Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/6hWOpEB79Jwd3tjKR90wreFxatA.roa
File: 6hWOpEB79Jwd3tjKR90wreFxatA.roa (raw, json)
Hash identifier: Q/14jrNN3dPge3RXtvSabOT2/zXSC7oSEv0xGz0lOr8=
Subject key identifier: EA:15:8E:A4:40:7B:F4:9C:1D:DE:D8:CA:47:DD:30:AD:E1:71:6A:D0
Certificate issuer: /CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Certificate serial: 0194B80339303E138E7A8A887B373DE816EA
Authority key identifier: D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/6hWOpEB79Jwd3tjKR90wreFxatA.roa
Signing time: Thu 30 Jan 2025 16:20:06 +0000
ROA not before: Thu 30 Jan 2025 16:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20661
IP address blocks: 95.85.96.0/19 maxlen: 24
95.85.96.0/24 maxlen: 24
95.85.98.0/24 maxlen: 24
95.85.99.0/24 maxlen: 24
95.85.100.0/22 maxlen: 22
95.85.100.0/24 maxlen: 24
95.85.101.0/24 maxlen: 24
95.85.104.0/22 maxlen: 22
95.85.104.0/24 maxlen: 24
95.85.121.0/24 maxlen: 24
103.220.0.0/22 maxlen: 22
119.235.112.0/20 maxlen: 20
177.93.143.0/24 maxlen: 24
185.69.184.0/24 maxlen: 24
216.250.8.0/21 maxlen: 21
217.174.224.0/20 maxlen: 24
217.174.224.0/24 maxlen: 24
217.174.225.0/24 maxlen: 24
217.174.227.0/24 maxlen: 24
2a05:2180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b8:03:39:30:3e:13:8e:7a:8a:88:7b:37:3d:e8:16:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Validity
Not Before: Jan 30 16:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea158ea4407bf49c1dded8ca47dd30ade1716ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:e1:eb:02:fc:ad:b8:c8:b4:bf:ff:d8:24:
06:02:3f:38:80:c1:1e:c2:6b:28:e9:44:1a:b6:7e:
bb:ab:b3:76:ff:2f:37:3a:8b:cc:b6:6f:b6:5d:0b:
73:7c:9d:58:c5:20:c8:63:c8:c9:a2:13:89:b3:f5:
fa:02:2e:5e:b4:18:2e:91:d2:b5:98:20:7a:f2:ba:
16:ee:1f:9d:b4:61:a3:c3:6e:1d:c6:79:82:83:64:
44:d8:d0:0c:da:b5:83:b3:86:15:41:83:fb:2e:bb:
ad:2c:e3:2c:95:77:d8:61:00:28:a9:82:bc:9a:65:
7e:aa:06:1f:e1:ac:54:d3:95:75:6c:bf:89:ec:59:
09:90:9e:28:d1:ca:5a:00:c0:22:66:95:ec:dc:23:
79:fd:d3:10:73:ea:4f:be:7a:49:4f:20:ac:6a:87:
6c:d3:dc:10:5a:e1:ae:06:f0:1f:2f:04:1b:a3:5a:
19:aa:b3:e2:42:ca:8d:d0:51:7c:9c:52:25:be:db:
3b:a5:cd:a1:c1:68:ff:e1:3a:eb:fc:93:5d:7c:8d:
07:a4:96:5e:f8:52:4c:4a:ff:00:10:b9:ee:b4:87:
1f:52:7f:8b:fb:c3:70:7c:a7:75:e5:2f:6c:3e:16:
ee:a3:69:fa:ba:cb:b7:b1:0c:2f:3e:37:d9:79:b6:
34:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:15:8E:A4:40:7B:F4:9C:1D:DE:D8:CA:47:DD:30:AD:E1:71:6A:D0
X509v3 Authority Key Identifier:
keyid:D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/6hWOpEB79Jwd3tjKR90wreFxatA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.96.0/19
