Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/O1nhgtabVgBeAnu0iNWFULz7WJg.roa
File: O1nhgtabVgBeAnu0iNWFULz7WJg.roa (raw, json)
Hash identifier: RwRPZW82fTAmQyaaEUsZPgq3O/S3TxoFJSvzgsft7E4=
Subject key identifier: 3B:59:E1:82:D6:9B:56:00:5E:02:7B:B4:88:D5:85:50:BC:FB:58:98
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01953F3044A3DDEA781A6DBD92F66B487CF5
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/O1nhgtabVgBeAnu0iNWFULz7WJg.roa
Signing time: Tue 25 Feb 2025 22:18:02 +0000
ROA not before: Tue 25 Feb 2025 22:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 46.173.240.0/21 maxlen: 21
64.43.104.0/22 maxlen: 22
64.43.112.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
77.36.120.0/22 maxlen: 22
91.233.0.0/23 maxlen: 23
91.245.184.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
176.103.240.0/21 maxlen: 21
176.103.240.0/22 maxlen: 22
176.103.244.0/22 maxlen: 22
176.116.232.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.184.0/22 maxlen: 22
178.212.188.0/22 maxlen: 22
185.55.4.0/22 maxlen: 22
185.55.4.0/23 maxlen: 23
185.55.6.0/23 maxlen: 23
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
193.36.204.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3f:30:44:a3:dd:ea:78:1a:6d:bd:92:f6:6b:48:7c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 25 22:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b59e182d69b56005e027bb488d58550bcfb5898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:39:07:de:f5:d9:3b:c0:88:24:39:57:9f:78:
c7:e0:17:68:60:1e:55:3c:3a:7d:43:38:0f:7e:14:
77:2d:2b:26:a1:af:21:c6:57:67:c6:e0:25:9a:86:
2a:f1:48:6c:c9:32:9e:db:04:05:61:b4:6b:8c:bb:
70:1c:f2:14:21:e2:7c:85:ba:c4:e7:d0:7f:04:46:
f3:1c:5a:ce:44:4e:6b:21:5f:16:21:23:e8:c7:89:
6f:a3:6c:c1:2a:ff:5f:4b:1d:d6:17:ca:cf:cb:30:
98:c9:e3:9f:fb:f7:39:da:84:f9:cd:d0:cb:c9:90:
c3:8c:b7:1d:c8:9a:c0:67:c6:5a:48:ba:76:d9:0e:
f0:c1:8c:5e:4b:75:1e:c6:a0:3c:db:95:d3:cd:4a:
8f:a7:30:a0:ae:32:1a:6a:43:74:54:dc:f9:f7:bc:
b0:20:25:2b:0f:97:79:c3:47:b4:74:59:b3:83:1f:
f7:89:3d:86:fa:7e:c9:f9:bf:90:11:73:6f:e7:2d:
5d:1a:74:be:fe:0b:df:45:0d:e0:03:92:33:b4:18:
90:d6:85:96:5d:7a:7f:2a:67:a1:b7:40:21:f6:e7:
27:38:c2:2e:d9:8d:99:1e:0b:f0:f2:07:34:94:7b:
3e:dd:06:97:9c:3e:c8:bc:14:78:b5:5c:a6:5d:1a:
b4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:59:E1:82:D6:9B:56:00:5E:02:7B:B4:88:D5:85:50:BC:FB:58:98
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/O1nhgtabVgBeAnu0iNWFULz7WJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.240.0/21
