Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/bDPZ2IR6ImcRHKaCKb1DFYZSPeU.roa
File: bDPZ2IR6ImcRHKaCKb1DFYZSPeU.roa (raw, json)
Hash identifier: C/oWZRw0Dl261ZToD4X2GP0Mb4nYzslAlII1IzygPX8=
Subject key identifier: 6C:33:D9:D8:84:7A:22:67:11:1C:A6:82:29:BD:43:15:86:52:3D:E5
Certificate issuer: /CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Certificate serial: 0195DD00772FD18506379CE7ED72E6AE9373
Authority key identifier: A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/bDPZ2IR6ImcRHKaCKb1DFYZSPeU.roa
Signing time: Fri 28 Mar 2025 13:45:49 +0000
ROA not before: Fri 28 Mar 2025 13:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214427
IP address blocks: 85.222.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:00:77:2f:d1:85:06:37:9c:e7:ed:72:e6:ae:93:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Validity
Not Before: Mar 28 13:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c33d9d8847a2267111ca68229bd431586523de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cb:1a:26:e9:4f:ab:df:c2:c4:eb:15:df:98:
77:45:d0:03:20:c5:9a:16:be:06:77:d1:41:aa:57:
43:f9:96:d7:2e:00:32:9b:f3:18:5a:95:55:ab:16:
58:82:97:fc:57:56:9e:d5:4c:e2:25:fa:9b:0d:f8:
a1:ec:5e:03:3c:1a:33:25:78:49:aa:c9:19:52:f5:
0b:f8:c8:6c:0c:f2:bd:fc:86:57:5f:3e:37:16:48:
f5:a9:4f:bd:2b:dd:9e:9d:46:03:35:8b:5c:0f:25:
ac:c0:8e:ec:a9:12:1f:8c:ab:3f:e7:86:c2:d0:88:
79:8f:f0:2f:a9:0e:f7:a7:7c:8b:5b:7c:30:f5:73:
23:88:a9:12:01:b3:8b:62:54:58:31:33:fb:8b:43:
a4:66:eb:89:e5:1d:16:f6:b4:e3:06:13:eb:7f:97:
41:ac:e0:e4:21:87:6a:62:78:69:23:50:8b:59:10:
c5:11:4e:0e:20:78:6d:8d:c6:95:34:17:b9:61:13:
6d:09:9b:70:3b:5a:b6:53:62:e7:77:5a:fc:d3:b8:
cb:84:27:c6:3e:4c:0c:89:70:30:86:c1:ab:1a:47:
ae:8e:0b:3c:ca:ec:d4:e0:74:70:52:7a:67:00:4b:
c0:7b:78:52:aa:2a:50:ea:8b:a2:5c:88:68:9e:04:
1a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:33:D9:D8:84:7A:22:67:11:1C:A6:82:29:BD:43:15:86:52:3D:E5
X509v3 Authority Key Identifier:
keyid:A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/bDPZ2IR6ImcRHKaCKb1DFYZSPeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.175.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:cc:81:b6:c0:23:63:f5:52:78:ac:e1:4c:fa:79:a3:11:af:
1c:75:c5:e8:f7:51:44:43:c6:15:18:bd:43:42:42:3e:6d:25:
27:5f:9f:68:98:53:6a:c9:ca:e3:8a:cb:a0:01:c0:e1:67:9b:
10:aa:27:7b:c0:be:ab:27:df:86:27:43:d4:b0:37:08:5f:95:
c5:1d:9e:f1:f8:a9:9c:19:ec:ee:64:e1:17:e8:e8:d2:08:3c:
3a:c8:74:36:0c:52:52:33:c4:e8:77:78:19:7c:ab:73:d0:c3:
54:4d:8a:4f:33:7b:49:64:8a:93:f7:9b:96:24:ef:20:9f:ae:
7e:f4:d7:70:7d:c9:4d:4b:8a:2b:ed:3a:06:07:83:d8:36:f0:
03:38:91:dc:b2:4c:86:b4:b8:43:02:48:0b:cc:15:b7:d3:9a:
b8:f2:f5:28:12:84:13:04:fa:57:a5:81:8d:b0:04:0c:ce:89:
ee:02:09:1e:d5:8e:87:8f:dd:c4:75:a8:fd:7b:bc:96:0e:2a:
82:ce:9d:04:b2:0b:5d:c0:c7:9c:e2:bc:e3:27:b4:ed:cb:35:
84:30:8e:0e:3b:fb:c8:f0:68:c4:a4:45:ab:0f:a0:5a:11:49:
8c:c0:c6:a4:e4:7d:cd:81:49:a2:d6:c1:fb:e7:47:fd:d5:e6:
75:ba:f2:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXdAHcv0YUGN5zn7XLmrpNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDc4ZGUwMjM0ZTZmOTk3MDE1OTJmNTM2ZTQ1ZjVmNTU5
NGVlYzMwHhcNMjUwMzI4MTM0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMzZDlkODg0N2EyMjY3MTExY2E2ODIyOWJkNDMxNTg2NTIzZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcsaJulPq9/CxOsV35h3RdADIMWa
Fr4Gd9FBqldD+ZbXLgAym/MYWpVVqxZYgpf8V1ae1UziJfqbDfih7F4DPBozJXhJ
qskZUvUL+MhsDPK9/IZXXz43Fkj1qU+9K92enUYDNYtcDyWswI7sqRIfjKs/54bC
0Ih5j/AvqQ73p3yLW3ww9XMjiKkSAbOLYlRYMTP7i0OkZuuJ5R0W9rTjBhPrf5dB
rODkIYdqYnhpI1CLWRDFEU4OIHhtjcaVNBe5YRNtCZtwO1q2U2Lnd1r807jLhCfG
PkwMiXAwhsGrGkeujgs8yuzU4HRwUnpnAEvAe3hSqipQ6ouiXIhongQaSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwz2diEeiJnERymgim9QxWGUj3lMB8GA1UdIwQY
MBaAFKfXjeAjTm+ZcBWS9TbkX19VlO7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2Mt
MjhkNWI2MDdhNDdmLzEvYkRQWjJJUjZJbWNSSEthQ0tiMURGWVpTUGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2MtMjhkNWI2MDdhNDdm
LzEvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVd6vMA0G
CSqGSIb3DQEBCwUAA4IBAQCOzIG2wCNj9VJ4rOFM+nmjEa8cdcXo91FEQ8YVGL1D
QkI+bSUnX59omFNqycrjisugAcDhZ5sQqid7wL6rJ9+GJ0PUsDcIX5XFHZ7x+Kmc
GezuZOEX6OjSCDw6yHQ2DFJSM8Tod3gZfKtz0MNUTYpPM3tJZIqT95uWJO8gn65+
9NdwfclNS4or7ToGB4PYNvADOJHcskyGtLhDAkgLzBW305q48vUoEoQTBPpXpYGN
sAQMzonuAgke1Y6Hj93Edaj9e7yWDiqCzp0EsgtdwMec4rzjJ7TtyzWEMI4OO/vI
8GjEpEWrD6BaEUmMwMak5H3NgUmi1sH750f91eZ1uvJx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net