Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/9V85HLFbpWnoHuwfi3uBdYCY9ZM.roa
File: 9V85HLFbpWnoHuwfi3uBdYCY9ZM.roa (raw, json)
Hash identifier: sWuFEcVAMiwExmVPdpvYCkHmeYDgX5Tn0zMIqcTEx/4=
Subject key identifier: F5:5F:39:1C:B1:5B:A5:69:E8:1E:EC:1F:8B:7B:81:75:80:98:F5:93
Certificate issuer: /CN=1e02b2489f4713962d105112b25276eb81f1ac90
Certificate serial: 019424B3FC1AD9088F00FC8BC5BBE0A4571A
Authority key identifier: 1E:02:B2:48:9F:47:13:96:2D:10:51:12:B2:52:76:EB:81:F1:AC:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HgKySJ9HE5YtEFESslJ264HxrJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/9V85HLFbpWnoHuwfi3uBdYCY9ZM.roa
Signing time: Thu 02 Jan 2025 01:49:22 +0000
ROA not before: Thu 02 Jan 2025 01:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56650
IP address blocks: 85.208.64.0/22 maxlen: 22
85.208.64.0/24 maxlen: 24
85.208.65.0/24 maxlen: 24
85.208.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:fc:1a:d9:08:8f:00:fc:8b:c5:bb:e0:a4:57:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e02b2489f4713962d105112b25276eb81f1ac90
Validity
Not Before: Jan 2 01:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f55f391cb15ba569e81eec1f8b7b81758098f593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6d:63:1d:a7:4b:58:a4:c6:be:f1:37:97:dc:
08:cb:0d:3d:2c:15:ff:36:4e:cb:2a:ca:f0:21:15:
fd:b8:44:12:1b:91:a2:64:62:bf:6b:ba:00:23:13:
19:30:49:06:07:8f:e7:54:2a:97:6a:0a:23:6b:89:
dc:aa:16:99:a5:df:8e:2b:75:b0:f7:11:07:db:7a:
6e:ef:ca:b8:05:fe:a0:4e:cf:47:ce:50:42:6a:a1:
02:fa:a4:31:01:34:f1:09:7d:ef:61:da:a5:df:e0:
f0:9a:14:8f:07:1d:e2:fa:ca:88:76:1c:c7:ec:41:
8c:a1:f0:ac:b6:46:ad:7e:b8:8c:cf:50:59:a6:b2:
1e:16:89:25:93:71:4d:47:80:15:fc:c3:08:b0:08:
eb:4b:f1:81:1b:4c:93:4a:a0:3e:86:99:13:49:c0:
72:0d:b3:38:d1:10:2b:10:36:53:76:09:12:e9:60:
81:35:5f:77:ef:c0:25:2a:f6:c9:70:ea:55:ba:ef:
28:2e:b0:65:56:27:38:e9:7c:53:1f:93:91:47:f5:
27:83:29:af:f7:ba:9c:92:92:7a:2a:f7:9b:ec:2d:
06:cf:76:0f:d8:5a:d2:96:2c:dd:02:46:29:06:13:
3b:7e:74:3b:cd:9b:31:32:63:f7:83:8a:15:5c:50:
d0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:5F:39:1C:B1:5B:A5:69:E8:1E:EC:1F:8B:7B:81:75:80:98:F5:93
X509v3 Authority Key Identifier:
keyid:1E:02:B2:48:9F:47:13:96:2D:10:51:12:B2:52:76:EB:81:F1:AC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgKySJ9HE5YtEFESslJ264HxrJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/9V85HLFbpWnoHuwfi3uBdYCY9ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/HgKySJ9HE5YtEFESslJ264HxrJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.64.0/22
