Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3OyPXY9dxb63hYZ3WsY5UGByVjo.roa
File: 3OyPXY9dxb63hYZ3WsY5UGByVjo.roa (raw, json)
Hash identifier: uls+htLMmJ9a4c10uKyvR+2gP8ZN16NCoLX6LvYydWw=
Subject key identifier: DC:EC:8F:5D:8F:5D:C5:BE:B7:85:86:77:5A:C6:39:50:60:72:56:3A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F88FACCBE80193F194D939C414FA5
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3OyPXY9dxb63hYZ3WsY5UGByVjo.roa
Signing time: Thu 02 Jan 2025 05:49:11 +0000
ROA not before: Thu 02 Jan 2025 05:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 46.173.240.0/21 maxlen: 21
64.43.104.0/22 maxlen: 22
64.43.112.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
77.36.120.0/22 maxlen: 22
91.233.0.0/23 maxlen: 23
91.245.184.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
176.103.240.0/21 maxlen: 21
176.103.240.0/22 maxlen: 22
176.103.244.0/22 maxlen: 22
176.116.232.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.184.0/22 maxlen: 22
178.212.188.0/22 maxlen: 22
185.55.4.0/22 maxlen: 22
185.55.4.0/23 maxlen: 23
185.55.6.0/23 maxlen: 23
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
193.36.204.0/22 maxlen: 22
193.36.208.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:88:fa:cc:be:80:19:3f:19:4d:93:9c:41:4f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcec8f5d8f5dc5beb78586775ac639506072563a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d3:da:f0:97:62:06:2a:4b:24:b9:a3:cb:3d:
4d:93:fc:8c:87:27:9f:db:38:83:f3:41:76:c8:dd:
77:60:7c:07:13:79:f6:d7:47:5e:2e:6c:9c:a3:ec:
31:c8:66:45:e9:36:24:84:92:17:e9:fa:9a:ab:29:
22:c8:c6:52:a1:5d:94:fa:d4:d1:b6:66:ef:a8:75:
34:ce:83:9d:ff:41:33:65:c9:b9:38:c0:ee:2c:29:
7f:e8:18:15:da:74:95:9a:48:f3:42:cd:16:80:74:
c1:73:7e:0a:77:fe:3f:3d:5e:dc:f5:03:88:af:b1:
af:87:fa:c1:13:8d:c7:bc:f0:da:fa:18:23:8b:fc:
23:9f:f7:2e:c2:4e:93:91:cb:9d:cf:55:b0:c4:10:
fb:a9:93:3c:47:47:7c:34:3c:ae:e2:a6:af:f4:d1:
bd:7b:08:c1:84:20:fa:1e:dc:70:be:0f:90:f8:5b:
51:14:63:74:7f:e3:53:d2:b4:1c:8a:c7:6d:da:32:
75:72:80:56:8e:ad:f2:0c:30:3e:3f:55:b1:92:c4:
09:4d:ef:7d:27:f0:a2:fb:a7:76:69:85:bc:67:f0:
88:55:f0:5f:71:46:e7:33:fd:40:d8:3b:0f:f1:12:
da:e3:14:04:a6:f2:ad:3f:5e:2d:cc:5d:68:a4:c6:
c9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EC:8F:5D:8F:5D:C5:BE:B7:85:86:77:5A:C6:39:50:60:72:56:3A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3OyPXY9dxb63hYZ3WsY5UGByVjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.240.0/21
