Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/5klL4oJYCAWVCtSt4Aa3ZqfkGO4.roa
File: 5klL4oJYCAWVCtSt4Aa3ZqfkGO4.roa (raw, json)
Hash identifier: qBVepds6Syb8DaPWB6RynfxxSA3Sp6OU8dF9D31HEW4=
Subject key identifier: E6:49:4B:E2:82:58:08:05:95:0A:D4:AD:E0:06:B7:66:A7:E4:18:EE
Certificate issuer: /CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Certificate serial: 019420684BEE37100281E9E9AE9310822F7D
Authority key identifier: EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/5klL4oJYCAWVCtSt4Aa3ZqfkGO4.roa
Signing time: Wed 01 Jan 2025 05:48:13 +0000
ROA not before: Wed 01 Jan 2025 05:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207167
IP address blocks: 85.209.28.0/22 maxlen: 22
185.59.144.0/22 maxlen: 22
185.179.32.0/24 maxlen: 24
185.179.33.0/24 maxlen: 24
185.234.132.0/22 maxlen: 22
2a02:6c20::/32 maxlen: 32
2a0a:7780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4b:ee:37:10:02:81:e9:e9:ae:93:10:82:2f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Validity
Not Before: Jan 1 05:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6494be282580805950ad4ade006b766a7e418ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ee:78:3b:22:2b:70:17:73:2c:bf:3e:89:8e:
e5:3e:7e:55:23:89:15:cf:e2:94:c4:d8:c2:d8:0c:
02:30:02:35:9f:43:bd:3e:73:db:29:fa:3c:b9:3f:
ef:43:bc:7c:59:3d:59:26:98:68:23:83:4d:36:92:
bf:b8:e2:20:04:31:78:b2:42:ad:94:29:44:06:70:
a6:7e:76:37:84:f9:10:d2:15:ba:cb:e9:e7:c8:1a:
54:01:3a:57:8d:9c:7f:51:3f:3c:2c:e0:b5:a4:14:
01:5e:1d:5a:34:e3:a4:23:dd:d9:88:bb:b4:68:40:
dd:79:d8:a8:c3:90:cb:e9:b2:07:69:0c:6a:2a:79:
9c:2d:61:2e:13:df:df:55:75:3a:62:9b:a7:77:c4:
57:b2:d0:f4:5e:b1:58:75:82:02:58:0a:81:5c:ad:
3b:03:55:2b:e3:08:6b:df:0f:c6:4b:b9:f7:dc:5d:
a4:f4:f2:a1:3e:46:d5:2c:44:70:f4:aa:a9:fb:88:
80:d1:52:c5:b0:f9:43:83:67:e7:f1:2f:31:85:a0:
ef:9e:aa:d2:2f:a0:72:62:9b:7e:f6:ed:3c:28:5f:
89:9f:7a:6f:5d:58:c5:8c:1d:8d:2a:69:18:a7:64:
fc:ce:00:e3:3c:c3:10:86:7d:3e:60:35:a1:a6:bc:
e5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:49:4B:E2:82:58:08:05:95:0A:D4:AD:E0:06:B7:66:A7:E4:18:EE
X509v3 Authority Key Identifier:
keyid:EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/5klL4oJYCAWVCtSt4Aa3ZqfkGO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/7rWbeRx6EdIyqVx-8WkoXK6mlbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.28.0/22
185.59.144.0/22
185.179.32.0/23
185.234.132.0/22
IPv6:
2a02:6c20::/32
2a0a:7780::/29
