Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/yEAhGBhhnsGlSwmABMxYXMoVFmo.roa
File: yEAhGBhhnsGlSwmABMxYXMoVFmo.roa (raw, json)
Hash identifier: 4gRmJAIY5iMdHyen9IsOKFW1O1UVQrjj3rH4hihkCu4=
Subject key identifier: C8:40:21:18:18:61:9E:C1:A5:4B:09:80:04:CC:58:5C:CA:15:16:6A
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0194266C3BE2AF173553A514A4C245E54E42
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/yEAhGBhhnsGlSwmABMxYXMoVFmo.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 85.115.204.0/24 maxlen: 24
85.153.12.0/22 maxlen: 22
85.153.24.0/22 maxlen: 22
85.153.35.0/24 maxlen: 24
85.153.36.0/22 maxlen: 22
85.153.40.0/24 maxlen: 24
85.153.41.0/24 maxlen: 24
85.153.42.0/24 maxlen: 24
85.153.48.0/22 maxlen: 22
85.153.52.0/22 maxlen: 22
85.153.59.0/24 maxlen: 24
85.153.60.0/22 maxlen: 22
85.153.65.0/24 maxlen: 24
85.153.66.0/24 maxlen: 24
85.153.67.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.96.0/22 maxlen: 22
85.153.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3b:e2:af:17:35:53:a5:14:a4:c2:45:e5:4e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c840211818619ec1a54b098004cc585cca15166a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7b:9e:e9:e8:be:b3:0a:17:91:94:90:02:c9:
0a:27:4d:58:db:0e:a3:1a:f7:4b:78:27:f6:89:d2:
c6:4a:6d:db:15:0d:66:8e:d0:b4:0d:a2:2d:48:7b:
17:34:d1:5d:ce:e4:d7:56:7e:63:38:2f:58:79:3f:
a0:54:f7:c5:08:f4:8a:62:87:ab:f3:e0:09:bd:5c:
2d:19:49:51:63:4d:5b:6c:1c:bc:08:59:87:aa:68:
e7:25:18:d1:52:c6:30:20:e0:ff:59:88:b3:04:b8:
32:ed:32:04:da:e4:6f:31:90:17:37:84:b8:60:0d:
bc:6b:fc:9c:61:16:b1:63:f0:28:0a:3f:4c:73:e9:
40:6d:c7:ec:7e:97:c9:23:fd:3e:55:51:e4:f1:37:
d6:eb:03:dd:85:8a:2a:e4:07:a4:10:05:20:b7:cf:
3e:a1:7c:4f:d6:e5:c9:4c:ca:93:ee:54:c0:71:34:
97:9c:18:c8:97:65:c0:a3:73:ae:b8:dd:4a:35:53:
72:59:5f:0a:bb:7c:ee:8c:d2:e1:95:ee:3d:31:ef:
dc:f1:aa:02:ca:3c:8f:99:84:47:2c:a4:43:13:34:
ab:8e:f0:a3:77:fb:21:e3:47:c0:16:a7:54:97:20:
38:fd:dd:0e:2c:ab:3e:bd:6f:27:2f:56:96:c7:cf:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:40:21:18:18:61:9E:C1:A5:4B:09:80:04:CC:58:5C:CA:15:16:6A
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/yEAhGBhhnsGlSwmABMxYXMoVFmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0/24
85.153.12.0/22
85.153.24.0/22
85.153.35.0-85.153.42.255
85.153.48.0/21
