Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/dVNypIi5TMUPRWZbGjNPncY4Vgs.roa
File: dVNypIi5TMUPRWZbGjNPncY4Vgs.roa (raw, json)
Hash identifier: pcdcDvvm2WvXQvM0gMEQ8nPGvhEKpgKnRVYVVdKC7Co=
Subject key identifier: 75:53:72:A4:88:B9:4C:C5:0F:45:66:5B:1A:33:4F:9D:C6:38:56:0B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01950E02DA68B55CC6A8F0D51A85A7D24179
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/dVNypIi5TMUPRWZbGjNPncY4Vgs.roa
Signing time: Sun 16 Feb 2025 09:07:02 +0000
ROA not before: Sun 16 Feb 2025 09:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.128.0/22 maxlen: 22
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.133.0/24 maxlen: 24
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.140.0/24 maxlen: 24
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.167.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
85.133.168.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
85.133.170.0/24 maxlen: 24
85.133.171.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.173.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.175.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.176.0/24 maxlen: 24
85.133.177.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.180.0/24 maxlen: 24
85.133.181.0/24 maxlen: 24
85.133.182.0/24 maxlen: 24
85.133.183.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.184.0/24 maxlen: 24
85.133.185.0/24 maxlen: 24
85.133.186.0/24 maxlen: 24
85.133.187.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.188.0/24 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.190.0/24 maxlen: 24
85.133.191.0/24 maxlen: 24
85.133.192.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.210.0/23 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/23 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.249.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0e:02:da:68:b5:5c:c6:a8:f0:d5:1a:85:a7:d2:41:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 16 09:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=755372a488b94cc50f45665b1a334f9dc638560b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b5:40:01:14:dd:f4:1c:dd:42:07:8f:47:09:
2a:d1:c9:cc:a4:8d:91:cf:ef:69:17:0d:81:9e:c0:
af:ab:01:da:e0:30:bd:df:ba:83:d7:22:f9:b7:66:
8d:47:29:d4:a0:fb:05:c2:50:c8:69:98:c5:cc:3e:
f2:ba:df:4b:81:2b:e7:f8:62:2b:75:2e:ab:13:0a:
6c:39:9b:ea:9d:0d:40:76:59:03:57:bc:b5:af:23:
f8:ba:d2:7d:c3:91:b6:17:8b:df:6b:3f:fd:a4:db:
5f:6c:a0:16:5f:9d:50:04:1f:43:3e:70:29:72:ca:
e6:84:3e:1d:a3:75:f9:26:b5:9d:e9:bd:38:47:b5:
ca:1e:17:eb:a2:2b:3a:6e:3f:ae:e1:46:65:c7:7e:
96:49:55:ab:2d:6f:b6:af:5e:55:db:32:93:4f:cf:
52:a9:c6:0a:22:03:88:c2:2a:a6:63:d2:42:40:89:
ed:ed:a4:86:7f:09:af:9e:0f:50:6d:3c:8d:a7:93:
b4:66:01:40:4a:04:26:56:60:ff:4d:11:6d:aa:1a:
db:2e:aa:17:25:a8:ef:b7:65:a9:3a:c5:8c:32:2e:
81:e3:39:2c:6b:33:66:34:59:4e:70:cb:82:dc:e8:
