Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/Avozmlpq2NAlApXiF9Tau5EKTUQ.roa
File: Avozmlpq2NAlApXiF9Tau5EKTUQ.roa (raw, json)
Hash identifier: vr0jQPA+h9rNejJwiSpp4zT7cG9QduoDB1p9Q5O3h6w=
Subject key identifier: 02:FA:33:9A:5A:6A:D8:D0:25:02:95:E2:17:D4:DA:BB:91:0A:4D:44
Certificate issuer: /CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Certificate serial: 019426D993C7E2DCC3B54DE6AA1ABFCDBF66
Authority key identifier: EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/Avozmlpq2NAlApXiF9Tau5EKTUQ.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15763
IP address blocks: 85.22.0.0/16 maxlen: 16
85.22.0.0/20 maxlen: 20
85.22.16.0/20 maxlen: 20
85.22.48.0/24 maxlen: 24
85.22.52.0/24 maxlen: 24
85.22.53.0/24 maxlen: 24
85.22.54.0/24 maxlen: 24
85.22.55.0/24 maxlen: 24
85.22.60.0/24 maxlen: 24
85.22.64.0/24 maxlen: 24
85.22.74.0/24 maxlen: 24
85.22.75.0/24 maxlen: 24
85.22.84.0/22 maxlen: 22
85.22.96.0/20 maxlen: 20
85.22.112.0/20 maxlen: 20
85.22.128.0/22 maxlen: 22
85.22.148.0/23 maxlen: 23
85.22.156.0/24 maxlen: 24
85.22.158.0/24 maxlen: 24
85.22.172.0/24 maxlen: 24
85.22.173.0/24 maxlen: 24
85.22.174.0/24 maxlen: 24
85.22.175.0/24 maxlen: 24
156.67.58.0/24 maxlen: 24
185.151.100.0/22 maxlen: 24
212.29.32.0/19 maxlen: 19
212.29.32.0/24 maxlen: 24
212.29.33.0/24 maxlen: 24
212.29.34.0/24 maxlen: 24
212.29.39.0/24 maxlen: 24
212.29.42.0/24 maxlen: 24
2a03:f580::/32 maxlen: 48
2a03:f580:1::/48 maxlen: 48
2a03:f580:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:93:c7:e2:dc:c3:b5:4d:e6:aa:1a:bf:cd:bf:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02fa339a5a6ad8d0250295e217d4dabb910a4d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9c:11:04:d5:db:1a:4f:e2:5d:21:15:da:87:
1e:36:c9:9e:29:14:ac:3e:cd:1c:76:45:11:63:3c:
9b:66:28:a7:51:cf:dd:42:22:a4:14:a5:5d:d5:af:
56:35:93:56:44:85:cc:09:55:ad:43:49:9a:e9:76:
5a:02:d3:7d:89:44:66:1d:f5:3a:36:d4:a0:15:92:
11:0c:72:89:de:53:f4:57:dd:1d:db:46:a2:33:4c:
d5:42:74:9e:2a:88:6d:5e:77:e0:84:85:b2:af:bf:
a8:06:6e:f4:4b:0e:9d:80:4e:80:8b:15:17:d6:9f:
61:6e:30:72:59:7c:06:08:b2:83:13:24:e3:c0:39:
0f:18:d5:42:77:ed:f6:1b:4d:79:c9:4e:a3:c0:3d:
02:d1:42:29:11:83:8c:e3:33:9f:c0:46:05:99:5e:
27:eb:42:e9:82:53:c3:df:bf:80:9e:d9:12:20:ab:
62:77:92:64:22:23:a9:56:06:4e:df:60:ba:b4:9c:
d6:95:f2:31:d3:5d:83:e0:0b:31:f9:4c:95:38:fc:
e2:ac:8e:2b:9b:82:0e:36:4e:54:34:10:7d:00:9a:
b0:50:24:b8:f2:e9:d1:59:de:9d:b3:61:28:6c:50:
85:04:18:55:4a:33:60:e3:52:38:2e:3c:57:0f:b5:
c9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FA:33:9A:5A:6A:D8:D0:25:02:95:E2:17:D4:DA:BB:91:0A:4D:44
X509v3 Authority Key Identifier:
keyid:EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/Avozmlpq2NAlApXiF9Tau5EKTUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.22.0.0/16
156.67.58.0/24
185.151.100.0/22
212.29.32.0/19
IPv6:
2a03:f580::/32
Signature Algorithm: sha256WithRSAEncryption
01:8b:34:f6:af:8f:38:2c:d8:65:92:eb:9d:fd:7f:97:96:f4:
7d:a1:97:b2:ee:df:df:83:ac:b9:2c:64:ee:7a:1e:66:e4:88:
45:bb:a3:a5:91:52:8f:30:83:5a:a8:6c:af:0e:8f:6d:dc:bc:
f0:b4:7d:6a:c8:ae:42:b8:08:ee:48:1f:ef:e8:d4:8a:bf:14:
1e:52:e0:c8:ae:60:6f:59:d9:9d:e3:1c:8e:b6:05:9b:8d:05:
bf:d2:6a:1f:80:59:80:0a:52:be:56:95:a9:51:3f:55:91:f8:
65:db:ae:73:69:49:b5:11:55:0c:75:29:25:6f:0f:5f:f5:62:
30:03:b2:5c:a7:80:87:64:b6:60:12:b9:2f:8b:67:35:98:8e:
6b:b9:c7:72:30:e5:f2:85:d0:9c:b1:0b:67:8a:4c:24:a3:a8:
c6:5b:4a:ab:61:a2:a4:3d:37:46:64:9b:cd:93:d3:7b:ed:ff:
ea:cf:dd:56:cf:2b:f6:33:91:f7:7a:7b:19:dd:04:90:16:22:
80:3f:d2:30:db:4f:39:07:4e:0a:df:c3:a7:6f:3d:29:af:f5:
d5:6f:6d:91:d3:04:36:13:93:91:f0:bc:9e:bc:8d:d3:86:51:
3e:1d:bf:f1:f3:ea:21:5f:27:94:08:db:de:14:21:2e:1e:87:
82:2e:d5:1e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQm2ZPH4tzDtU3mqhq/zb9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWY5NWY4YzRjNTU0ODI2ZGU4ZjM4YWQ2YmJhOWZiNzQ4
MDI4MjQwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZhMzM5YTVhNmFkOGQwMjUwMjk1ZTIxN2Q0ZGFiYjkxMGE0ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJwRBNXbGk/iXSEV2oceNsmeKRSs
Ps0cdkURYzybZiinUc/dQiKkFKVd1a9WNZNWRIXMCVWtQ0ma6XZaAtN9iURmHfU6
NtSgFZIRDHKJ3lP0V90d20aiM0zVQnSeKohtXnfghIWyr7+oBm70Sw6dgE6AixUX
1p9hbjByWXwGCLKDEyTjwDkPGNVCd+32G015yU6jwD0C0UIpEYOM4zOfwEYFmV4n
60LpglPD37+AntkSIKtid5JkIiOpVgZO32C6tJzWlfIx012D4Asx+UyVOPzirI4r
m4IONk5UNBB9AJqwUCS48unRWd6ds2EobFCFBBhVSjNg41I4LjxXD7XJ9wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAL6M5paatjQJQKV4hfU2ruRCk1EMB8GA1UdIwQY
MBaAFOvvlfjExVSCbejzita7qft0gCgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUt
OWEzNTBmZDFhNGFkLzEvQXZvem1scHEyTkFsQXBYaUY5VGF1NUVLVFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUtOWEzNTBmZDFhNGFk
LzEvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAVRYDBACc
QzoDBAK5l2QDBAXUHSAwDQQCAAIwBwMFACoD9YAwDQYJKoZIhvcNAQELBQADggEB
AAGLNPavjzgs2GWS6539f5eW9H2hl7Lu39+DrLksZO56HmbkiEW7o6WRUo8wg1qo
bK8Oj23cvPC0fWrIrkK4CO5IH+/o1Iq/FB5S4MiuYG9Z2Z3jHI62BZuNBb/Sah+A
WYAKUr5WlalRP1WR+GXbrnNpSbURVQx1KSVvD1/1YjADslyngIdktmASuS+LZzWY
jmu5x3Iw5fKF0JyxC2eKTCSjqMZbSqthoqQ9N0Zkm82T03vt/+rP3VbPK/Yzkfd6
exndBJAWIoA/0jDbTzkHTgrfw6dvPSmv9dVvbZHTBDYTk5HwvJ68jdOGUT4dv/Hz
6iFfJ5QI294UIS4eh4Iu1R4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:44:41 2025 by rpki-client