Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/85bHj7RGcIYarT8xG54y0lOJV3U.roa
File: 85bHj7RGcIYarT8xG54y0lOJV3U.roa (raw, json)
Hash identifier: t2/b1qdEd3u1T3yMA3vuzLGW5OjAWRAnLuOWPZ/Vjm8=
Subject key identifier: F3:96:C7:8F:B4:46:70:86:1A:AD:3F:31:1B:9E:32:D2:53:89:57:75
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 0195F0940ED58FB4452D97EAD491826571E2
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/85bHj7RGcIYarT8xG54y0lOJV3U.roa
Signing time: Tue 01 Apr 2025 08:59:49 +0000
ROA not before: Tue 01 Apr 2025 08:59:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47638
IP address blocks: 91.235.56.0/22 maxlen: 24
185.46.200.0/22 maxlen: 24
185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
185.161.132.0/22 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 48
2a0b:8640::/29 maxlen: 48
2a0f:cd40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f0:94:0e:d5:8f:b4:45:2d:97:ea:d4:91:82:65:71:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Apr 1 08:59:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f396c78fb44670861aad3f311b9e32d253895775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:4c:82:0b:7a:4a:29:53:55:57:5c:98:f0:5c:
c3:16:ec:62:81:25:fc:e4:ad:18:6d:4f:59:f8:57:
c9:61:82:f5:55:d6:f8:60:53:f1:8c:69:a9:1d:7b:
f1:dd:d6:00:6c:e6:34:de:be:52:f4:2c:c6:ca:9f:
16:82:de:2b:fd:f5:af:b8:83:bc:33:23:db:c3:d8:
b1:bf:e7:3d:e3:54:bf:c1:a9:a3:8f:34:68:02:09:
88:be:89:b3:b9:b8:eb:05:2d:9a:f8:88:4e:56:61:
e8:7c:f4:e9:fd:96:a8:f8:51:e3:12:13:50:5c:bc:
e4:9e:67:e2:64:91:7d:70:aa:51:35:4e:24:ea:20:
c5:60:52:e8:80:47:18:ab:91:c4:03:55:61:02:38:
e6:80:ed:b4:02:89:c7:66:92:10:be:a6:88:c1:70:
81:84:2c:c6:6c:97:bf:1c:bc:6a:72:fc:6b:e2:7f:
37:c2:9f:03:48:38:9d:db:e5:48:62:db:b1:54:2e:
41:31:21:5b:dc:91:fe:52:94:04:77:e8:32:78:27:
4d:63:96:d3:b5:87:76:a3:a3:e7:fe:38:20:86:f0:
8d:0d:d6:31:ea:29:6d:4e:93:9c:33:bd:87:58:40:
1b:4c:ae:12:f7:55:f5:f0:0b:32:0d:b7:d9:01:3c:
eb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:96:C7:8F:B4:46:70:86:1A:AD:3F:31:1B:9E:32:D2:53:89:57:75
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/85bHj7RGcIYarT8xG54y0lOJV3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.56.0/22
185.46.200.0/22
185.66.205.0-185.66.206.255
185.149.208.0/24
185.149.210.0/23
185.161.132.0/22
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
2a0f:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
6f:0f:88:2a:80:a7:23:92:a8:41:50:dd:25:dd:82:7d:88:26:
a2:96:6d:2e:00:ab:49:06:36:05:e4:b3:e9:6c:0a:2f:22:76:
56:e5:70:d1:31:aa:87:73:6e:23:87:be:7f:67:89:44:4b:6d:
db:dc:45:7f:26:57:71:9d:05:93:ce:67:e2:80:f3:d2:b6:52:
4b:a5:9e:a3:43:b3:c7:bf:14:ca:35:ae:08:8e:17:60:97:cd:
34:df:7b:41:e6:17:69:8c:0a:39:2e:7d:17:30:59:3f:43:c1:
97:97:f3:01:e0:73:87:bc:d1:92:84:17:af:2f:84:07:4a:eb:
c8:4d:9c:a0:68:a4:92:6c:af:86:d3:2c:f5:ce:35:5a:dc:79:
5f:17:d9:5c:a8:a7:47:c1:3c:13:0a:0c:13:45:9d:7a:b9:cb:
8b:0d:d5:54:93:15:5e:ab:9a:55:77:8a:44:b6:f4:c6:29:69:
e9:df:fe:62:31:17:0b:f9:a8:26:e0:9c:88:96:fd:c5:b8:55:
d8:fb:4c:e5:e5:f7:a7:32:e0:28:e7:19:01:3a:6a:c6:b3:80:
75:c4:e4:1e:57:e7:e5:4e:7b:d0:5f:cd:39:bd:9e:13:31:4e:
34:d8:f6:ac:04:b9:1b:cd:11:98:57:97:cb:33:26:70:88:bd:
45:35:19:d2
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZXwlA7Vj7RFLZfq1JGCZXHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjUwNDAxMDg1OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk2Yzc4ZmI0NDY3MDg2MWFhZDNmMzExYjllMzJkMjUzODk1Nzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kyCC3pKKVNVV1yY8FzDFuxigSX8
5K0YbU9Z+FfJYYL1Vdb4YFPxjGmpHXvx3dYAbOY03r5S9CzGyp8Wgt4r/fWvuIO8
MyPbw9ixv+c941S/wamjjzRoAgmIvomzubjrBS2a+IhOVmHofPTp/Zao+FHjEhNQ
XLzknmfiZJF9cKpRNU4k6iDFYFLogEcYq5HEA1VhAjjmgO20AonHZpIQvqaIwXCB
hCzGbJe/HLxqcvxr4n83wp8DSDid2+VIYtuxVC5BMSFb3JH+UpQEd+gyeCdNY5bT
tYd2o6Pn/jgghvCNDdYx6iltTpOcM72HWEAbTK4S91X18AsyDbfZATzr7wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPOWx4+0RnCGGq0/MRueMtJTiVd1MB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvODViSGo3UkdjSVlhclQ4eEc1NHkwbE9KVjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA4BAIAATAyAwQCW+s4AwQC
uS7IMAwDBAC5Qs0DBAC5Qs4DBAC5ldADBAG5ldIDBAK5oYQDBALCAHQwGwQCAAIw
FQMFAyoEGEADBQMqC4ZAAwUDKg/NQDANBgkqhkiG9w0BAQsFAAOCAQEAbw+IKoCn
I5KoQVDdJd2CfYgmopZtLgCrSQY2BeSz6WwKLyJ2VuVw0TGqh3NuI4e+f2eJREtt
29xFfyZXcZ0Fk85n4oDz0rZSS6Weo0Ozx78UyjWuCI4XYJfNNN97QeYXaYwKOS59
FzBZP0PBl5fzAeBzh7zRkoQXry+EB0rryE2coGikkmyvhtMs9c41Wtx5XxfZXKin
R8E8EwoME0WdernLiw3VVJMVXquaVXeKRLb0xilp6d/+YjEXC/moJuCciJb9xbhV
2PtM5eX3pzLgKOcZATpqxrOAdcTkHlfn5U570F/NOb2eEzFONNj2rAS5G80RmFeX
yzMmcIi9RTUZ0g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:57 2025 by rpki-client on console.sobornost.net