64.43.104.0/22
64.43.112.0/22
64.43.124.0/22
77.36.120.0/22
91.233.0.0/23
91.245.184.0/22
176.102.120.0/21
176.103.240.0/21
176.116.232.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
91:35:e1:ff:13:27:39:3c:5d:6b:0e:31:19:70:9e:bb:9c:67:
51:87:86:fc:05:30:24:70:29:e2:cd:37:d7:a5:b5:7b:26:3f:
7b:90:f5:7c:c0:08:cd:73:fb:93:6b:c3:9d:ec:c5:11:57:c8:
05:4f:21:d1:4b:be:c8:7c:14:31:f2:f2:ca:a7:01:2e:a5:eb:
bf:6b:37:05:a5:31:00:3b:88:c3:dc:fb:b3:14:38:de:95:85:
0e:69:42:5f:d0:4c:0d:20:e8:31:f5:45:62:1f:34:20:d7:b8:
22:73:32:b0:ba:ef:ee:27:32:27:d2:42:e6:3f:63:d9:27:1a:
27:23:58:0c:14:f7:3c:34:9f:f1:cc:56:68:2f:68:71:64:cc:
70:09:61:84:af:d2:8c:31:7a:0c:a3:fc:f3:c4:43:3c:92:99:
f8:e9:f1:24:7b:77:9e:1d:81:f1:98:33:e5:16:f9:a4:90:0e:
a6:23:42:e3:49:32:54:d2:7f:41:4b:66:df:0c:db:31:ca:88:
5a:94:9d:d1:4a:13:0c:f0:f7:f5:4e:c8:73:33:50:aa:cc:9b:
97:87:21:41:e6:85:df:1e:bf:e2:66:6a:f5:df:15:47:08:c2:
7a:ad:e9:e9:41:26:74:94:7a:71:80:25:9f:16:3f:10:8e:13:
9f:42:5d:c5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZU/MESj3ep4Gm29kvZrSHz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMjI1MjIxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU5ZTE4MmQ2OWI1NjAwNWUwMjdiYjQ4OGQ1ODU1MGJjZmI1ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTkH3vXZO8CIJDlXn3jH4BdoYB5V
PDp9QzgPfhR3LSsmoa8hxldnxuAlmoYq8UhsyTKe2wQFYbRrjLtwHPIUIeJ8hbrE
59B/BEbzHFrORE5rIV8WISPox4lvo2zBKv9fSx3WF8rPyzCYyeOf+/c52oT5zdDL
yZDDjLcdyJrAZ8ZaSLp22Q7wwYxeS3UexqA825XTzUqPpzCgrjIaakN0VNz597yw
ICUrD5d5w0e0dFmzgx/3iT2G+n7J+b+QEXNv5y1dGnS+/gvfRQ3gA5IztBiQ1oWW
XXp/Kmeht0Ah9ucnOMIu2Y2ZHgvw8gc0lHs+3QaXnD7IvBR4tVymXRq07QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDtZ4YLWm1YAXgJ7tIjVhVC8+1iYMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTzFuaGd0YWJWZ0JlQW51MGlOV0ZVTHo3V0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQDLq3wAwQC
QCtoAwQCQCtwAwQCQCt8AwQCTSR4AwQBW+kAAwQCW/W4AwQDsGZ4AwQDsGfwAwQC
sHToAwQDstS4AwQCuTcEAwQCuTeMAwQCwSTMMA0GCSqGSIb3DQEBCwUAA4IBAQCR
NeH/Eyc5PF1rDjEZcJ67nGdRh4b8BTAkcCnizTfXpbV7Jj97kPV8wAjNc/uTa8Od
7MURV8gFTyHRS77IfBQx8vLKpwEupeu/azcFpTEAO4jD3PuzFDjelYUOaUJf0EwN
IOgx9UViHzQg17giczKwuu/uJzIn0kLmP2PZJxonI1gMFPc8NJ/xzFZoL2hxZMxw
CWGEr9KMMXoMo/zzxEM8kpn46fEke3eeHYHxmDPlFvmkkA6mI0LjSTJU0n9BS2bf
DNsxyohalJ3RShMM8Pf1TshzM1CqzJuXhyFB5oXfHr/iZmr13xVHCMJ6renpQSZ0
lHpxgCWfFj8QjhOfQl3F
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:34:55 2025 by rpki-client