Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/7jLXfVCaON2pIBuiNU0Pzw_I9iM.roa
File: 7jLXfVCaON2pIBuiNU0Pzw_I9iM.roa (raw, json)
Hash identifier: 4jsy/djZWB5odNEgKuwK7P9pB0Z3ynzW5kO1QewcBfY=
Subject key identifier: EE:32:D7:7D:50:9A:38:DD:A9:20:1B:A2:35:4D:0F:CF:0F:C8:F6:23
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 01959522F0C156888C201637318180CFCFF2
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/7jLXfVCaON2pIBuiNU0Pzw_I9iM.roa
Signing time: Fri 14 Mar 2025 14:50:49 +0000
ROA not before: Fri 14 Mar 2025 14:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61272
IP address blocks: 85.206.160.0/22 maxlen: 32
85.206.164.0/22 maxlen: 32
85.206.166.58/32 maxlen: 32
85.206.168.0/22 maxlen: 32
85.206.172.0/22 maxlen: 32
85.206.240.0/22 maxlen: 32
88.119.160.0/21 maxlen: 32
88.119.168.0/24 maxlen: 32
88.119.169.0/24 maxlen: 32
88.119.170.0/24 maxlen: 32
88.119.171.0/24 maxlen: 32
88.119.173.0/24 maxlen: 32
88.119.174.0/24 maxlen: 32
88.119.175.0/24 maxlen: 32
91.216.163.0/24 maxlen: 32
185.25.48.0/22 maxlen: 32
185.64.104.0/22 maxlen: 32
213.252.228.0/22 maxlen: 32
213.252.231.0/24 maxlen: 32
213.252.232.0/23 maxlen: 32
213.252.232.0/24 maxlen: 32
213.252.233.0/24 maxlen: 32
213.252.238.0/23 maxlen: 32
213.252.238.0/24 maxlen: 32
2a04:2180::/32 maxlen: 64
2a04:2181:c010::/48 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
2a04:2181:c012::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:95:22:f0:c1:56:88:8c:20:16:37:31:81:80:cf:cf:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Mar 14 14:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee32d77d509a38dda9201ba2354d0fcf0fc8f623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c3:dc:f1:07:7a:63:e2:fa:03:1c:72:81:85:
64:b4:43:94:64:e9:98:4c:40:54:29:a4:49:36:21:
e6:4b:63:a3:8d:37:87:a3:46:9b:28:df:01:a0:85:
c8:c2:e0:d4:c7:06:2f:5f:9b:b6:cb:1e:b9:43:4f:
14:e2:72:3d:c4:ed:d8:b3:bc:9d:f6:cf:eb:42:e1:
f3:5c:09:6f:39:9d:c8:01:cc:66:58:e8:96:18:fc:
ed:28:0f:37:b8:68:f7:e1:00:20:1b:25:7b:a9:d1:
13:8f:a2:3c:7f:43:b6:c5:02:c7:34:bb:a2:4e:f6:
90:b2:5b:11:07:4b:50:35:df:84:1a:a3:2f:51:e5:
71:d2:83:17:f4:28:bf:97:5e:12:07:da:d6:74:27:
64:8a:22:d2:0b:fe:43:fe:af:15:e9:05:d0:b4:17:
b1:64:d6:d6:0c:ba:5d:b4:45:1b:44:c6:2f:e2:ed:
94:62:f5:2b:08:d2:74:e4:95:90:73:c5:12:13:92:
de:65:99:3d:26:da:3c:a2:b4:a2:fc:57:ce:26:1c:
c9:2a:c7:54:39:ad:b5:22:04:61:e0:97:b2:2c:8e:
5c:86:95:65:60:11:db:60:d3:3d:97:d3:2b:47:69:
3b:b4:a2:43:66:34:f3:e1:41:e2:b2:62:f2:f4:24:
60:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:32:D7:7D:50:9A:38:DD:A9:20:1B:A2:35:4D:0F:CF:0F:C8:F6:23
