Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/d6ev5Lq_SgXWZaDiFmTX8HhBeK8.roa
File: d6ev5Lq_SgXWZaDiFmTX8HhBeK8.roa (raw, json)
Hash identifier: 7NMCb/zeY3TNsahsQ59GZgDuhRzC5SGnnyyZpSOipqs=
Subject key identifier: 77:A7:AF:E4:BA:BF:4A:05:D6:65:A0:E2:16:64:D7:F0:78:41:78:AF
Certificate issuer: /CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Certificate serial: 019427B5F2341E6E945F895BF1556E9A62B8
Authority key identifier: C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/d6ev5Lq_SgXWZaDiFmTX8HhBeK8.roa
Signing time: Thu 02 Jan 2025 15:50:22 +0000
ROA not before: Thu 02 Jan 2025 15:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29283
IP address blocks: 85.184.64.0/19 maxlen: 19
85.184.78.0/24 maxlen: 24
85.184.94.0/24 maxlen: 24
89.33.144.0/21 maxlen: 21
94.199.120.0/21 maxlen: 21
149.232.176.0/21 maxlen: 21
185.6.60.0/22 maxlen: 22
185.6.60.0/24 maxlen: 24
185.6.61.0/24 maxlen: 24
185.6.62.0/24 maxlen: 24
213.174.96.0/19 maxlen: 19
213.174.96.0/24 maxlen: 24
213.174.98.0/24 maxlen: 24
213.174.99.0/24 maxlen: 24
213.174.127.0/24 maxlen: 24
2a02:6c40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:f2:34:1e:6e:94:5f:89:5b:f1:55:6e:9a:62:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Validity
Not Before: Jan 2 15:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77a7afe4babf4a05d665a0e21664d7f0784178af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5b:2f:6c:7a:0c:81:b2:bb:53:d1:64:02:c1:
d4:6f:24:c8:a4:57:3d:94:6f:37:ae:fa:4a:85:e1:
66:98:47:8e:7a:b3:c9:85:73:cd:f8:fa:1b:34:6d:
ac:0e:d4:92:28:62:0f:f4:86:12:5f:3c:86:dc:46:
d6:29:97:d4:73:d1:25:38:68:ff:51:44:80:ef:e2:
2f:5e:c2:38:14:c6:e4:8a:e8:48:6c:d5:06:6c:c6:
23:d8:38:a2:08:e5:df:4d:00:b7:3e:37:75:dd:5d:
5d:90:4d:79:56:aa:e3:f9:fb:0a:ad:74:19:9d:ef:
f2:38:44:a5:a8:5a:a1:92:79:ff:89:91:a7:d2:cb:
14:3e:e4:65:45:28:6b:52:a3:54:73:97:4a:5d:7d:
c5:7e:02:96:a8:a4:8b:ff:32:c8:f1:16:db:43:d8:
b3:16:4a:9f:49:ea:b4:8a:24:ca:cc:88:a7:b1:67:
cf:03:71:29:ea:4b:de:0f:14:94:8b:3b:64:41:e2:
04:14:6f:1b:51:29:8a:4f:12:94:4f:df:d2:ff:5a:
c0:d2:80:52:23:6b:42:da:3b:29:81:0e:e8:66:4b:
d1:99:2f:f3:b6:05:da:a4:83:ca:c5:cc:a3:e5:af:
8d:88:72:6b:36:d6:53:42:5d:46:01:11:8a:f9:a1:
8c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A7:AF:E4:BA:BF:4A:05:D6:65:A0:E2:16:64:D7:F0:78:41:78:AF
X509v3 Authority Key Identifier:
keyid:C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/d6ev5Lq_SgXWZaDiFmTX8HhBeK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.184.64.0/19
89.33.144.0/21
94.199.120.0/21
149.232.176.0/21
185.6.60.0/22
213.174.96.0/19
IPv6:
