2025 by rpki-client