Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OHtdamk3K8NdLEh-keiR2rSuuSg.roa
File: OHtdamk3K8NdLEh-keiR2rSuuSg.roa (raw, json)
Hash identifier: qIQbXlJhQUZZHP5a7YOGBONxaoVnF9gndUOU4O5iAEE=
Subject key identifier: 38:7B:5D:6A:69:37:2B:C3:5D:2C:48:7E:91:E8:91:DA:B4:AE:B9:28
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01942747A5151DA620E93C208A27F6ADF796
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OHtdamk3K8NdLEh-keiR2rSuuSg.roa
Signing time: Thu 02 Jan 2025 13:49:54 +0000
ROA not before: Thu 02 Jan 2025 13:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 77.90.156.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
213.209.136.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a5:15:1d:a6:20:e9:3c:20:8a:27:f6:ad:f7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 13:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=387b5d6a69372bc35d2c487e91e891dab4aeb928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:34:04:4c:7c:60:c0:be:18:ac:70:22:73:
b0:22:27:a0:31:33:d9:53:75:f5:85:95:04:60:5e:
ac:dd:45:65:0a:db:51:61:44:7b:b2:24:23:c0:d3:
f2:f3:b2:8b:0b:83:37:8b:6b:b6:11:37:0b:e0:04:
c9:53:c3:6c:bb:3a:70:be:47:0e:4e:1b:b3:63:af:
ae:8e:bd:55:59:84:f0:ea:6e:b0:03:f6:36:31:fe:
33:62:aa:32:cf:70:a3:2e:be:57:60:fd:59:6b:8a:
e8:20:91:1f:3a:79:1c:7a:5c:88:0f:0e:56:b7:fd:
c3:c4:ad:01:ef:0c:9f:ca:f4:04:bd:e3:83:e0:63:
6d:f3:ec:fd:05:fb:7f:3f:be:a2:a0:ef:f6:9a:b0:
0a:cf:b5:3e:af:df:9d:7d:14:86:0b:64:c1:d9:02:
b3:b7:f9:bd:65:64:c7:9c:91:bd:35:35:f7:4d:08:
e6:de:1e:52:b4:e0:78:c8:3f:de:e9:f1:90:29:a6:
0a:ca:4a:30:41:66:ca:c1:a3:75:89:3d:15:63:68:
56:30:b5:a8:d3:a5:68:50:ac:e8:22:a5:7c:06:df:
fb:c5:42:73:07:a5:18:e7:7f:da:79:6e:be:c9:bb:
55:33:2c:69:a7:3b:7e:fa:c6:da:6e:48:ae:de:1a:
a8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7B:5D:6A:69:37:2B:C3:5D:2C:48:7E:91:E8:91:DA:B4:AE:B9:28
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/OHtdamk3K8NdLEh-keiR2rSuuSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.156.0/24
77.90.184.0/24
213.209.136.0/24
213.209.149.0/24
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e6:6a:15:a2:a4:5f:9c:08:b2:ee:b8:4b:a1:fb:37:01:82:
6b:09:d1:7a:1c:e8:2e:75:f4:97:d1:f1:ba:fd:6d:1b:b6:d5:
f0:95:4f:47:dd:ca:42:0d:da:ec:e9:fb:34:cd:b5:aa:11:82:
16:5f:c2:15:8d:54:46:bc:49:a0:80:7b:4f:38:f1:a7:73:25:
61:8a:51:51:7c:dd:16:3f:2d:b8:23:47:e0:20:4b:98:59:c9:
d7:3e:97:f4:5c:25:2c:61:5b:70:d8:29:65:b9:c6:4d:00:32:
45:8f:00:bc:24:5e:1b:b8:80:0e:28:99:5c:72:61:88:8e:fd:
85:d8:61:5d:d4:73:59:98:a7:9a:52:f9:24:30:69:f9:4c:07:
08:5b:e8:6a:de:d0:4b:3b:f1:83:fa:72:68:a7:de:f9:05:93:
00:0e:80:ab:43:1b:59:fc:a4:58:5b:eb:26:e0:de:62:7c:22:
71:8c:5b:25:69:67:4f:e1:c9:24:66:c2:56:89:6e:e1:80:0e:
01:ec:57:7e:dd:ab:c1:bb:96:90:29:5b:50:64:c4:14:cc:6d:
28:2f:44:b1:b8:78:79:35:15:52:08:e2:8b:fd:23:3a:ba:14:
f8:a1:ee:36:81:96:92:a0:fe:12:b8:d5:cd:7a:84:cf:f2:e3:
0c:14:33:79
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnR6UVHaYg6Twgiif2rfeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTAyMTM0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdiNWQ2YTY5MzcyYmMzNWQyYzQ4N2U5MWU4OTFkYWI0YWViOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDI0BEx8YMC+GKxwInOwIiegMTPZ
U3X1hZUEYF6s3UVlCttRYUR7siQjwNPy87KLC4M3i2u2ETcL4ATJU8NsuzpwvkcO
ThuzY6+ujr1VWYTw6m6wA/Y2Mf4zYqoyz3CjLr5XYP1Za4roIJEfOnkcelyIDw5W
t/3DxK0B7wyfyvQEveOD4GNt8+z9Bft/P76ioO/2mrAKz7U+r9+dfRSGC2TB2QKz
t/m9ZWTHnJG9NTX3TQjm3h5StOB4yD/e6fGQKaYKykowQWbKwaN1iT0VY2hWMLWo
06VoUKzoIqV8Bt/7xUJzB6UY53/aeW6+ybtVMyxppzt++sbabkiu3hqoIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDh7XWppNyvDXSxIfpHokdq0rrkoMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvT0h0ZGFtazNLOE5kTEVoLWtlaVIyclN1dVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqcAwQA
TVq4AwQA1dGIAwQA1dGVAwQA1dGcMA0GCSqGSIb3DQEBCwUAA4IBAQB95moVoqRf
nAiy7rhLofs3AYJrCdF6HOgudfSX0fG6/W0bttXwlU9H3cpCDdrs6fs0zbWqEYIW
X8IVjVRGvEmggHtPOPGncyVhilFRfN0WPy24I0fgIEuYWcnXPpf0XCUsYVtw2Cll
ucZNADJFjwC8JF4buIAOKJlccmGIjv2F2GFd1HNZmKeaUvkkMGn5TAcIW+hq3tBL
O/GD+nJop975BZMADoCrQxtZ/KRYW+sm4N5ifCJxjFslaWdP4ckkZsJWiW7hgA4B
7Fd+3avBu5aQKVtQZMQUzG0oL0SxuHh5NRVSCOKL/SM6uhT4oe42gZaSoP4SuNXN
eoTP8uMMFDN5
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:23 2025 by rpki-client