Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/OwbaBCkMq_zgK9J1tx_vI8CrLlo.roa
File: OwbaBCkMq_zgK9J1tx_vI8CrLlo.roa (raw, json)
Hash identifier: I5dXYTrKQ9xUgrowYllXzWt5epKq+H/NPuj/IOcM/88=
Subject key identifier: 3B:06:DA:04:29:0C:AB:FC:E0:2B:D2:75:B7:1F:EF:23:C0:AB:2E:5A
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018455CE3D216F7495B16BCCD15012463D31
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/OwbaBCkMq_zgK9J1tx_vI8CrLlo.roa
Signing time: Tue 08 Nov 2022 05:54:50 +0000
ROA not before: Tue 08 Nov 2022 05:54:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.145.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.157.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:55:ce:3d:21:6f:74:95:b1:6b:cc:d1:50:12:46:3d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 8 05:54:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b06da04290cabfce02bd275b71fef23c0ab2e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:37:47:d7:2b:39:cc:1c:1e:dd:b8:34:b6:df:
b4:e5:41:f9:7b:27:d4:b5:47:74:e8:70:e5:9d:e1:
9c:78:50:fe:9a:ff:e6:ae:39:35:94:51:06:fc:8d:
74:32:17:23:10:d0:b2:9b:0a:11:e0:52:63:d1:9f:
11:ee:bb:e3:82:0f:da:f6:78:82:6a:6d:f3:51:79:
16:99:a1:3a:df:95:c1:ed:2a:08:cd:06:b5:07:b9:
75:f3:79:c5:70:c1:2f:20:db:5b:39:58:4f:a2:92:
3c:ba:d6:80:f3:10:97:3b:19:cb:98:2f:c0:6a:a7:
44:27:fe:fc:e2:e1:4b:94:1e:0f:da:00:19:e4:be:
5d:76:cd:47:cb:d5:aa:ec:31:ee:e7:a8:af:75:17:
28:af:ae:c9:f2:02:ee:8e:8e:7d:62:9c:af:68:aa:
5a:cf:9d:cc:3e:5e:b7:22:ca:3f:92:80:75:fc:33:
2a:d3:95:88:91:47:ef:9c:73:12:3f:24:33:c5:da:
7e:4e:0c:87:f8:90:f5:4e:e4:84:39:5e:b2:65:6d:
91:eb:7b:54:6b:d4:6f:a2:95:bc:d7:e9:42:17:d8:
66:b6:f4:e2:8b:cb:63:ae:e7:78:87:f0:13:d6:2f:
45:d6:1c:4c:16:cb:d1:2c:15:2b:81:27:09:a6:97:
78:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:06:DA:04:29:0C:AB:FC:E0:2B:D2:75:B7:1F:EF:23:C0:AB:2E:5A
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/OwbaBCkMq_zgK9J1tx_vI8CrLlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
94.74.137.0/24
94.74.140.0/24
94.74.145.0/24
94.74.147.0/24
94.74.156.0/22
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
Signature Algorithm: sha256WithRSAEncryption
85:6b:9a:10:c0:03:31:b9:d1:3b:fd:27:0e:29:46:d8:a7:67:
1d:7b:2b:7a:c9:b5:74:7a:0c:7c:12:52:f0:eb:95:c2:38:88:
a9:fb:e4:79:8d:9a:69:32:c7:8f:8b:23:be:29:1b:fd:c5:d0:
5f:03:da:60:b5:6a:11:8f:85:f9:08:ba:2c:f4:cc:44:e5:82:
1e:b0:9f:c9:d5:94:39:3e:a5:f6:41:97:70:c9:9e:ef:86:b2:
47:c8:c9:03:8b:92:31:8d:03:17:96:92:a9:08:7a:ef:05:90:
0c:bb:ed:a3:32:ee:45:31:f0:3f:b5:ff:6a:6d:7d:34:4f:e1:
34:2d:2d:4f:e1:c9:5e:9c:16:45:1c:b8:e3:70:07:ec:59:99:
2e:76:2b:d3:08:b4:60:c1:87:8c:6a:36:07:c0:d7:0d:10:43:
79:97:14:09:72:14:d0:98:6a:7d:e9:c0:4c:51:0a:b4:5b:31:
c6:0f:b9:6b:58:2b:91:ec:36:27:60:03:f8:75:eb:6c:91:f0:
31:23:a0:2c:3d:95:c7:f5:bd:b9:cd:c4:9c:46:f4:52:ce:1d:
70:05:46:eb:fc:ac:7b:b3:62:93:04:ce:3f:de:70:7a:c3:ca:
af:cb:53:7c:56:84:c3:3b:b8:d0:6f:59:a2:d5:f6:a8:95:4b:
06:80:1d:57
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYRVzj0hb3SVsWvM0VASRj0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTA4MDU1NDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA2ZGEwNDI5MGNhYmZjZTAyYmQyNzViNzFmZWYyM2MwYWIyZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTdH1ys5zBwe3bg0tt+05UH5eyfU
tUd06HDlneGceFD+mv/mrjk1lFEG/I10MhcjENCymwoR4FJj0Z8R7rvjgg/a9niC
am3zUXkWmaE635XB7SoIzQa1B7l183nFcMEvINtbOVhPopI8utaA8xCXOxnLmC/A
aqdEJ/784uFLlB4P2gAZ5L5dds1Hy9Wq7DHu56ivdRcor67J8gLujo59YpyvaKpa
z53MPl63Iso/koB1/DMq05WIkUfvnHMSPyQzxdp+TgyH+JD1TuSEOV6yZW2R63tU
a9RvopW81+lCF9hmtvTii8tjrud4h/AT1i9F1hxMFsvRLBUrgScJppd4TwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFDsG2gQpDKv84CvSdbcf7yPAqy5aMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvT3diYUJDa01xX3pnSzlKMXR4X3ZJOENyTGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAH6o3AwQA
XkqJAwQAXkqMAwQAXkqRAwQAXkqTAwQCXkqcAwQAXkqkAwQBXkqoAwQAXkqrAwQA
XkqtAwQAXkq2AwQAXkq7AwQAXkq/MA0GCSqGSIb3DQEBCwUAA4IBAQCFa5oQwAMx
udE7/ScOKUbYp2cdeyt6ybV0egx8ElLw65XCOIip++R5jZppMsePiyO+KRv9xdBf
A9pgtWoRj4X5CLos9MxE5YIesJ/J1ZQ5PqX2QZdwyZ7vhrJHyMkDi5IxjQMXlpKp
CHrvBZAMu+2jMu5FMfA/tf9qbX00T+E0LS1P4clenBZFHLjjcAfsWZkudivTCLRg
wYeMajYHwNcNEEN5lxQJchTQmGp96cBMUQq0WzHGD7lrWCuR7DYnYAP4detskfAx
I6AsPZXH9b25zcScRvRSzh1wBUbr/Kx7s2KTBM4/3nB6w8qvy1N8VoTDO7jQb1mi
1faolUsGgB1X
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:33 2025 by rpki-client