Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/pYYheMngH9PrFAWYb7D0Rnwh3Rc.roa
File: pYYheMngH9PrFAWYb7D0Rnwh3Rc.roa (raw, json)
Hash identifier: Kusa3kjA5UvOGnNhZkPG36CpyMnLT1XxrIsJiFszyIE=
Subject key identifier: A5:86:21:78:C9:E0:1F:D3:EB:14:05:98:6F:B0:F4:46:7C:21:DD:17
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019427B602A4B5D0DEEF1DFEB4146FB34176
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/pYYheMngH9PrFAWYb7D0Rnwh3Rc.roa
Signing time: Thu 02 Jan 2025 15:50:27 +0000
ROA not before: Thu 02 Jan 2025 15:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214922
IP address blocks: 85.133.201.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:02:a4:b5:d0:de:ef:1d:fe:b4:14:6f:b3:41:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 15:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5862178c9e01fd3eb1405986fb0f4467c21dd17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:64:e8:38:f8:ea:12:84:50:9a:fb:e9:63:f9:
62:a7:62:17:cb:84:6d:1a:f4:0d:22:f9:d6:03:88:
43:ca:90:59:1e:62:70:29:83:8d:ef:3e:16:58:d5:
78:62:1f:2a:8b:5c:ba:35:96:e2:56:c4:8b:58:4b:
5d:02:41:90:ec:cb:24:c4:c4:11:ff:ec:3a:0f:b1:
3f:6a:3f:01:51:70:c2:78:fe:da:fa:df:bc:44:17:
40:43:b1:3e:71:01:56:55:60:3d:5d:85:08:10:b5:
ef:93:20:fd:90:ea:86:6b:87:77:64:b8:af:95:3f:
d4:2b:c9:46:9c:9b:8a:33:80:4d:f5:3f:6f:c9:29:
71:ff:ed:3a:d0:b1:b4:75:2d:d7:97:dc:d3:f3:04:
26:ac:2e:34:9b:c5:d7:f2:f9:fd:7d:2f:08:0a:29:
b7:c2:3f:ca:3f:9e:ee:ec:48:b2:f2:c7:aa:43:4c:
7e:b4:fb:56:76:ee:ed:df:3c:33:74:68:95:67:61:
06:ea:28:c4:c5:a9:c7:d1:a8:dc:0c:1c:ec:84:da:
21:ac:8e:53:ff:4f:1d:39:4e:92:84:b7:0f:0a:c6:
d7:64:04:2f:f2:68:3b:3e:7c:34:ad:e0:11:14:2e:
5c:49:9f:ea:cf:a6:02:8a:c4:cf:50:4a:49:fc:97:
35:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:86:21:78:C9:E0:1F:D3:EB:14:05:98:6F:B0:F4:46:7C:21:DD:17
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/pYYheMngH9PrFAWYb7D0Rnwh3Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.201.0-85.133.204.255
85.133.238.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:cf:77:9a:70:ec:89:d9:f9:4d:ed:8c:01:ac:1c:39:1d:4a:
86:85:54:21:4e:e3:ea:d3:ea:6a:fd:43:b8:fc:fc:76:75:57:
2e:ff:33:1f:0f:46:30:9c:ab:c0:0a:27:92:81:0c:27:be:00:
dd:bb:c1:1f:8a:e8:4d:70:d7:ef:45:4a:67:22:96:0a:e5:d6:
47:4e:c0:b5:8b:c4:af:67:32:18:04:78:0e:c7:f0:1c:fd:7e:
e7:88:da:d2:b9:8f:8f:da:c5:0f:1a:34:ec:c6:bb:96:2b:b9:
1e:af:d7:ce:44:3d:b2:dc:2a:ac:85:05:de:71:0b:30:c5:f5:
ee:69:c3:aa:8a:31:17:c7:6f:86:1c:9b:de:85:1a:60:11:6e:
b8:52:e9:b0:21:cb:34:2c:75:a0:0c:e8:b1:2b:7e:59:0f:cb:
f5:87:2a:3a:8c:84:04:94:5c:cb:f1:0c:fe:54:3f:d6:93:bf:
4f:56:67:eb:2f:80:3d:f0:d0:ce:91:b1:56:52:c9:b3:23:20:
db:06:fe:4f:f1:a6:a8:c9:0c:29:55:b3:b0:f6:e5:b7:45:f9:
dc:22:28:84:31:aa:00:69:f7:e0:df:de:40:dd:14:f2:67:b4:
00:ec:62:f4:c9:62:e3:67:06:cf:6b:89:11:c4:f3:02:17:d1:
bc:5f:ed:3b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQntgKktdDe7x3+tBRvs0F2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMTAyMTU1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg2MjE3OGM5ZTAxZmQzZWIxNDA1OTg2ZmIwZjQ0NjdjMjFkZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2ToOPjqEoRQmvvpY/lip2IXy4Rt
GvQNIvnWA4hDypBZHmJwKYON7z4WWNV4Yh8qi1y6NZbiVsSLWEtdAkGQ7MskxMQR
/+w6D7E/aj8BUXDCeP7a+t+8RBdAQ7E+cQFWVWA9XYUIELXvkyD9kOqGa4d3ZLiv
lT/UK8lGnJuKM4BN9T9vySlx/+060LG0dS3Xl9zT8wQmrC40m8XX8vn9fS8ICim3
wj/KP57u7Eiy8seqQ0x+tPtWdu7t3zwzdGiVZ2EG6ijExanH0ajcDBzshNohrI5T
/08dOU6ShLcPCsbXZAQv8mg7Pnw0reARFC5cSZ/qz6YCisTPUEpJ/Jc1KwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKWGIXjJ4B/T6xQFmG+w9EZ8Id0XMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcFlZaGVNbmdIOVByRkFXWWI3RDBSbndoM1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABVhckD
BABVhcwDBABVhe4wDQYJKoZIhvcNAQELBQADggEBABvPd5pw7InZ+U3tjAGsHDkd
SoaFVCFO4+rT6mr9Q7j8/HZ1Vy7/Mx8PRjCcq8AKJ5KBDCe+AN27wR+K6E1w1+9F
Smcilgrl1kdOwLWLxK9nMhgEeA7H8Bz9fueI2tK5j4/axQ8aNOzGu5YruR6v185E
PbLcKqyFBd5xCzDF9e5pw6qKMRfHb4Ycm96FGmARbrhS6bAhyzQsdaAM6LErflkP
y/WHKjqMhASUXMvxDP5UP9aTv09WZ+svgD3w0M6RsVZSybMjINsG/k/xpqjJDClV
s7D25bdF+dwiKIQxqgBp9+Df3kDdFPJntADsYvTJYuNnBs9riRHE8wIX0bxf7Ts=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:24 2025 by rpki-client