103.220.0.0/22
119.235.112.0/20
177.93.143.0/24
185.69.184.0/24
216.250.8.0/21
217.174.224.0/20
IPv6:
2a05:2180::/29
Signature Algorithm: sha256WithRSAEncryption
a7:05:3d:65:36:ae:76:1f:40:47:09:df:68:c5:12:5b:eb:77:
e1:06:85:ca:f5:d9:2c:80:3d:71:35:04:86:f2:ad:5e:87:3f:
3b:5b:7a:12:b1:2d:73:a5:26:64:54:d3:aa:1f:48:80:2b:e7:
f6:42:a9:95:38:26:86:6f:26:ba:a6:71:2e:1c:98:83:5d:b5:
50:1e:bf:c8:f2:7b:9d:12:51:ff:ed:ba:ec:cd:8f:ff:52:87:
1e:51:1d:8e:5e:58:8f:c9:5c:1c:f0:2a:2d:fd:d5:fb:9e:8b:
0b:59:94:bd:68:d7:46:3d:bd:b3:3f:0b:58:ad:27:a1:ce:51:
da:2d:fd:ef:05:9b:09:8f:93:e6:8d:a6:5e:9d:ed:63:e3:85:
21:2a:eb:31:07:f9:0c:84:2a:41:70:c5:8b:a9:b4:59:77:ad:
a0:57:85:c7:3e:f8:6f:ba:a7:91:f7:8a:93:d1:e8:db:20:ea:
e3:00:2b:ac:ab:7c:a8:c3:e3:ff:fc:81:fe:98:60:4e:0d:4d:
18:3d:e6:99:45:70:03:a7:ab:fb:ee:2d:79:6c:95:61:81:37:
1e:c8:ec:14:16:e3:09:fb:e2:b3:51:15:6c:04:74:17:12:7a:
e3:7d:a4:9d:dc:4b:44:68:85:67:4e:ff:a5:26:f9:97:9b:6d:
89:e9:08:7a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZS4AzkwPhOOeoqIezc96BbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjlmYTdiOTQ0ZjdlN2M2MGQ3M2VmMTBiNzc2ZmMyNzk5
NWE0ZWQwHhcNMjUwMTMwMTYyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTE1OGVhNDQwN2JmNDljMWRkZWQ4Y2E0N2RkMzBhZGUxNzE2YWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTDh6wL8rbjItL//2CQGAj84gMEe
wmso6UQatn67q7N2/y83OovMtm+2XQtzfJ1YxSDIY8jJohOJs/X6Ai5etBgukdK1
mCB68roW7h+dtGGjw24dxnmCg2RE2NAM2rWDs4YVQYP7LrutLOMslXfYYQAoqYK8
mmV+qgYf4axU05V1bL+J7FkJkJ4o0cpaAMAiZpXs3CN5/dMQc+pPvnpJTyCsaods
09wQWuGuBvAfLwQbo1oZqrPiQsqN0FF8nFIlvts7pc2hwWj/4Trr/JNdfI0HpJZe
+FJMSv8AELnutIcfUn+L+8NwfKd15S9sPhbuo2n6usu3sQwvPjfZebY06wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOoVjqRAe/ScHd7YykfdMK3hcWrQMB8GA1UdIwQY
MBaAFNn5+nuUT358YNc+8Qt3b8J5laTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUt
MDhiZjIyZjY0MDk3LzEvNmhXT3BFQjc5SndkM3RqS1I5MHdyZUZ4YXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUtMDhiZjIyZjY0MDk3
LzEvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFX1VgAwQC
Z9wAAwQEd+twAwQAsV2PAwQAuUW4AwQD2PoIAwQE2a7gMA0EAgACMAcDBQMqBSGA
MA0GCSqGSIb3DQEBCwUAA4IBAQCnBT1lNq52H0BHCd9oxRJb63fhBoXK9dksgD1x
NQSG8q1ehz87W3oSsS1zpSZkVNOqH0iAK+f2QqmVOCaGbya6pnEuHJiDXbVQHr/I
8nudElH/7brszY//UoceUR2OXliPyVwc8Cot/dX7nosLWZS9aNdGPb2zPwtYrSeh
zlHaLf3vBZsJj5PmjaZene1j44UhKusxB/kMhCpBcMWLqbRZd62gV4XHPvhvuqeR
94qT0ejbIOrjACusq3yow+P//IH+mGBODU0YPeaZRXADp6v77i15bJVhgTceyOwU
FuMJ++KzURVsBHQXEnrjfaSd3EtEaIVnTv+lJvmXm22J6Qh6
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:09:51 2025 by rpki-client