Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/OzymusYHiIzH-NFPHCUeVUJ8K3M.roa
File: OzymusYHiIzH-NFPHCUeVUJ8K3M.roa (raw, json)
Hash identifier: YUhLR6Y1tGEX8onAjyWy/CxeiebxZZXRNC8ak4R0A38=
Subject key identifier: 3B:3C:A6:BA:C6:07:88:8C:C7:F8:D1:4F:1C:25:1E:55:42:7C:2B:73
Certificate issuer: /CN=6682890b7ed23347478d4d65db0948c3db23ebe7
Certificate serial: 01856E5D6F1AF28C9B987425193CC6800B6F
Authority key identifier: 66:82:89:0B:7E:D2:33:47:47:8D:4D:65:DB:09:48:C3:DB:23:EB:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZoKJC37SM0dHjU1l2wlIw9sj6-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/OzymusYHiIzH-NFPHCUeVUJ8K3M.roa
Signing time: Sun 01 Jan 2023 17:24:55 +0000
ROA not before: Sun 01 Jan 2023 17:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28747
IP address blocks: 193.34.88.0/22 maxlen: 24
217.22.48.0/20 maxlen: 24
217.22.49.0/24 maxlen: 24
94.198.160.0/21 maxlen: 24
86.39.128.0/17 maxlen: 24
193.43.88.0/24 maxlen: 24
2001:1598::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:6f:1a:f2:8c:9b:98:74:25:19:3c:c6:80:0b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6682890b7ed23347478d4d65db0948c3db23ebe7
Validity
Not Before: Jan 1 17:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b3ca6bac607888cc7f8d14f1c251e55427c2b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:06:10:e5:04:10:e7:61:b1:2d:5c:e0:db:46:
85:b6:c8:55:f2:98:bd:e6:da:0d:38:db:6e:98:a1:
f1:93:8d:bd:f5:4c:1c:76:76:f6:42:49:4f:2c:14:
a2:7d:60:a6:dd:57:0e:f5:bb:40:ea:55:e9:b8:6e:
d9:8e:a5:61:a9:6b:bf:34:6c:43:62:72:ba:f2:93:
c1:a1:4e:b1:cd:ba:b8:77:d7:ad:97:92:b7:9b:bd:
04:4b:d6:ce:8f:c5:38:a9:d7:48:06:7d:30:46:b7:
97:21:93:07:5f:77:9d:27:b3:03:7a:39:0c:b4:5b:
8a:38:16:75:f9:ae:fc:d2:89:a5:cd:1e:7f:f5:66:
e1:a3:29:4c:78:ca:ba:37:67:e3:cd:2e:61:05:4d:
a0:30:2e:9d:23:94:a6:cb:0f:a5:92:bc:e9:e0:8a:
8c:50:ec:41:14:3c:60:5b:2f:f3:b0:4c:ba:4c:20:
4f:83:3f:ba:64:5d:d5:44:a8:87:fd:8b:ad:9c:50:
58:61:41:34:13:45:58:47:62:15:08:06:61:ef:57:
b5:62:39:72:60:1e:d0:36:36:ba:8a:8d:dc:30:20:
89:94:b5:c9:2b:08:d4:7b:1e:ba:49:4d:e1:6a:15:
6f:1e:b0:35:38:55:9c:2c:22:97:8e:fe:34:0c:cd:
49:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3C:A6:BA:C6:07:88:8C:C7:F8:D1:4F:1C:25:1E:55:42:7C:2B:73
X509v3 Authority Key Identifier:
keyid:66:82:89:0B:7E:D2:33:47:47:8D:4D:65:DB:09:48:C3:DB:23:EB:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZoKJC37SM0dHjU1l2wlIw9sj6-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/OzymusYHiIzH-NFPHCUeVUJ8K3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/ZoKJC37SM0dHjU1l2wlIw9sj6-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.39.128.0/17
94.198.160.0/21