64.43.104.0/22
64.43.112.0/22
64.43.124.0/22
77.36.120.0/22
91.233.0.0/23
91.245.184.0/22
176.102.120.0/21
176.103.240.0/21
176.116.232.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
193.36.204.0-193.36.215.255
Signature Algorithm: sha256WithRSAEncryption
8b:84:3d:6e:69:0e:5b:87:f4:e4:ed:86:11:1e:89:d1:48:da:
8b:1b:31:cb:59:b6:e2:bf:b1:07:0d:d8:67:77:5e:93:67:95:
9e:fc:e8:7a:1a:a9:13:0f:d7:f6:a3:30:00:1a:52:f5:13:d3:
46:fb:c4:cd:79:a0:12:70:ea:7b:40:58:3a:f4:1a:0d:d8:48:
80:ba:a2:bc:28:81:10:4e:ff:ea:b0:e0:68:fd:bd:b6:ed:9a:
20:3f:e7:e4:c0:e9:e1:99:3b:c0:21:b5:5c:f2:57:67:f1:f2:
34:e2:d1:ae:62:ec:a8:c7:c8:51:c3:92:ea:f8:f4:18:ad:e9:
52:9f:e4:be:a1:2a:d1:4b:bd:ff:79:f2:c1:7f:ad:c6:6c:b2:
07:7d:cc:4c:7b:ce:3c:8a:3c:4e:76:72:b6:7c:9c:be:da:77:
53:13:c1:ed:6a:05:8e:a2:25:52:1b:d8:6c:44:41:cd:40:a8:
f8:bf:40:0a:0b:82:2b:ee:5b:3c:81:9d:2b:bb:28:ba:54:99:
36:e6:e0:d3:76:d7:a6:e1:24:b5:e7:65:d4:07:83:52:35:68:
90:f0:ec:d4:82:c2:a1:59:bd:d2:f3:a2:2c:b9:94:1a:dc:60:
1f:0f:21:41:48:ae:b7:eb:e5:ea:ea:5d:87:0f:77:87:de:20:
5e:5b:5c:f4
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZQlj4j6zL6AGT8ZTZOcQU+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2VjOGY1ZDhmNWRjNWJlYjc4NTg2Nzc1YWM2Mzk1MDYwNzI1NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9Pa8JdiBipLJLmjyz1Nk/yMhyef
2ziD80F2yN13YHwHE3n210deLmyco+wxyGZF6TYkhJIX6fqaqykiyMZSoV2U+tTR
tmbvqHU0zoOd/0EzZcm5OMDuLCl/6BgV2nSVmkjzQs0WgHTBc34Kd/4/PV7c9QOI
r7Gvh/rBE43HvPDa+hgji/wjn/cuwk6Tkcudz1WwxBD7qZM8R0d8NDyu4qav9NG9
ewjBhCD6Htxwvg+Q+FtRFGN0f+NT0rQcisdt2jJ1coBWjq3yDDA+P1WxksQJTe99
J/Ci+6d2aYW8Z/CIVfBfcUbnM/1A2DsP8RLa4xQEpvKtP14tzF1opMbJowIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFNzsj12PXcW+t4WGd1rGOVBgclY6MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvM095UFhZOWR4YjYzaFlaM1dzWTVVR0J5VmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDLq3wAwQC
QCtoAwQCQCtwAwQCQCt8AwQCTSR4AwQBW+kAAwQCW/W4AwQDsGZ4AwQDsGfwAwQC
sHToAwQDstS4AwQCuTcEAwQCuTeMMAwDBALBJMwDBAPBJNAwDQYJKoZIhvcNAQEL
BQADggEBAIuEPW5pDluH9OTthhEeidFI2osbMctZtuK/sQcN2Gd3XpNnlZ786Hoa
qRMP1/ajMAAaUvUT00b7xM15oBJw6ntAWDr0Gg3YSIC6orwogRBO/+qw4Gj9vbbt
miA/5+TA6eGZO8AhtVzyV2fx8jTi0a5i7KjHyFHDkur49Bit6VKf5L6hKtFLvf95
8sF/rcZssgd9zEx7zjyKPE52crZ8nL7ad1MTwe1qBY6iJVIb2GxEQc1AqPi/QAoL
givuWzyBnSu7KLpUmTbm4NN216bhJLXnZdQHg1I1aJDw7NSCwqFZvdLzoiy5lBrc
YB8PIUFIrrfr5erqXYcPd4feIF5bXPQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:35:06 2025 by rpki-client