Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/oHxQEiIs7BKIPX_5IGdNKOpzESY.roa
File: oHxQEiIs7BKIPX_5IGdNKOpzESY.roa (raw, json)
Hash identifier: M3xmeWif8M7PD+E/s7ne/nAK7kiWHb0spy7RsLe2xeg=
Subject key identifier: A0:7C:50:12:22:2C:EC:12:88:3D:7F:F9:20:67:4D:28:EA:73:11:26
Certificate issuer: /CN=ef678469574acc03d782e63281ff44faaab3f847
Certificate serial: 0194258F704DBCA731716325C84F45D9B4C2
Authority key identifier: EF:67:84:69:57:4A:CC:03:D7:82:E6:32:81:FF:44:FA:AA:B3:F8:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/oHxQEiIs7BKIPX_5IGdNKOpzESY.roa
Signing time: Thu 02 Jan 2025 05:49:04 +0000
ROA not before: Thu 02 Jan 2025 05:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209231
IP address blocks: 2.56.140.0/22 maxlen: 24
185.161.236.0/22 maxlen: 24
2a09:c540::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:70:4d:bc:a7:31:71:63:25:c8:4f:45:d9:b4:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef678469574acc03d782e63281ff44faaab3f847
Validity
Not Before: Jan 2 05:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a07c5012222cec12883d7ff920674d28ea731126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f5:cc:94:b0:97:df:d2:ae:05:78:99:a0:bf:
aa:2a:cf:09:c2:4a:0b:c8:52:9b:5c:b5:39:6b:98:
38:e5:7c:b1:59:0d:74:14:e1:e3:77:5a:26:a7:5b:
b9:5e:4c:6b:64:fb:68:1e:a1:85:10:7d:15:03:4c:
aa:9a:0d:2c:4c:58:10:5b:7d:85:ca:1b:da:93:77:
2d:24:65:23:c7:29:18:54:32:f1:1d:02:83:a4:fb:
a2:51:7f:af:75:9f:8d:dd:77:89:03:70:6a:f3:85:
bf:87:23:e3:d9:cb:33:32:2a:6c:97:aa:4f:ed:06:
68:91:cc:ee:cf:ee:f4:5d:8e:be:a1:4b:fc:77:22:
ec:6d:9f:0c:d3:02:8c:1a:1e:95:8b:e4:c5:83:7d:
77:d3:48:23:ca:37:1b:69:9c:b6:93:de:4e:07:98:
e9:34:ca:8a:c1:00:70:a5:45:e0:ef:92:dc:a6:5b:
2e:26:a1:4f:bb:f8:3d:91:57:d3:10:8a:73:cd:6e:
7f:77:06:aa:6c:81:b5:7b:c6:e3:10:9a:76:6c:6d:
fa:32:08:38:45:d9:5d:60:d3:cc:c7:39:59:f9:ee:
0c:f8:8d:75:2c:81:24:36:5c:e0:8a:17:a4:7b:6d:
77:6a:4e:a8:09:6d:11:e7:2d:cd:6b:25:91:b8:3a:
6c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:7C:50:12:22:2C:EC:12:88:3D:7F:F9:20:67:4D:28:EA:73:11:26
X509v3 Authority Key Identifier:
keyid:EF:67:84:69:57:4A:CC:03:D7:82:E6:32:81:FF:44:FA:AA:B3:F8:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/oHxQEiIs7BKIPX_5IGdNKOpzESY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/72eEaVdKzAPXguYygf9E-qqz-Ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.140.0/22
185.161.236.0/22
IPv6:
2a09:c540::/32
Signature Algorithm: sha256WithRSAEncryption
62:61:68:df:8a:c5:79:c1:ff:5a:f8:0e:1f:0e:f2:c2:f4:ba:
58:6e:ae:75:55:52:b2:ad:1c:a5:a3:ec:d3:01:f2:dd:d9:fa:
05:32:3d:75:7a:06:62:71:9e:07:84:c8:60:c3:58:ae:21:96:
da:51:b3:3e:9d:9f:02:c6:8e:8d:14:cf:bd:da:6e:30:ed:14:
fc:fa:d5:74:02:4a:19:2f:3f:5f:15:97:71:ef:a6:12:5f:8d:
c4:06:0c:cc:0c:c3:65:09:e4:a7:65:9c:9f:09:f5:dc:93:7c:
83:a1:8d:63:82:71:90:b0:85:c6:d6:28:bd:57:2f:02:cb:c0:
6d:28:b2:1b:27:85:60:aa:75:10:4d:7a:b1:1d:f7:c1:a6:0d:
99:ed:98:e0:cb:3c:c8:42:7e:90:76:47:5d:2f:e8:10:dc:74:
d3:db:64:11:03:cd:ba:6a:93:23:eb:39:85:af:9f:0b:95:c9:
65:08:fa:88:fc:ca:f2:a6:81:ea:98:e2:b1:a3:fa:91:17:2c:
c9:f4:cc:92:18:3a:a5:81:bf:12:a4:11:18:65:85:aa:09:86:
6d:53:c1:31:dc:88:06:31:1f:2d:74:95:27:9c:85:41:aa:26:
89:cf:e0:e5:64:39:3e:35:ef:9a:df:87:70:2f:a8:82:db:23:
e2:26:2d:10
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlj3BNvKcxcWMlyE9F2bTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNjc4NDY5NTc0YWNjMDNkNzgyZTYzMjgxZmY0NGZhYWFi
M2Y4NDcwHhcNMjUwMTAyMDU0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDdjNTAxMjIyMmNlYzEyODgzZDdmZjkyMDY3NGQyOGVhNzMxMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofXMlLCX39KuBXiZoL+qKs8JwkoL
yFKbXLU5a5g45XyxWQ10FOHjd1omp1u5XkxrZPtoHqGFEH0VA0yqmg0sTFgQW32F
yhvak3ctJGUjxykYVDLxHQKDpPuiUX+vdZ+N3XeJA3Bq84W/hyPj2cszMipsl6pP
7QZokczuz+70XY6+oUv8dyLsbZ8M0wKMGh6Vi+TFg31300gjyjcbaZy2k95OB5jp
NMqKwQBwpUXg75LcplsuJqFPu/g9kVfTEIpzzW5/dwaqbIG1e8bjEJp2bG36Mgg4
RdldYNPMxzlZ+e4M+I11LIEkNlzgiheke213ak6oCW0R5y3NayWRuDpsjQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKB8UBIiLOwSiD1/+SBnTSjqcxEmMB8GA1UdIwQY
MBaAFO9nhGlXSswD14LmMoH/RPqqs/hHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzJlRWFWZEt6QVBYZ3VZeWdmOUUtcXF6LUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9iNDY3M2ItMjEwYi00ZTVhLTg3NmEt
ZGMwNTllNjliMWQwLzEvb0h4UUVpSXM3QktJUFhfNUlHZE5LT3B6RVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9iNDY3M2ItMjEwYi00ZTVhLTg3NmEtZGMwNTllNjliMWQw
LzEvNzJlRWFWZEt6QVBYZ3VZeWdmOUUtcXF6LUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCAjiMAwQC
uaHsMA0EAgACMAcDBQAqCcVAMA0GCSqGSIb3DQEBCwUAA4IBAQBiYWjfisV5wf9a
+A4fDvLC9LpYbq51VVKyrRylo+zTAfLd2foFMj11egZicZ4HhMhgw1iuIZbaUbM+
nZ8Cxo6NFM+92m4w7RT8+tV0AkoZLz9fFZdx76YSX43EBgzMDMNlCeSnZZyfCfXc
k3yDoY1jgnGQsIXG1ii9Vy8Cy8BtKLIbJ4VgqnUQTXqxHffBpg2Z7ZjgyzzIQn6Q
dkddL+gQ3HTT22QRA826apMj6zmFr58LlcllCPqI/MrypoHqmOKxo/qRFyzJ9MyS
GDqlgb8SpBEYZYWqCYZtU8Ex3IgGMR8tdJUnnIVBqiaJz+DlZDk+Ne+a34dwL6iC
2yPiJi0Q
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:53:10 2025 by rpki-client