193.34.88.0/22
193.43.88.0/24
217.22.48.0/20
IPv6:
2001:1598::/32
Signature Algorithm: sha256WithRSAEncryption
12:c4:cb:29:ce:df:7a:0c:5f:31:1f:bc:21:60:93:f0:87:4b:
12:8a:f4:dd:62:6a:2d:77:54:ba:73:92:9f:da:2d:d0:45:0f:
0d:04:24:fb:bf:d8:c0:22:01:af:34:0c:c8:ad:12:a6:b4:6c:
78:15:0c:07:02:cb:b4:7f:0e:5f:de:17:66:9a:79:5f:5e:0c:
46:fd:7b:76:47:48:6e:ee:c1:09:82:54:ff:64:c3:dd:76:5e:
74:f8:c2:38:3a:69:71:1f:8d:13:43:9c:26:16:dc:5d:b5:58:
56:bd:2f:78:3b:2e:97:76:95:be:81:e0:51:5f:c2:cc:45:97:
8d:41:87:eb:e6:1d:2e:5d:9d:d4:06:5e:fd:95:48:58:9c:59:
59:24:86:7d:d1:54:10:3e:d5:3b:19:9a:c9:a6:e5:8a:0d:4d:
50:32:cb:30:fe:e7:f4:fa:c4:39:d5:23:a7:58:1e:cf:01:38:
7f:98:e5:e6:a8:9e:35:59:3b:ca:a6:0f:45:9f:a8:56:89:74:
ee:fe:16:e7:17:a9:51:cd:db:a2:80:25:1f:02:e8:fe:64:2b:
70:33:90:a3:14:5b:86:a0:55:1b:60:4c:53:65:32:22:ae:48:
3c:dd:e2:89:c3:ce:65:45:4c:f5:fc:72:4d:e0:9a:f9:e6:5b:
74:08:6c:29
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVuXW8a8oybmHQlGTzGgAtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODI4OTBiN2VkMjMzNDc0NzhkNGQ2NWRiMDk0OGMzZGIy
M2ViZTcwHhcNMjMwMTAxMTcyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjNjYTZiYWM2MDc4ODhjYzdmOGQxNGYxYzI1MWU1NTQyN2MyYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQYQ5QQQ52GxLVzg20aFtshV8pi9
5toNONtumKHxk4299Uwcdnb2QklPLBSifWCm3VcO9btA6lXpuG7ZjqVhqWu/NGxD
YnK68pPBoU6xzbq4d9etl5K3m70ES9bOj8U4qddIBn0wRreXIZMHX3edJ7MDejkM
tFuKOBZ1+a780omlzR5/9WbhoylMeMq6N2fjzS5hBU2gMC6dI5Smyw+lkrzp4IqM
UOxBFDxgWy/zsEy6TCBPgz+6ZF3VRKiH/YutnFBYYUE0E0VYR2IVCAZh71e1Yjly
YB7QNja6io3cMCCJlLXJKwjUex66SU3hahVvHrA1OFWcLCKXjv40DM1JdwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDs8prrGB4iMx/jRTxwlHlVCfCtzMB8GA1UdIwQY
MBaAFGaCiQt+0jNHR41NZdsJSMPbI+vnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9LSkMzN1NNMGRIalUxbDJ3bEl3OXNqNi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTk4MWQtNjdmNS00ODRlLWJlMWIt
ZmY2NGE5YmE1OTdjLzEvT3p5bXVzWUhpSXpILU5GUEhDVWVWVUo4SzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTk4MWQtNjdmNS00ODRlLWJlMWItZmY2NGE5YmE1OTdj
LzEvWm9LSkMzN1NNMGRIalUxbDJ3bEl3OXNqNi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQHVieAAwQD
XsagAwQCwSJYAwQAwStYAwQE2RYwMA0EAgACMAcDBQAgARWYMA0GCSqGSIb3DQEB
CwUAA4IBAQASxMspzt96DF8xH7whYJPwh0sSivTdYmotd1S6c5Kf2i3QRQ8NBCT7
v9jAIgGvNAzIrRKmtGx4FQwHAsu0fw5f3hdmmnlfXgxG/Xt2R0hu7sEJglT/ZMPd
dl50+MI4OmlxH40TQ5wmFtxdtVhWvS94Oy6XdpW+geBRX8LMRZeNQYfr5h0uXZ3U
Bl79lUhYnFlZJIZ90VQQPtU7GZrJpuWKDU1QMssw/uf0+sQ51SOnWB7PATh/mOXm
qJ41WTvKpg9Fn6hWiXTu/hbnF6lRzduigCUfAuj+ZCtwM5CjFFuGoFUbYExTZTIi
rkg83eKJw85lRUz1/HJN4Jr55lt0CGwp
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:01:56 2025 by rpki-client