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/7jLXfVCaON2pIBuiNU0Pzw_I9iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0-88.119.171.255
88.119.173.0-88.119.175.255
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
213.252.228.0-213.252.233.255
213.252.238.0/23
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9f:88:48:d6:c3:27:fa:29:44:d0:b3:55:03:3e:e1:5d:58:fe:
99:9c:0d:b9:2f:04:b7:8a:eb:8b:34:8c:38:c0:03:b4:4a:5e:
ea:05:09:e8:d3:8d:98:67:a6:61:c7:ee:49:c6:69:68:3e:88:
c5:67:01:da:19:bf:1d:5e:f9:93:26:a0:20:da:3a:f4:e2:3d:
1b:6e:1c:05:38:15:b8:f2:49:ae:a1:19:02:35:ed:71:24:23:
d5:c2:e2:50:e3:2d:c9:50:e9:e9:16:17:3d:40:88:97:cb:63:
94:25:ed:34:03:87:16:dc:07:af:9b:0b:e4:84:10:3c:cd:84:
ee:e2:1e:99:bc:84:3e:fb:8c:2c:c7:24:f4:a2:78:08:9b:80:
3f:7d:0a:63:85:be:b3:71:81:7e:7b:45:51:14:89:0f:02:05:
f0:fa:27:23:8d:21:12:44:e4:35:6a:65:50:17:78:af:df:57:
29:ec:42:c2:d4:85:bd:a3:a8:bb:bc:dc:2d:02:45:2c:de:1f:
31:d4:90:6f:49:54:53:0e:94:b4:e8:f9:29:9e:36:27:93:39:
57:87:75:92:44:9a:42:08:88:46:b4:ee:fa:3b:e9:91:89:c0:
ca:8b:32:0c:6c:1b:e0:fb:d5:53:36:4a:f4:3d:56:8f:92:cd:
42:5f:e9:0a
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZWVIvDBVoiMIBY3MYGAz8/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjUwMzE0MTQ1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTMyZDc3ZDUwOWEzOGRkYTkyMDFiYTIzNTRkMGZjZjBmYzhmNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsPc8Qd6Y+L6AxxygYVktEOUZOmY
TEBUKaRJNiHmS2OjjTeHo0abKN8BoIXIwuDUxwYvX5u2yx65Q08U4nI9xO3Ys7yd
9s/rQuHzXAlvOZ3IAcxmWOiWGPztKA83uGj34QAgGyV7qdETj6I8f0O2xQLHNLui
TvaQslsRB0tQNd+EGqMvUeVx0oMX9Ci/l14SB9rWdCdkiiLSC/5D/q8V6QXQtBex
ZNbWDLpdtEUbRMYv4u2UYvUrCNJ05JWQc8USE5LeZZk9Jto8orSi/FfOJhzJKsdU
Oa21IgRh4JeyLI5chpVlYBHbYNM9l9MrR2k7tKJDZjTz4UHismLy9CRguQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFO4y131QmjjdqSAbojVND88PyPYjMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEvN2pMWGZWQ2FPTjJwSUJ1aU5VMFB6d19JOWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwVAQCAAEwTgMEBFXOoAME
AlXO8DAMAwQFWHegAwQCWHeoMAwDBABYd60DBARYd6ADBABb2KMDBAK5GTADBAK5
QGgwDAMEAtX85AMEAdX86AMEAdX87jAhBAIAAjAbAwUAKgQhgDASAwcEKgQhgcAQ
AwcAKgQhgcASMA0GCSqGSIb3DQEBCwUAA4IBAQCfiEjWwyf6KUTQs1UDPuFdWP6Z
nA25LwS3iuuLNIw4wAO0Sl7qBQno042YZ6Zhx+5JxmloPojFZwHaGb8dXvmTJqAg
2jr04j0bbhwFOBW48kmuoRkCNe1xJCPVwuJQ4y3JUOnpFhc9QIiXy2OUJe00A4cW
3AevmwvkhBA8zYTu4h6ZvIQ++4wsxyT0ongIm4A/fQpjhb6zcYF+e0VRFIkPAgXw
+icjjSESROQ1amVQF3iv31cp7ELC1IW9o6i7vNwtAkUs3h8x1JBvSVRTDpS06Pkp
njYnkzlXh3WSRJpCCIhGtO76O+mRicDKizIMbBvg+9VTNkr0PVaPks1CX+kK
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:34:06 2025 by rpki-client