3c:eb:a1:d4:0d:ec:af:66:42:6e:79:ef:32:fd:6b:
35:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:53:72:A4:88:B9:4C:C5:0F:45:66:5B:1A:33:4F:9D:C6:38:56:0B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/dVNypIi5TMUPRWZbGjNPncY4Vgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/19
85.133.164.0-85.133.192.255
85.133.209.0-85.133.213.255
85.133.220.0/24
85.133.223.0/24
85.133.225.0-85.133.226.255
85.133.228.0-85.133.232.255
85.133.235.0/24
85.133.239.0/24
85.133.244.0/23
85.133.247.0-85.133.249.255
85.133.255.0/24
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:73:5c:c3:0c:33:67:d0:0a:62:9e:dc:8c:85:7c:af:9d:30:
6c:d2:fd:e3:92:96:9d:58:c9:8a:1c:c6:55:7d:a4:73:6b:53:
9b:07:60:05:b0:a5:64:4c:86:a2:c2:9e:de:98:b9:31:9a:e3:
f8:72:33:ca:fe:45:29:0e:72:a9:b7:d0:57:1a:99:27:19:2b:
44:ad:d4:a7:46:c2:5a:69:fe:9e:92:72:63:ba:cf:28:47:4c:
7d:7a:3e:a0:ef:b6:4b:1a:38:6f:a8:f8:a7:db:b8:84:3f:a2:
ba:41:73:bc:ba:b4:1b:b7:66:ee:f1:39:5b:2a:2c:b5:01:76:
83:13:10:a2:a0:47:34:e2:78:a8:22:1b:95:1b:63:2f:b4:ec:
5f:10:7f:9f:ca:21:b8:cb:93:de:9a:1e:bd:3c:e0:2e:7e:28:
c5:f9:da:4a:3d:3a:26:7f:7a:c2:7e:4f:7b:01:32:57:0a:0c:
7d:0f:22:c7:92:7c:75:35:a9:79:b4:9a:f6:ac:e6:b5:d9:ee:
c2:66:73:ae:ac:1a:3a:8e:65:13:13:c8:f6:80:17:4a:f6:cc:
d3:f8:4f:66:88:73:16:f9:52:d4:3a:e7:b5:74:62:26:9f:e0:
5c:c0:fc:b9:1f:69:81:e2:51:d8:3b:bc:97:cf:8d:d5:aa:f7:
0f:42:ca:8a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZUOAtpotVzGqPDVGoWn0kF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMjE2MDkwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTUzNzJhNDg4Yjk0Y2M1MGY0NTY2NWIxYTMzNGY5ZGM2Mzg1NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7VAARTd9BzdQgePRwkq0cnMpI2R
z+9pFw2BnsCvqwHa4DC937qD1yL5t2aNRynUoPsFwlDIaZjFzD7yut9LgSvn+GIr
dS6rEwpsOZvqnQ1AdlkDV7y1ryP4utJ9w5G2F4vfaz/9pNtfbKAWX51QBB9DPnAp
csrmhD4do3X5JrWd6b04R7XKHhfrois6bj+u4UZlx36WSVWrLW+2r15V2zKTT89S
qcYKIgOIwiqmY9JCQInt7aSGfwmvng9QbTyNp5O0ZgFASgQmVmD/TRFtqhrbLqoX
Jajvt2WpOsWMMi6B4zksazNmNFlOcMuC3Og866HUDeyvZkJuee8y/Ws1AQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFHVTcqSIuUzFD0VmWxozT53GOFYLMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZFZOeXBJaTVUTVVQUldaYkdqTlBuY1k0VmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQFVYWA
MAwDBAJVhaQDBABVhcAwDAMEAFWF0QMEAVWF1AMEAFWF3AMEAFWF3zAMAwQAVYXh
AwQAVYXiMAwDBAJVheQDBABVhegDBABVhesDBABVhe8DBAFVhfQwDAMEAFWF9wME
AVWF+AMEAFWF/zANBAIAAjAHAwUDKgSHwDANBgkqhkiG9w0BAQsFAAOCAQEAAXNc
wwwzZ9AKYp7cjIV8r50wbNL945KWnVjJihzGVX2kc2tTmwdgBbClZEyGosKe3pi5
MZrj+HIzyv5FKQ5yqbfQVxqZJxkrRK3Up0bCWmn+npJyY7rPKEdMfXo+oO+2Sxo4
b6j4p9u4hD+iukFzvLq0G7dm7vE5WyostQF2gxMQoqBHNOJ4qCIblRtjL7TsXxB/
n8ohuMuT3poevTzgLn4oxfnaSj06Jn96wn5PewEyVwoMfQ8ix5J8dTWpebSa9qzm
tdnuwmZzrqwaOo5lExPI9oAXSvbM0/hPZohzFvlS1DrntXRiJp/gXMD8uR9pgeJR
2Du8l8+N1ar3D0LKig==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:14 2025 by rpki-client