2a02:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
58:0a:9f:07:f6:4a:2a:2f:62:8c:4d:7b:ff:04:4e:d9:01:d0:
38:e5:69:40:62:d5:02:ca:f4:76:01:bd:fb:e4:13:eb:c4:1a:
48:ba:7f:38:72:42:79:82:81:98:ae:39:9b:d9:d2:71:7f:05:
38:50:72:79:f0:36:ea:cb:48:6f:31:9a:15:36:7e:15:2a:f3:
e6:d2:27:02:20:36:63:1c:cc:40:b2:7e:6c:06:f0:89:5d:69:
38:d3:9a:07:e1:06:54:e7:6e:f8:f7:7d:d3:03:5c:37:2f:df:
a6:6a:c4:a2:72:77:4e:2c:7e:54:1b:9f:9f:3d:94:68:f2:26:
2b:7c:53:59:bd:00:2b:5c:ff:93:f9:b0:50:b0:04:58:a6:82:
4f:37:fc:eb:a8:e9:d3:c1:1d:9c:b6:75:32:92:90:0a:dd:f3:
bd:32:44:06:91:c6:66:b7:13:9b:95:bb:54:48:d7:6f:38:2a:
17:65:e3:ca:84:54:6a:18:cb:d0:cf:fc:85:89:ac:fb:be:43:
dc:dd:c9:d6:1f:52:a6:93:ed:b1:bc:3b:72:2e:be:c6:43:11:
ba:8b:3b:47:17:d7:08:f6:87:12:a0:4d:b9:1a:75:eb:21:d7:
40:a6:93:2e:1f:ef:5a:31:4c:0f:d3:87:f3:0a:11:21:16:bc:
78:58:ab:4f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQntfI0Hm6UX4lb8VVummK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZWQ2NGM5M2RkZmRmMmY0OWI3ZWExYzIzZWFhZDA4NzAy
NDlhMzMwHhcNMjUwMTAyMTU1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E3YWZlNGJhYmY0YTA1ZDY2NWEwZTIxNjY0ZDdmMDc4NDE3OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulsvbHoMgbK7U9FkAsHUbyTIpFc9
lG83rvpKheFmmEeOerPJhXPN+PobNG2sDtSSKGIP9IYSXzyG3EbWKZfUc9ElOGj/
UUSA7+IvXsI4FMbkiuhIbNUGbMYj2DiiCOXfTQC3Pjd13V1dkE15Vqrj+fsKrXQZ
ne/yOESlqFqhknn/iZGn0ssUPuRlRShrUqNUc5dKXX3FfgKWqKSL/zLI8RbbQ9iz
FkqfSeq0iiTKzIinsWfPA3Ep6kveDxSUiztkQeIEFG8bUSmKTxKUT9/S/1rA0oBS
I2tC2jspgQ7oZkvRmS/ztgXapIPKxcyj5a+NiHJrNtZTQl1GARGK+aGMjQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHenr+S6v0oF1mWg4hZk1/B4QXivMB8GA1UdIwQY
MBaAFMntZMk9398vSbfqHCPqrQhwJJozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWUxa3lUM2YzeTlKdC1vY0ktcXRDSEFrbWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yYTJhYjItMzA5OC00YTBmLTgwOWMt
MzVlZDViNTNkYTA1LzEvZDZldjVMcV9TZ1hXWmFEaUZtVFg4SGhCZUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yYTJhYjItMzA5OC00YTBmLTgwOWMtMzVlZDViNTNkYTA1
LzEveWUxa3lUM2YzeTlKdC1vY0ktcXRDSEFrbWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFVbhAAwQD
WSGQAwQDXsd4AwQDleiwAwQCuQY8AwQF1a5gMA0EAgACMAcDBQAqAmxAMA0GCSqG
SIb3DQEBCwUAA4IBAQBYCp8H9koqL2KMTXv/BE7ZAdA45WlAYtUCyvR2Ab375BPr
xBpIun84ckJ5goGYrjmb2dJxfwU4UHJ58Dbqy0hvMZoVNn4VKvPm0icCIDZjHMxA
sn5sBvCJXWk405oH4QZU5274933TA1w3L9+masSicndOLH5UG5+fPZRo8iYrfFNZ
vQArXP+T+bBQsARYpoJPN/zrqOnTwR2ctnUykpAK3fO9MkQGkcZmtxOblbtUSNdv
OCoXZePKhFRqGMvQz/yFiaz7vkPc3cnWH1Kmk+2xvDtyLr7GQxG6iztHF9cI9ocS
oE25GnXrIddAppMuH+9aMUwP04fzChEhFrx4WKtP
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:21:28 2025 by rpki-client