Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/gMwhDW6NwhqH17AmubXhnEQZXuc.roa
File: gMwhDW6NwhqH17AmubXhnEQZXuc.roa (raw, json)
Hash identifier: TUfQlTJ+EegzN6uNn8zdpYewE/9VWEyjejpMqF3xdy8=
Subject key identifier: 80:CC:21:0D:6E:8D:C2:1A:87:D7:B0:26:B9:B5:E1:9C:44:19:5E:E7
Certificate issuer: /CN=46eb3b3b579c90b4b996a7fe40f20503913a25cf
Certificate serial: FF0874
Authority key identifier: 46:EB:3B:3B:57:9C:90:B4:B9:96:A7:FE:40:F2:05:03:91:3A:25:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rus7O1eckLS5lqf-QPIFA5E6Jc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/gMwhDW6NwhqH17AmubXhnEQZXuc.roa
Signing time: Mon 09 May 2022 20:16:32 +0000
ROA not before: Mon 09 May 2022 20:16:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20722
IP address blocks: 85.204.44.0/22 maxlen: 22
85.204.44.0/24 maxlen: 24
194.102.188.0/24 maxlen: 24
185.88.130.0/23 maxlen: 23
185.88.131.0/24 maxlen: 24
85.204.56.0/21 maxlen: 21
85.204.56.0/24 maxlen: 24
85.204.57.0/24 maxlen: 24
85.204.58.0/24 maxlen: 24
85.204.59.0/24 maxlen: 24
85.204.60.0/24 maxlen: 24
85.204.61.0/24 maxlen: 24
85.204.62.0/24 maxlen: 24
85.204.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16713844 (0xff0874)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46eb3b3b579c90b4b996a7fe40f20503913a25cf
Validity
Not Before: May 9 20:16:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80cc210d6e8dc21a87d7b026b9b5e19c44195ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ba:ff:65:08:5f:67:be:ec:97:0b:d5:e0:82:
13:07:c0:1f:45:69:43:4c:c1:3b:d8:a5:b8:b9:29:
be:52:91:f2:75:dc:59:8f:af:7f:8d:1e:c8:f8:7b:
5a:a8:3c:d3:f2:92:7e:f8:d5:47:5a:89:3f:d3:b4:
f8:c4:66:cf:69:9c:6b:3a:7f:e8:e1:ac:2e:d7:d2:
a0:f3:5e:51:dd:14:84:a6:60:b7:50:e4:bf:48:8a:
02:93:4e:37:04:5b:2a:62:17:b1:21:db:de:4b:b2:
a7:a6:62:96:a3:68:79:05:e6:ae:2a:b4:e3:af:3d:
c4:ed:90:7a:33:5e:61:c2:c4:e3:0d:88:66:87:4d:
34:9e:20:e1:95:37:4b:fd:f9:6e:95:72:ac:85:07:
b7:f5:ef:23:44:b1:34:e1:b8:f4:28:5e:80:69:fd:
6f:5f:c0:5e:d7:a1:87:e1:24:b4:7d:89:f6:6f:34:
a1:19:06:ee:bf:59:3f:bd:57:50:4a:17:b7:bf:fd:
a4:d7:2f:13:30:b1:bf:3f:69:dc:35:3f:75:15:3d:
f0:43:d8:3c:93:e6:77:af:b7:9f:a2:88:07:bd:33:
a2:33:52:5f:b0:56:b3:cf:04:e1:ba:c8:8a:bb:8a:
fa:8e:3b:6d:de:13:4a:5b:f9:ee:60:0c:6e:25:ef:
b3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:CC:21:0D:6E:8D:C2:1A:87:D7:B0:26:B9:B5:E1:9C:44:19:5E:E7
X509v3 Authority Key Identifier:
keyid:46:EB:3B:3B:57:9C:90:B4:B9:96:A7:FE:40:F2:05:03:91:3A:25:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rus7O1eckLS5lqf-QPIFA5E6Jc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/gMwhDW6NwhqH17AmubXhnEQZXuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/Rus7O1eckLS5lqf-QPIFA5E6Jc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.44.0/22