Signature Algorithm: sha256WithRSAEncryption
6e:dd:ef:06:1e:4f:31:56:1d:9f:35:a3:01:bd:75:4a:0e:68:
44:2e:5d:7a:4c:59:f5:36:69:71:dd:32:d9:3f:ce:98:e7:fb:
23:cc:79:77:e4:48:3c:b7:50:f0:ea:06:0f:d2:23:21:e2:de:
87:d0:96:4e:30:4f:ed:45:48:87:6e:0f:05:6a:c6:e3:dd:28:
e6:c3:d8:2b:0b:0d:06:92:1b:5a:40:5e:93:a9:a3:af:4e:2c:
c1:1f:0d:41:cf:03:8b:d2:ef:7c:f7:f7:df:08:5e:59:56:cb:
04:7b:b1:3f:f1:5b:15:ce:39:46:0b:96:be:0e:14:b1:5a:49:
6f:44:81:44:4b:8c:94:5e:80:ec:c2:8a:07:86:1f:8b:76:90:
32:f2:e9:d6:6f:72:72:e5:92:7c:ac:c6:a6:4e:0d:b7:3d:e1:
0f:d5:f8:87:a8:72:46:87:64:fb:58:21:e5:15:6d:d6:07:fd:
cf:49:94:c7:37:1c:47:96:b3:14:8d:b2:f6:4c:65:47:53:0c:
be:0c:1b:c4:a8:6c:f9:27:f4:05:1d:a3:b4:0a:a8:fc:bc:66:
b6:be:d9:61:17:65:c0:17:a3:ca:2e:21:44:e3:17:05:74:08:
2a:2a:10:98:dd:0b:db:9a:44:29:49:9f:bd:48:e6:45:2f:f3:
62:80:5e:1e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQgaEvuNxACgenprpMQgi99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYjU5Yjc5MWM3YTExZDIzMmE5NWM3ZWYxNjkyODVjYWVh
Njk1YmMwHhcNMjUwMTAxMDU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ5NGJlMjgyNTgwODA1OTUwYWQ0YWRlMDA2Yjc2NmE3ZTQxOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu54OyIrcBdzLL8+iY7lPn5VI4kV
z+KUxNjC2AwCMAI1n0O9PnPbKfo8uT/vQ7x8WT1ZJphoI4NNNpK/uOIgBDF4skKt
lClEBnCmfnY3hPkQ0hW6y+nnyBpUATpXjZx/UT88LOC1pBQBXh1aNOOkI93ZiLu0
aEDdediow5DL6bIHaQxqKnmcLWEuE9/fVXU6Ypund8RXstD0XrFYdYICWAqBXK07
A1Ur4whr3w/GS7n33F2k9PKhPkbVLERw9Kqp+4iA0VLFsPlDg2fn8S8xhaDvnqrS
L6ByYpt+9u08KF+Jn3pvXVjFjB2NKmkYp2T8zgDjPMMQhn0+YDWhprzlhwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOZJS+KCWAgFlQrUreAGt2an5BjuMB8GA1UdIwQY
MBaAFO61m3kcehHSMqlcfvFpKFyuppW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMt
YTY3ZDhjN2VkN2NhLzEvNWtsTDRvSllDQVdWQ3RTdDRBYTNacWZrR080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMtYTY3ZDhjN2VkN2Nh
LzEvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCVdEcAwQC
uTuQAwQBubMgAwQCueqEMBQEAgACMA4DBQAqAmwgAwUDKgp3gDANBgkqhkiG9w0B
AQsFAAOCAQEAbt3vBh5PMVYdnzWjAb11Sg5oRC5dekxZ9TZpcd0y2T/OmOf7I8x5
d+RIPLdQ8OoGD9IjIeLeh9CWTjBP7UVIh24PBWrG490o5sPYKwsNBpIbWkBek6mj
r04swR8NQc8Di9LvfPf33wheWVbLBHuxP/FbFc45RguWvg4UsVpJb0SBREuMlF6A
7MKKB4Yfi3aQMvLp1m9ycuWSfKzGpk4Ntz3hD9X4h6hyRodk+1gh5RVt1gf9z0mU
xzccR5azFI2y9kxlR1MMvgwbxKhs+Sf0BR2jtAqo/Lxmtr7ZYRdlwBejyi4hROMX
BXQIKioQmN0L25pEKUmfvUjmRS/zYoBeHg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:48 2025 by rpki-client on console.sobornost.net