Signature Algorithm: sha256WithRSAEncryption
23:9f:16:1a:37:43:df:50:08:87:b3:35:a8:e1:f5:31:7d:62:
29:ea:d9:1f:2f:d3:38:aa:fb:bd:c4:e4:43:42:76:f4:8b:52:
58:f4:0d:a4:d7:52:46:13:22:08:ea:52:f2:7b:f5:68:9f:99:
22:32:52:90:78:54:70:13:50:c2:d0:73:11:ff:e3:d0:76:0b:
91:14:ff:c5:64:5f:7c:5c:37:d2:b8:76:51:38:79:88:d1:0b:
c1:d8:c2:6b:ef:30:8d:7a:78:75:2d:11:6c:d1:2b:64:19:dc:
ab:32:a7:90:eb:31:f7:13:fe:23:b4:cc:92:e0:d1:a3:ca:0f:
28:9c:e3:0c:70:81:38:39:0a:15:49:5b:e7:f5:63:22:83:75:
cd:20:57:2d:e2:c1:b6:5f:0e:48:4f:4e:4b:27:30:f3:5e:66:
3e:24:5a:25:1c:08:78:7c:a0:5b:42:6b:f5:22:60:34:47:78:
62:08:11:3d:88:dc:58:f6:20:1f:ef:96:2a:2a:de:33:67:ad:
ef:f7:48:6f:63:fd:31:46:2c:f1:69:80:f6:0c:32:7e:b9:76:
26:c1:f6:fb:d4:93:cd:f7:b8:0f:4f:e8:63:e0:d5:2e:c8:b4:
14:06:6a:11:71:a3:45:32:30:51:70:8c:1c:02:49:52:2b:52:
2b:ef:e2:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks/wa2QiPAPyLxbvgpFcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMDJiMjQ4OWY0NzEzOTYyZDEwNTExMmIyNTI3NmViODFm
MWFjOTAwHhcNMjUwMTAyMDE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTVmMzkxY2IxNWJhNTY5ZTgxZWVjMWY4YjdiODE3NTgwOThmNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo21jHadLWKTGvvE3l9wIyw09LBX/
Nk7LKsrwIRX9uEQSG5GiZGK/a7oAIxMZMEkGB4/nVCqXagoja4ncqhaZpd+OK3Ww
9xEH23pu78q4Bf6gTs9HzlBCaqEC+qQxATTxCX3vYdql3+DwmhSPBx3i+sqIdhzH
7EGMofCstkatfriMz1BZprIeFoklk3FNR4AV/MMIsAjrS/GBG0yTSqA+hpkTScBy
DbM40RArEDZTdgkS6WCBNV9378AlKvbJcOpVuu8oLrBlVic46XxTH5ORR/Ungymv
97qckpJ6Kveb7C0Gz3YP2FrSlizdAkYpBhM7fnQ7zZsxMmP3g4oVXFDQQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVfORyxW6Vp6B7sH4t7gXWAmPWTMB8GA1UdIwQY
MBaAFB4CskifRxOWLRBRErJSduuB8ayQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGdLeVNKOUhFNVl0RUZFU3NsSjI2NEh4ckpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jMGEzMjYtODhlMS00MmI0LTlkNTYt
MDkyMWQxYmJmMzQ5LzEvOVY4NUhMRmJwV25vSHV3ZmkzdUJkWUNZOVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jMGEzMjYtODhlMS00MmI0LTlkNTYtMDkyMWQxYmJmMzQ5
LzEvSGdLeVNKOUhFNVl0RUZFU3NsSjI2NEh4ckpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdBAMA0G
CSqGSIb3DQEBCwUAA4IBAQAjnxYaN0PfUAiHszWo4fUxfWIp6tkfL9M4qvu9xORD
Qnb0i1JY9A2k11JGEyII6lLye/Von5kiMlKQeFRwE1DC0HMR/+PQdguRFP/FZF98
XDfSuHZROHmI0QvB2MJr7zCNenh1LRFs0StkGdyrMqeQ6zH3E/4jtMyS4NGjyg8o
nOMMcIE4OQoVSVvn9WMig3XNIFct4sG2Xw5IT05LJzDzXmY+JFolHAh4fKBbQmv1
ImA0R3hiCBE9iNxY9iAf75YqKt4zZ63v90hvY/0xRizxaYD2DDJ+uXYmwfb71JPN
97gPT+hj4NUuyLQUBmoRcaNFMjBRcIwcAklSK1Ir7+II
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:32:46 2025 by rpki-client