85.153.59.0-85.153.63.255
85.153.65.0-85.153.67.255
85.153.72.0/23
85.153.88.0/22
85.153.96.0/22
85.153.114.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d0:cb:43:fe:a9:88:1f:04:b0:bd:41:c9:78:01:08:9f:df:
6a:c3:41:0f:27:34:e7:4a:ba:c9:40:95:15:2d:72:86:f6:4d:
14:ac:15:bc:09:0e:bf:56:32:92:c7:33:50:f0:cf:e3:e5:b8:
c0:ab:91:84:02:a0:83:99:c1:8c:c2:27:e0:4e:2b:4e:66:5f:
57:b4:21:1d:f3:6f:be:a1:5d:0b:58:d8:36:43:cf:6c:72:98:
b4:72:5b:78:bd:a7:a6:a8:32:3f:9a:3b:0a:56:5e:94:95:b2:
e8:42:6d:bc:ef:f4:e6:55:29:96:27:c6:3b:ec:bd:07:d3:78:
8f:40:a2:fd:f6:b1:6b:33:35:40:7f:b4:b9:24:0c:d3:37:71:
56:36:fa:a5:71:54:32:af:37:3e:c3:92:e4:08:09:5b:38:71:
e3:d7:00:af:dc:d0:bf:d7:37:40:14:1b:1e:a2:a7:ed:56:e2:
2f:58:0b:c5:8b:60:71:c0:a5:c8:bf:fb:d8:a8:90:f9:fe:8b:
50:2e:75:af:31:e5:cb:ef:24:8d:0e:31:e9:16:d2:33:98:09:
0f:a8:e9:56:4b:7c:2e:ee:22:10:18:b5:01:ce:29:85:44:d0:
23:bc:61:fb:2f:a1:c3:c0:e7:86:4a:de:cd:b6:bf:6b:ec:28:
9e:16:d4:23
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQmbDvirxc1U6UUpMJF5U5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQwMjExODE4NjE5ZWMxYTU0YjA5ODAwNGNjNTg1Y2NhMTUxNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnue6ei+swoXkZSQAskKJ01Y2w6j
GvdLeCf2idLGSm3bFQ1mjtC0DaItSHsXNNFdzuTXVn5jOC9YeT+gVPfFCPSKYoer
8+AJvVwtGUlRY01bbBy8CFmHqmjnJRjRUsYwIOD/WYizBLgy7TIE2uRvMZAXN4S4
YA28a/ycYRaxY/AoCj9Mc+lAbcfsfpfJI/0+VVHk8TfW6wPdhYoq5AekEAUgt88+
oXxP1uXJTMqT7lTAcTSXnBjIl2XAo3OuuN1KNVNyWV8Ku3zujNLhle49Me/c8aoC
yjyPmYRHLKRDEzSrjvCjd/sh40fAFqdUlyA4/d0OLKs+vW8nL1aWx88c/QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFMhAIRgYYZ7BpUsJgATMWFzKFRZqMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEveUVBaEdCaGhuc0dsU3dtQUJNeFlYTW9WRm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAVXPMAwQC
VZkMAwQCVZkYMAwDBABVmSMDBABVmSoDBANVmTAwDAMEAFWZOwMEBlWZADAMAwQA
VZlBAwQCVZlAAwQBVZlIAwQCVZlYAwQCVZlgAwQAVZlyMA0GCSqGSIb3DQEBCwUA
A4IBAQBT0MtD/qmIHwSwvUHJeAEIn99qw0EPJzTnSrrJQJUVLXKG9k0UrBW8CQ6/
VjKSxzNQ8M/j5bjAq5GEAqCDmcGMwifgTitOZl9XtCEd82++oV0LWNg2Q89scpi0
clt4vaemqDI/mjsKVl6UlbLoQm287/TmVSmWJ8Y77L0H03iPQKL99rFrMzVAf7S5
JAzTN3FWNvqlcVQyrzc+w5LkCAlbOHHj1wCv3NC/1zdAFBseoqftVuIvWAvFi2Bx
wKXIv/vYqJD5/otQLnWvMeXL7ySNDjHpFtIzmAkPqOlWS3wu7iIQGLUBzimFRNAj
vGH7L6HDwOeGSt7Ntr9r7CieFtQj
-----END CERTIFICATE-----
Generated at Thu Apr 24 19:06:45 2025 by rpki-client