Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/gfVFAzdbzG9BZ0taU2rZNWi2m4k.roa
File: gfVFAzdbzG9BZ0taU2rZNWi2m4k.roa (raw, json)
Hash identifier: OkTyuz8lPncVitFL+55q0jftx4m42h2veU5Ugj3c2kU=
Subject key identifier: 81:F5:45:03:37:5B:CC:6F:41:67:4B:5A:53:6A:D9:35:68:B6:9B:89
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 0194222015907CD5E6CEEBB0E8EB955FC1BF
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/gfVFAzdbzG9BZ0taU2rZNWi2m4k.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42018
IP address blocks: 85.255.194.0/24 maxlen: 24
85.255.196.0/24 maxlen: 24
85.255.198.0/24 maxlen: 24
85.255.199.0/24 maxlen: 24
85.255.202.0/24 maxlen: 24
85.255.203.0/24 maxlen: 24
85.255.204.0/24 maxlen: 24
85.255.206.0/24 maxlen: 24
185.35.52.0/24 maxlen: 24
185.35.53.0/24 maxlen: 24
2a01:498::/32 maxlen: 32
2a01:498:500::/40 maxlen: 40
2a01:498:8100::/40 maxlen: 40
2a01:498:8500::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:15:90:7c:d5:e6:ce:eb:b0:e8:eb:95:5f:c1:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81f54503375bcc6f41674b5a536ad93568b69b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:9f:95:3f:57:cf:4e:51:f6:31:d4:3f:73:
4a:70:0d:28:70:13:65:58:41:d4:9a:96:63:13:79:
e4:32:fc:c4:76:d6:9e:88:2f:c8:0e:04:19:48:d2:
7f:c4:49:c7:bf:25:97:37:5c:8c:22:31:24:ce:07:
c7:77:90:a9:88:99:aa:28:42:7a:a9:12:02:3c:3c:
85:f4:1b:6a:91:a1:e1:67:be:03:9a:6f:0a:6a:b9:
26:5c:eb:9f:92:97:20:41:2b:d7:49:56:c2:9d:40:
89:8e:85:1c:1e:a5:c8:3f:c8:00:cf:a3:3e:53:fd:
d6:52:a7:02:43:b0:5e:9f:3b:bd:dd:03:c7:3a:f5:
98:2a:f6:b0:82:c3:9d:6a:69:22:6f:b0:73:ed:9c:
df:69:1a:b7:47:68:27:e8:f3:41:32:df:6c:c2:d3:
69:db:74:40:ac:97:f8:06:2e:bc:46:5b:c1:89:b6:
15:31:dd:6a:ed:7a:38:c8:df:c9:53:16:c2:25:56:
e6:11:b7:4a:bb:a1:b7:d2:35:12:e6:48:03:9d:f4:
1d:32:35:c0:c5:43:18:5e:6b:a2:9b:b0:df:84:c4:
d4:49:1e:df:b4:a7:83:78:27:e9:e5:aa:7f:e5:d4:
d0:79:dc:02:9c:4e:6c:f6:48:13:b9:55:f4:03:6d:
91:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F5:45:03:37:5B:CC:6F:41:67:4B:5A:53:6A:D9:35:68:B6:9B:89
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/gfVFAzdbzG9BZ0taU2rZNWi2m4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.194.0/24
85.255.196.0/24
85.255.198.0/23
85.255.202.0-85.255.204.255
85.255.206.0/24
185.35.52.0/23
IPv6:
2a01:498::/32
Signature Algorithm: sha256WithRSAEncryption
11:3b:9b:9c:3f:99:fd:b6:cc:3b:4b:9b:17:fc:8e:80:b5:36:
5e:8b:0e:3d:2a:d1:17:e3:41:23:01:18:57:a0:3d:72:cb:7c:
23:d0:e7:2a:d0:75:c5:55:01:d8:33:d8:29:4d:5d:ce:69:71:
fa:cc:f6:f0:d8:7c:7d:7e:69:5a:33:a6:66:6a:cf:f5:bf:27:
89:1c:d8:a8:2e:d0:99:4f:70:4d:63:9f:d4:e1:58:83:92:30:
83:ad:0d:21:05:7a:b3:c6:8f:25:c6:e1:f9:c1:7f:07:b5:cb:
4b:fa:98:6b:31:fd:b3:8a:91:3e:90:2a:a5:ff:26:3d:1c:8b:
b7:0b:4d:2d:7a:72:d2:9b:d4:93:31:c5:9f:f8:9e:d6:22:c0:
b2:e1:b8:0b:30:89:2f:fb:48:ac:41:69:88:b4:a4:35:b0:77:
48:c5:21:da:1b:ad:5e:fa:e6:e7:1b:e8:a7:70:7d:fa:a2:7e:
66:42:02:da:5f:f7:86:7d:1b:16:d0:b8:47:df:10:44:2e:6f:
cc:86:d6:61:3e:2b:30:53:f2:ca:93:de:72:41:fa:4e:dc:f4:
b6:2a:5c:c4:f0:9f:48:60:58:60:a8:02:e2:a2:b4:1d:c4:63:
85:cb:ee:3e:aa:91:35:3b:b3:38:5d:64:37:1a:aa:f7:31:42:
47:fd:0e:43
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQiIBWQfNXmzuuw6OuVX8G/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWY1NDUwMzM3NWJjYzZmNDE2NzRiNWE1MzZhZDkzNTY4YjY5Yjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAyflT9Xz05R9jHUP3NKcA0ocBNl
WEHUmpZjE3nkMvzEdtaeiC/IDgQZSNJ/xEnHvyWXN1yMIjEkzgfHd5CpiJmqKEJ6
qRICPDyF9BtqkaHhZ74Dmm8KarkmXOufkpcgQSvXSVbCnUCJjoUcHqXIP8gAz6M+
U/3WUqcCQ7Benzu93QPHOvWYKvawgsOdamkib7Bz7ZzfaRq3R2gn6PNBMt9swtNp
23RArJf4Bi68RlvBibYVMd1q7Xo4yN/JUxbCJVbmEbdKu6G30jUS5kgDnfQdMjXA
xUMYXmuim7DfhMTUSR7ftKeDeCfp5ap/5dTQedwCnE5s9kgTuVX0A22RhwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFIH1RQM3W8xvQWdLWlNq2TVotpuJMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvZ2ZWRkF6ZGJ6RzlCWjB0YVUyclpOV2kybTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQAVf/CAwQA
Vf/EAwQBVf/GMAwDBAFV/8oDBABV/8wDBABV/84DBAG5IzQwDQQCAAIwBwMFACoB
BJgwDQYJKoZIhvcNAQELBQADggEBABE7m5w/mf22zDtLmxf8joC1Nl6LDj0q0Rfj
QSMBGFegPXLLfCPQ5yrQdcVVAdgz2ClNXc5pcfrM9vDYfH1+aVozpmZqz/W/J4kc
2Kgu0JlPcE1jn9ThWIOSMIOtDSEFerPGjyXG4fnBfwe1y0v6mGsx/bOKkT6QKqX/
Jj0ci7cLTS16ctKb1JMxxZ/4ntYiwLLhuAswiS/7SKxBaYi0pDWwd0jFIdobrV76
5ucb6KdwffqifmZCAtpf94Z9GxbQuEffEEQub8yG1mE+KzBT8sqT3nJB+k7c9LYq
XMTwn0hgWGCoAuKitB3EY4XL7j6qkTU7szhdZDcaqvcxQkf9DkM=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:17:06 2025 by rpki-client on console.sobornost.net