Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/CXBfgaVQOuc9lYIVbg7pKmqkHOE.roa
File: CXBfgaVQOuc9lYIVbg7pKmqkHOE.roa (raw, json)
Hash identifier: I7yYdZV2obGkD4dveVQZgVRsyHOix63g5dcUBAGhDSM=
Subject key identifier: 09:70:5F:81:A5:50:3A:E7:3D:95:82:15:6E:0E:E9:2A:6A:A4:1C:E1
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0194206812227DFAA0A87BADE32C842D3BA0
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/CXBfgaVQOuc9lYIVbg7pKmqkHOE.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49981
IP address blocks: 85.239.37.0/24 maxlen: 24
85.239.39.0/24 maxlen: 24
185.152.93.0/24 maxlen: 24
185.152.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:12:22:7d:fa:a0:a8:7b:ad:e3:2c:84:2d:3b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09705f81a5503ae73d9582156e0ee92a6aa41ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:e3:1c:66:75:43:67:64:7b:a5:cb:da:0d:
33:14:24:45:b9:e3:23:01:cc:06:b2:e1:3c:11:f5:
1d:ca:f9:6c:aa:5f:65:90:5b:ed:f6:6f:13:4f:56:
ea:25:b0:97:b0:c6:97:3c:6a:c6:ec:a8:1d:43:6b:
b8:2a:dc:9d:ad:04:87:7f:dd:be:fb:d7:0b:01:f3:
fb:b9:b2:f2:02:0a:d9:01:f6:62:a9:f1:dd:f2:e4:
0c:00:09:38:f1:5c:41:51:a9:3c:ea:be:1a:ee:8b:
e3:63:ee:e2:55:6c:ce:96:66:12:fc:ef:6a:ae:bd:
92:cf:b0:d3:b6:8e:b1:87:a4:11:14:fa:fd:84:7e:
44:48:c5:96:e5:7d:51:dc:0a:61:fd:1e:c7:4f:6a:
83:ce:3e:d2:4a:ad:d3:25:7b:50:fe:e0:90:c8:92:
f7:55:cc:de:c9:a9:1d:f6:9b:b7:4f:d9:03:fb:d4:
57:20:67:2b:e4:7f:31:50:eb:62:ac:5b:eb:22:7f:
e2:38:50:e6:9b:fe:2b:dc:ca:92:13:04:31:32:d2:
69:24:4e:5a:bd:54:3f:99:38:3e:1c:97:7c:5e:8d:
a2:36:db:25:8e:df:91:3e:5f:55:b3:2f:38:22:5b:
80:da:9f:bf:52:a7:f1:d9:7e:15:07:c7:4a:ca:ae:
7d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:70:5F:81:A5:50:3A:E7:3D:95:82:15:6E:0E:E9:2A:6A:A4:1C:E1
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/CXBfgaVQOuc9lYIVbg7pKmqkHOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.37.0/24
85.239.39.0/24
185.152.93.0/24
185.152.95.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:58:d7:c7:54:ce:fe:e0:f2:bf:13:41:6a:43:52:b5:6e:e3:
2f:18:63:47:ca:af:54:77:a6:4f:1c:4d:b8:45:f3:91:36:25:
c5:f9:a4:0d:f6:f5:6c:d4:50:a4:d1:5c:0c:e9:ff:a0:38:64:
63:71:eb:ef:00:35:cd:5c:0b:85:35:1b:f8:ce:29:f9:7d:99:
25:a0:00:bf:70:42:95:e3:cb:14:2a:35:a6:b5:34:9c:35:10:
cc:75:60:e4:0d:09:b2:04:2a:87:fc:25:f8:c6:bc:af:46:95:
64:26:34:20:02:fe:23:ba:e7:80:1f:59:1b:35:26:61:48:0a:
93:09:4d:fb:05:ed:85:79:43:ea:48:ea:39:15:4a:6d:c6:8c:
6e:1d:34:ad:92:cf:1b:4f:31:ec:4d:ed:3e:7c:15:bc:d1:20:
ab:32:77:f6:85:d4:50:66:8b:56:29:09:d4:d6:99:84:3e:4a:
fe:5e:38:f6:54:06:47:77:4f:be:a1:a1:a0:dd:cb:e6:72:6f:
88:bc:18:a3:64:0a:52:6c:e9:31:00:6b:d0:0d:e0:83:14:14:
82:d0:61:52:73:83:b9:3e:f4:e3:c1:79:34:4b:62:52:e9:83:
87:51:33:ef:74:76:0c:23:d1:ec:b4:15:87:bb:9b:21:8d:3d:
4a:5e:3a:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgaBIiffqgqHut4yyELTugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTcwNWY4MWE1NTAzYWU3M2Q5NTgyMTU2ZTBlZTkyYTZhYTQxY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8LjHGZ1Q2dke6XL2g0zFCRFueMj
AcwGsuE8EfUdyvlsql9lkFvt9m8TT1bqJbCXsMaXPGrG7KgdQ2u4KtydrQSHf92+
+9cLAfP7ubLyAgrZAfZiqfHd8uQMAAk48VxBUak86r4a7ovjY+7iVWzOlmYS/O9q
rr2Sz7DTto6xh6QRFPr9hH5ESMWW5X1R3Aph/R7HT2qDzj7SSq3TJXtQ/uCQyJL3
Vczeyakd9pu3T9kD+9RXIGcr5H8xUOtirFvrIn/iOFDmm/4r3MqSEwQxMtJpJE5a
vVQ/mTg+HJd8Xo2iNtsljt+RPl9Vsy84IluA2p+/Uqfx2X4VB8dKyq59YwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAlwX4GlUDrnPZWCFW4O6SpqpBzhMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvQ1hCZmdhVlFPdWM5bFlJVmJnN3BLbXFrSE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVe8lAwQA
Ve8nAwQAuZhdAwQAuZhfMA0GCSqGSIb3DQEBCwUAA4IBAQBuWNfHVM7+4PK/E0Fq
Q1K1buMvGGNHyq9Ud6ZPHE24RfORNiXF+aQN9vVs1FCk0VwM6f+gOGRjcevvADXN
XAuFNRv4zin5fZkloAC/cEKV48sUKjWmtTScNRDMdWDkDQmyBCqH/CX4xryvRpVk
JjQgAv4juueAH1kbNSZhSAqTCU37Be2FeUPqSOo5FUptxoxuHTStks8bTzHsTe0+
fBW80SCrMnf2hdRQZotWKQnU1pmEPkr+Xjj2VAZHd0++oaGg3cvmcm+IvBijZApS
bOkxAGvQDeCDFBSC0GFSc4O5PvTjwXk0S2JS6YOHUTPvdHYMI9HstBWHu5shjT1K
Xjqb
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:51:27 2025 by rpki-client