Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/BO2GxdENWf3nZf4IjS3W9dxIBdA.roa
File: BO2GxdENWf3nZf4IjS3W9dxIBdA.roa (raw, json)
Hash identifier: CoT9/NP4/6nCeDdnm6fFk7HZ3lUZardt1KwDlood7sQ=
Subject key identifier: 04:ED:86:C5:D1:0D:59:FD:E7:65:FE:08:8D:2D:D6:F5:DC:48:05:D0
Certificate issuer: /CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Certificate serial: 0194AC7527338813DCA20F92191F1E68FAFA
Authority key identifier: 41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/BO2GxdENWf3nZf4IjS3W9dxIBdA.roa
Signing time: Tue 28 Jan 2025 10:29:06 +0000
ROA not before: Tue 28 Jan 2025 10:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35185
IP address blocks: 85.209.164.0/24 maxlen: 24
85.209.165.0/24 maxlen: 24
85.209.166.0/24 maxlen: 24
85.209.167.0/24 maxlen: 24
91.208.199.0/24 maxlen: 24
2a09:d8c7::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:75:27:33:88:13:dc:a2:0f:92:19:1f:1e:68:fa:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Validity
Not Before: Jan 28 10:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04ed86c5d10d59fde765fe088d2dd6f5dc4805d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:da:de:d3:0e:4c:25:b5:45:e7:3b:fe:62:f0:
6b:16:36:b4:44:99:4c:f6:4e:b0:25:36:0c:5c:91:
49:ac:08:6f:a0:7b:2d:28:3a:63:f7:dd:27:83:03:
0c:57:1c:78:9a:30:81:94:ca:a5:53:65:78:24:37:
3f:54:4b:ae:df:41:65:23:0a:51:7a:2a:ff:b9:a9:
9b:64:65:40:3a:ab:62:5a:df:1f:9b:82:74:64:a9:
71:4e:3b:5f:06:49:c2:e8:4e:43:87:d6:01:03:8f:
49:3d:ac:7f:08:46:c0:dd:ee:f6:65:ef:ce:b4:19:
8e:0c:3e:97:4d:81:25:42:da:d5:e8:f5:e3:c8:f3:
0d:c4:38:2a:51:04:1c:0f:89:1d:73:ea:3c:5a:ac:
6b:34:f6:08:63:c3:8d:db:6a:75:a0:de:06:f0:02:
36:0d:d4:8d:82:9f:c5:b1:63:77:de:09:a9:c1:b1:
a8:1c:5a:9d:2f:16:2a:84:04:2c:de:15:07:6a:c0:
a2:f7:4c:1d:34:58:a7:79:f4:9a:6f:bb:8a:92:fe:
e3:5d:e9:10:20:6e:20:a6:23:be:93:cf:0c:31:a9:
b9:5a:f7:f2:1e:35:53:40:85:13:6d:6b:ee:99:b2:
f2:ea:99:6c:b3:d2:9b:b9:a6:f2:0a:4e:18:cd:8b:
a8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:ED:86:C5:D1:0D:59:FD:E7:65:FE:08:8D:2D:D6:F5:DC:48:05:D0
X509v3 Authority Key Identifier:
keyid:41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/BO2GxdENWf3nZf4IjS3W9dxIBdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.164.0/22
91.208.199.0/24
IPv6:
2a09:d8c7::/48
Signature Algorithm: sha256WithRSAEncryption
19:6e:02:8d:f7:a6:8b:8a:11:21:d5:4a:3c:e8:4c:11:38:ad:
c3:c2:3b:28:8b:7c:1d:79:9a:20:92:e0:78:a9:68:a2:6f:5a:
d2:82:2f:4e:ad:54:70:d9:06:46:46:0c:02:9a:81:52:44:41:
94:29:25:4d:e8:c8:4a:8e:9e:c3:c0:68:ec:bd:a3:7e:55:e4:
84:5d:8b:b0:ab:1c:97:86:a1:71:9c:c5:be:12:61:df:c4:0d:
35:3c:bf:6d:fd:91:86:0c:bb:0c:7a:c9:0c:02:22:12:8b:a3:
97:d6:d2:52:c7:d1:c4:2e:e8:9b:0e:14:d9:0a:48:2c:dd:0b:
32:1f:f6:5f:ed:97:16:16:1a:1f:e9:53:49:08:7f:ff:3f:f8:
23:0b:47:db:85:0a:4d:81:56:c9:4a:27:16:65:ed:1a:4b:5c:
07:36:b4:e9:1e:d3:3d:72:e3:a5:e8:e9:2c:f9:2a:c2:22:66:
74:6a:67:a3:ea:b5:fa:07:da:ab:be:44:ac:d4:99:da:4c:ed:
5a:3c:7f:68:2a:b3:e3:e1:bc:7f:67:96:55:b2:77:19:0b:9a:
76:5f:44:2f:b6:e0:15:ff:2b:0f:fd:24:56:77:02:f6:eb:10:
2b:2c:a4:68:e1:0c:af:70:d1:6d:27:af:d0:02:7e:4d:d4:7f:
9c:e6:67:82
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZSsdScziBPcog+SGR8eaPr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjZhYzRhZmFmZDI2OTg4MWMxMGFkMmVjYTJmNGRlZjhl
ZGJkMjEwHhcNMjUwMTI4MTAyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGVkODZjNWQxMGQ1OWZkZTc2NWZlMDg4ZDJkZDZmNWRjNDgwNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9re0w5MJbVF5zv+YvBrFja0RJlM
9k6wJTYMXJFJrAhvoHstKDpj990ngwMMVxx4mjCBlMqlU2V4JDc/VEuu30FlIwpR
eir/uambZGVAOqtiWt8fm4J0ZKlxTjtfBknC6E5Dh9YBA49JPax/CEbA3e72Ze/O
tBmODD6XTYElQtrV6PXjyPMNxDgqUQQcD4kdc+o8WqxrNPYIY8ON22p1oN4G8AI2
DdSNgp/FsWN33gmpwbGoHFqdLxYqhAQs3hUHasCi90wdNFinefSab7uKkv7jXekQ
IG4gpiO+k88MMam5WvfyHjVTQIUTbWvumbLy6plss9KbuabyCk4YzYuoMQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFATthsXRDVn952X+CI0t1vXcSAXQMB8GA1UdIwQY
MBaAFEEmrEr6/SaYgcEK0uyi9N747b0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNhc1N2cjlKcGlCd1FyUzdLTDAzdmp0dlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi85NGRkMmEtNTA0Ni00ODgzLTkxZGEt
YzM5OWJlMDMxYjRhLzEvQk8yR3hkRU5XZjNuWmY0SWpTM1c5ZHhJQmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi85NGRkMmEtNTA0Ni00ODgzLTkxZGEtYzM5OWJlMDMxYjRh
LzEvUVNhc1N2cjlKcGlCd1FyUzdLTDAzdmp0dlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCVdGkAwQA
W9DHMA8EAgACMAkDBwAqCdjHAAAwDQYJKoZIhvcNAQELBQADggEBABluAo33pouK
ESHVSjzoTBE4rcPCOyiLfB15miCS4HipaKJvWtKCL06tVHDZBkZGDAKagVJEQZQp
JU3oyEqOnsPAaOy9o35V5IRdi7CrHJeGoXGcxb4SYd/EDTU8v239kYYMuwx6yQwC
IhKLo5fW0lLH0cQu6JsOFNkKSCzdCzIf9l/tlxYWGh/pU0kIf/8/+CMLR9uFCk2B
VslKJxZl7RpLXAc2tOke0z1y46Xo6Sz5KsIiZnRqZ6PqtfoH2qu+RKzUmdpM7Vo8
f2gqs+PhvH9nllWydxkLmnZfRC+24BX/Kw/9JFZ3AvbrECsspGjhDK9w0W0nr9AC
fk3Uf5zmZ4I=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:05:51 2025 by rpki-client