Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/O9d_gV74yYpX6Um_s3aWdDm_Ej0.roa
File: O9d_gV74yYpX6Um_s3aWdDm_Ej0.roa (raw, json)
Hash identifier: RbexetxXBeJZCWdrT/LqIU6zAstJlnMOcoJBHKsXhoQ=
Subject key identifier: 3B:D7:7F:81:5E:F8:C9:8A:57:E9:49:BF:B3:76:96:74:39:BF:12:3D
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0194266C4078C40A668FF1D923F4A6FEDE6B
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/O9d_gV74yYpX6Um_s3aWdDm_Ej0.roa
Signing time: Thu 02 Jan 2025 09:50:15 +0000
ROA not before: Thu 02 Jan 2025 09:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203963
IP address blocks: 85.153.47.0/24 maxlen: 24
85.153.112.0/24 maxlen: 24
85.153.115.0/24 maxlen: 24
85.153.116.0/24 maxlen: 24
85.153.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:40:78:c4:0a:66:8f:f1:d9:23:f4:a6:fe:de:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 2 09:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bd77f815ef8c98a57e949bfb376967439bf123d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:52:c9:23:39:e7:d5:8d:b8:3b:87:12:cd:8a:
1c:62:6d:60:ec:50:4b:9a:96:d7:c7:f1:19:f8:bc:
e5:85:18:f3:62:5a:e1:06:2f:02:f7:a6:65:a7:84:
31:bf:e2:bd:10:93:b3:1d:e0:16:85:51:68:2d:12:
f6:9e:4f:76:d3:53:2b:ed:ea:33:73:05:a7:54:73:
43:3f:44:4d:bc:9c:a1:8d:c4:aa:b2:8e:f0:f4:46:
47:0e:20:13:68:30:48:0f:57:96:4e:99:c5:2a:9e:
00:ee:a3:1c:d5:86:a7:2d:ee:28:2f:af:bd:5d:70:
32:6f:a5:49:ad:3d:54:6d:f5:65:a5:c2:6d:2e:d6:
bc:4e:f5:74:4a:65:47:7b:a4:cb:69:e1:02:19:1b:
2c:57:21:b2:a2:fd:d0:15:ed:3e:b6:c8:32:f3:2c:
09:d5:79:29:c2:2d:75:b5:56:dc:f4:02:ed:3f:11:
ca:bb:c9:39:97:1d:14:f7:05:d2:1d:f8:77:93:ef:
f0:78:a0:0f:16:3e:30:43:e9:05:ad:34:dd:a3:2c:
c1:9a:eb:9e:9a:8c:ec:ea:09:ee:27:e0:b5:d7:50:
e5:b2:86:dd:6d:01:0c:b6:4d:ee:0f:fd:60:19:5d:
fb:77:95:5b:25:df:f3:13:3f:74:b8:46:a4:68:26:
2a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D7:7F:81:5E:F8:C9:8A:57:E9:49:BF:B3:76:96:74:39:BF:12:3D
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/O9d_gV74yYpX6Um_s3aWdDm_Ej0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.47.0/24
85.153.112.0/24
85.153.115.0-85.153.117.255
Signature Algorithm: sha256WithRSAEncryption
4d:9f:81:9c:1f:df:74:2a:92:02:23:3b:28:e6:8a:20:59:9f:
58:d7:5c:b6:3b:ea:7b:8e:d8:c4:a4:49:14:b9:10:82:c2:d1:
85:df:5b:fc:d8:24:85:36:9c:b3:8f:9e:70:5f:c3:73:b9:df:
6a:a5:32:f0:5b:76:f0:26:be:6c:8b:0b:ae:09:a6:27:e2:bb:
94:c9:ee:c7:34:eb:25:ce:dd:69:62:fb:57:01:2f:45:f0:95:
0a:16:b5:42:89:04:0c:83:da:7f:39:54:bd:35:c6:23:a0:1d:
70:8e:8b:f3:df:07:03:2b:87:45:6f:e0:f2:b9:93:db:e4:f8:
1b:23:12:72:9b:a6:d5:db:d7:dc:1d:6e:7a:ae:7e:12:01:c9:
a0:39:cf:f7:3b:6c:1b:0c:15:61:a3:3a:19:f4:c3:1e:7d:b6:
77:73:29:ba:3d:85:fb:cf:e7:57:fe:0d:28:21:b8:54:75:9d:
06:93:ce:67:e4:3a:f5:e4:9c:88:38:86:1b:87:9d:96:b3:44:
67:b8:6d:0c:89:57:df:45:21:e6:4d:aa:1a:0c:41:58:8e:c6:
6d:2f:b6:be:12:6d:ab:81:62:cf:f2:d5:94:0b:06:b7:c4:fd:
01:5e:b3:6e:01:16:e1:c7:8b:25:b7:da:98:3d:99:58:19:96:
55:8b:af:0a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQmbEB4xApmj/HZI/Sm/t5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjUwMTAyMDk1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ3N2Y4MTVlZjhjOThhNTdlOTQ5YmZiMzc2OTY3NDM5YmYxMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFLJIznn1Y24O4cSzYocYm1g7FBL
mpbXx/EZ+LzlhRjzYlrhBi8C96Zlp4Qxv+K9EJOzHeAWhVFoLRL2nk9201Mr7eoz
cwWnVHNDP0RNvJyhjcSqso7w9EZHDiATaDBID1eWTpnFKp4A7qMc1YanLe4oL6+9
XXAyb6VJrT1UbfVlpcJtLta8TvV0SmVHe6TLaeECGRssVyGyov3QFe0+tsgy8ywJ
1Xkpwi11tVbc9ALtPxHKu8k5lx0U9wXSHfh3k+/weKAPFj4wQ+kFrTTdoyzBmuue
mozs6gnuJ+C111DlsobdbQEMtk3uD/1gGV37d5VbJd/zEz90uEakaCYqqQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDvXf4Fe+MmKV+lJv7N2lnQ5vxI9MB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvTzlkX2dWNzR5WXBYNlVtX3MzYVdkRG1fRWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVZkvAwQA
VZlwMAwDBABVmXMDBAFVmXQwDQYJKoZIhvcNAQELBQADggEBAE2fgZwf33QqkgIj
OyjmiiBZn1jXXLY76nuO2MSkSRS5EILC0YXfW/zYJIU2nLOPnnBfw3O532qlMvBb
dvAmvmyLC64Jpifiu5TJ7sc06yXO3Wli+1cBL0XwlQoWtUKJBAyD2n85VL01xiOg
HXCOi/PfBwMrh0Vv4PK5k9vk+BsjEnKbptXb19wdbnqufhIByaA5z/c7bBsMFWGj
Ohn0wx59tndzKbo9hfvP51f+DSghuFR1nQaTzmfkOvXknIg4hhuHnZazRGe4bQyJ
V99FIeZNqhoMQViOxm0vtr4SbauBYs/y1ZQLBrfE/QFes24BFuHHiyW32pg9mVgZ
llWLrwo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:16:55 2025 by rpki-client