85.204.56.0/21
185.88.130.0/23
194.102.188.0/24
Signature Algorithm: sha256WithRSAEncryption
96:40:37:31:a2:53:fb:25:a7:83:73:12:03:c4:38:5d:71:f6:
0c:30:19:62:a9:0f:67:31:3f:22:b6:1d:ef:cc:4b:ff:eb:20:
ce:5e:2f:9a:98:b4:80:0b:81:06:aa:52:a3:34:74:45:e2:df:
f0:80:02:24:ff:47:5b:fa:0e:cd:a9:c5:7c:cb:0a:62:99:41:
9a:72:17:bc:4c:68:e3:6d:e6:6b:e1:8a:1a:76:03:89:10:a9:
14:a5:45:48:98:47:a0:fc:4b:24:ba:6e:75:5f:e2:40:7a:00:
44:18:96:7b:c0:83:81:b1:66:28:37:7a:d8:ae:6c:33:56:7c:
20:2c:74:bf:53:14:52:18:8a:c7:78:09:18:81:0b:26:86:5b:
aa:2a:b2:d5:78:7a:58:41:9b:10:44:ff:8c:df:4d:dd:3b:b2:
e3:01:b0:da:c5:8d:eb:9e:a3:6e:93:4b:66:d0:32:63:d1:2d:
ab:4b:67:74:7e:da:c6:4c:58:bf:ea:16:e1:75:38:55:13:72:
d0:af:cf:d6:00:89:34:00:74:f0:b8:16:f5:d9:93:2c:65:f1:
7e:dd:2e:7a:8c:c3:3e:50:25:49:13:9b:76:70:05:5f:03:c8:
32:92:e1:c8:8e:50:4e:bf:61:de:41:75:35:4c:8f:a5:08:80:
5b:bb:77:3e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAP8IdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmViM2IzYjU3OWM5MGI0Yjk5NmE3ZmU0MGYyMDUwMzkxM2EyNWNmMB4XDTIyMDUw
OTIwMTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBjYzIxMGQ2ZThk
YzIxYTg3ZDdiMDI2YjliNWUxOWM0NDE5NWVlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALi6/2UIX2e+7JcL1eCCEwfAH0VpQ0zBO9iluLkpvlKR8nXc
WY+vf40eyPh7Wqg80/KSfvjVR1qJP9O0+MRmz2mcazp/6OGsLtfSoPNeUd0UhKZg
t1Dkv0iKApNONwRbKmIXsSHb3kuyp6ZilqNoeQXmriq04689xO2QejNeYcLE4w2I
ZodNNJ4g4ZU3S/35bpVyrIUHt/XvI0SxNOG49ChegGn9b1/AXtehh+EktH2J9m80
oRkG7r9ZP71XUEoXt7/9pNcvEzCxvz9p3DU/dRU98EPYPJPmd6+3n6KIB70zojNS
X7BWs88E4brIiruK+o47bd4TSlv57mAMbiXvs7kCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSAzCENbo3CGofXsCa5teGcRBle5zAfBgNVHSMEGDAWgBRG6zs7V5yQtLmW
p/5A8gUDkTolzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1J1czdPMWVja0xTNWxxZi1RUElGQTVFNkpjOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvYTZhZDlmLThkNjktNDZlYS1iZDdjLTMyYjE1MGY4ZTYxZi8x
L2dNd2hEVzZOd2hxSDE3QW11YlhobkVRWlh1Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
YTZhZDlmLThkNjktNDZlYS1iZDdjLTMyYjE1MGY4ZTYxZi8xL1J1czdPMWVja0xT
NWxxZi1RUElGQTVFNkpjOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlXMLAMEA1XMOAMEAblYggMEAMJm
vDANBgkqhkiG9w0BAQsFAAOCAQEAlkA3MaJT+yWng3MSA8Q4XXH2DDAZYqkPZzE/
IrYd78xL/+sgzl4vmpi0gAuBBqpSozR0ReLf8IACJP9HW/oOzanFfMsKYplBmnIX
vExo423ma+GKGnYDiRCpFKVFSJhHoPxLJLpudV/iQHoARBiWe8CDgbFmKDd62K5s
M1Z8ICx0v1MUUhiKx3gJGIELJoZbqiqy1Xh6WEGbEET/jN9N3Tuy4wGw2sWN656j
bpNLZtAyY9Etq0tndH7axkxYv+oW4XU4VRNy0K/P1gCJNAB08LgW9dmTLGXxft0u
eozDPlAlSRObdnAFXwPIMpLhyI5QTr9h3kF1NUyPpQiAW7t3Pg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:09:43 2025 by rpki-client