Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/GVxxzY32CZDJ4RZSxMJUa26pyh4.roa
File: GVxxzY32CZDJ4RZSxMJUa26pyh4.roa (raw, json)
Hash identifier: 5qpDAsfwGMBMiRRrlvVSRSqixstuQzqZtX+LEsv0ssQ=
Subject key identifier: 19:5C:71:CD:8D:F6:09:90:C9:E1:16:52:C4:C2:54:6B:6E:A9:CA:1E
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0194206812C304CB1EEF2B859D3FB421CE2D
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/GVxxzY32CZDJ4RZSxMJUa26pyh4.roa
Signing time: Wed 01 Jan 2025 05:47:59 +0000
ROA not before: Wed 01 Jan 2025 05:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52000
IP address blocks: 85.239.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:12:c3:04:cb:1e:ef:2b:85:9d:3f:b4:21:ce:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 05:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=195c71cd8df60990c9e11652c4c2546b6ea9ca1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:30:d6:97:59:8c:8c:74:d5:86:fd:22:ec:4a:
c8:72:8b:1d:db:4d:04:a4:5b:e2:12:2a:f0:7b:02:
55:ab:1c:97:a7:af:7e:a1:5c:44:7a:73:9a:84:28:
2b:6b:27:99:18:fd:98:1f:35:bb:85:54:ac:d6:f1:
34:c1:b8:3f:c3:f6:03:fc:db:ca:f8:6f:93:d7:11:
22:17:56:d5:fb:c9:cc:e9:0d:83:4b:cf:3f:2e:8c:
31:b4:df:1d:ea:78:e6:71:78:24:e7:d6:4e:20:04:
6f:cf:a1:ea:d3:5f:7a:8a:c3:ac:ab:5e:ba:d9:44:
df:e8:df:d5:05:c9:9a:aa:60:1f:08:53:b5:2c:f4:
f2:9d:66:15:4a:9a:e2:a7:06:5b:e4:d9:ad:51:cd:
d1:8b:de:8a:a9:ce:82:be:ff:98:89:f9:21:fb:03:
7f:33:95:28:16:df:ce:67:96:94:59:7f:4e:de:ca:
07:c0:43:e1:54:90:b9:56:26:c6:27:4d:ed:91:fe:
5b:30:5c:68:8e:66:b4:7b:05:c5:9f:64:8d:02:4c:
ca:9d:c3:e5:fe:c8:4a:14:f1:0f:7e:5b:f1:60:f0:
6a:f5:15:c7:34:cc:82:78:8b:dd:79:05:a7:d6:82:
ef:80:76:13:39:25:4c:ea:94:cb:b6:42:b4:cb:aa:
21:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:5C:71:CD:8D:F6:09:90:C9:E1:16:52:C4:C2:54:6B:6E:A9:CA:1E
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/GVxxzY32CZDJ4RZSxMJUa26pyh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.36.0/22
Signature Algorithm: sha256WithRSAEncryption
31:99:24:c6:2b:9d:18:ed:3f:84:e6:47:af:0f:86:f8:a8:b9:
95:d2:c0:4b:fa:85:43:2f:d4:b6:33:a5:a0:a3:85:bf:e5:41:
75:9d:73:db:24:9d:be:99:4e:ce:32:29:3e:8c:f5:98:7e:db:
50:71:3f:51:55:a4:1b:0b:e1:11:37:6b:ab:c0:46:b8:2e:e2:
fa:e0:2a:d6:ba:9b:42:c7:67:36:3b:8e:3b:92:aa:65:ee:8b:
12:24:ce:f1:28:f6:09:18:4a:af:8c:1f:7f:21:f3:41:4e:a2:
f9:27:4a:50:af:e2:c4:f4:55:ba:95:bb:4c:6c:ab:58:f0:7f:
ff:5e:c8:31:1e:a1:d2:08:05:c0:32:69:bf:47:e9:5c:18:de:
c8:2b:6b:c3:18:4a:bb:32:77:54:31:98:7d:91:9e:be:c5:d7:
44:89:20:c3:01:1b:eb:d5:49:54:09:37:37:8f:24:4b:9b:1f:
e2:00:a3:59:ed:c0:f1:59:27:58:d3:45:c8:04:41:c0:14:a7:
c2:1c:69:ed:3d:9d:c8:68:70:a5:43:ee:29:68:26:0a:7f:a4:
dc:7c:d2:11:77:25:e6:98:f9:12:3b:1d:32:9e:6b:78:c2:23:
87:0b:b8:5c:d5:8b:5b:ef:af:d2:40:72:56:2b:96:e7:d9:66:
6e:7b:4c:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBLDBMse7yuFnT+0Ic4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjUwMTAxMDU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTVjNzFjZDhkZjYwOTkwYzllMTE2NTJjNGMyNTQ2YjZlYTljYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjDWl1mMjHTVhv0i7ErIcosd200E
pFviEirwewJVqxyXp69+oVxEenOahCgrayeZGP2YHzW7hVSs1vE0wbg/w/YD/NvK
+G+T1xEiF1bV+8nM6Q2DS88/LowxtN8d6njmcXgk59ZOIARvz6Hq0196isOsq166
2UTf6N/VBcmaqmAfCFO1LPTynWYVSpripwZb5NmtUc3Ri96Kqc6Cvv+Yifkh+wN/
M5UoFt/OZ5aUWX9O3soHwEPhVJC5VibGJ03tkf5bMFxojma0ewXFn2SNAkzKncPl
/shKFPEPflvxYPBq9RXHNMyCeIvdeQWn1oLvgHYTOSVM6pTLtkK0y6oh3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBlccc2N9gmQyeEWUsTCVGtuqcoeMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvR1Z4eHpZMzJDWkRKNFJaU3hNSlVhMjZweWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe8kMA0G
CSqGSIb3DQEBCwUAA4IBAQAxmSTGK50Y7T+E5kevD4b4qLmV0sBL+oVDL9S2M6Wg
o4W/5UF1nXPbJJ2+mU7OMik+jPWYfttQcT9RVaQbC+ERN2urwEa4LuL64CrWuptC
x2c2O447kqpl7osSJM7xKPYJGEqvjB9/IfNBTqL5J0pQr+LE9FW6lbtMbKtY8H//
XsgxHqHSCAXAMmm/R+lcGN7IK2vDGEq7MndUMZh9kZ6+xddEiSDDARvr1UlUCTc3
jyRLmx/iAKNZ7cDxWSdY00XIBEHAFKfCHGntPZ3IaHClQ+4paCYKf6TcfNIRdyXm
mPkSOx0ynmt4wiOHC7hc1Ytb76/SQHJWK5bn2WZue0x/
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:51:43 2025 by rpki-client