Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/0oXrffU-rSHDpr6TX7IphO7-POk.roa
File: 0oXrffU-rSHDpr6TX7IphO7-POk.roa (raw, json)
Hash identifier: WbRM1hyDPFlmbx1lM12Y7DHbqSzxb6BFvKIPhKhJrRs=
Subject key identifier: D2:85:EB:7D:F5:3E:AD:21:C3:A6:BE:93:5F:B2:29:84:EE:FE:3C:E9
Certificate issuer: /CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Certificate serial: 019423D6CB3B601E3EA196AF7AF8993CA2A5
Authority key identifier: 74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/0oXrffU-rSHDpr6TX7IphO7-POk.roa
Signing time: Wed 01 Jan 2025 21:47:46 +0000
ROA not before: Wed 01 Jan 2025 21:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61369
IP address blocks: 83.151.192.0/22 maxlen: 24
88.202.208.0/22 maxlen: 24
88.212.156.0/22 maxlen: 24
185.8.132.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:cb:3b:60:1e:3e:a1:96:af:7a:f8:99:3c:a2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Validity
Not Before: Jan 1 21:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d285eb7df53ead21c3a6be935fb22984eefe3ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:62:60:48:6f:2f:81:42:79:cc:43:36:ed:05:
40:ab:4f:ee:fa:bf:d1:b9:f7:47:8b:c9:68:e1:cf:
e3:60:da:16:71:2b:30:ad:bc:d1:e8:5d:5e:72:62:
22:fc:8c:f9:74:2a:60:fa:c6:ab:3a:3d:e2:1a:59:
84:dd:f4:54:71:f4:08:0c:83:32:ed:b1:2f:cf:5c:
2e:d9:da:2f:25:df:10:d0:c3:43:73:da:7e:da:3a:
e2:ae:42:a9:a1:99:36:56:d2:c3:e7:4b:4a:0d:d5:
ad:ba:27:7c:41:03:e8:98:b5:d4:d2:34:4c:45:b4:
96:89:28:88:b9:ac:a3:12:73:91:ad:25:32:be:55:
ba:83:10:a8:68:5d:f8:0a:8a:f1:50:d4:87:d9:7f:
7e:0e:ea:db:6f:b7:95:ae:8d:50:34:2f:06:03:3b:
51:29:15:4e:e2:7e:02:86:c8:ac:8c:3b:cb:35:42:
d2:87:be:1d:2a:fa:cf:70:10:12:c9:1f:fa:0a:59:
6a:bb:27:33:20:e1:7c:69:17:8b:82:a2:fe:36:f9:
1d:85:fc:aa:92:72:ce:93:29:e8:ab:49:26:e3:9e:
0b:07:ba:7f:a1:60:8e:75:9b:ab:56:79:51:bf:57:
9a:e8:3d:66:d2:5d:06:66:42:c5:76:90:2e:f3:b1:
6f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:85:EB:7D:F5:3E:AD:21:C3:A6:BE:93:5F:B2:29:84:EE:FE:3C:E9
X509v3 Authority Key Identifier:
keyid:74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/0oXrffU-rSHDpr6TX7IphO7-POk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/dEXd7t-9ctMT6e6MzuroQDzDQUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.151.192.0/22
88.202.208.0/22
88.212.156.0/22
185.8.132.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:27:7e:e5:10:de:1a:c1:b7:3f:5a:d0:98:02:01:2f:f9:cc:
78:6a:44:29:8d:7f:ae:95:80:fa:2d:ee:ef:cd:98:39:88:d4:
27:29:df:ca:9e:6f:39:70:7c:2b:9b:6c:d2:91:60:77:5a:0c:
f5:c3:bc:95:63:cc:22:08:a3:0c:e0:c3:1a:c7:f9:02:6e:77:
6a:d2:1b:a8:61:75:7e:5b:a4:35:ac:f4:c2:5b:da:a0:3c:59:
85:f6:eb:ba:76:33:64:d0:9d:2e:6f:56:ef:cd:64:28:d5:07:
1d:cd:da:87:80:5c:33:68:6d:f6:8f:75:f4:71:b4:f3:ce:78:
bc:87:ab:4d:d3:61:28:36:66:d9:a6:d6:6b:ed:fc:97:07:07:
f0:e3:10:f5:86:41:ce:b7:f1:ce:f2:d4:21:de:22:e8:88:b0:
72:8e:56:b6:8d:75:db:42:97:96:08:f3:3d:75:9c:d3:29:8d:
f9:6e:74:86:af:16:c7:cb:fa:30:bf:9f:1c:48:ae:54:18:49:
df:1c:ca:d1:d4:d0:18:5b:88:d9:db:41:eb:ee:09:2a:1e:72:
41:ce:57:06:96:26:fb:e4:83:97:fa:de:66:0a:48:4e:2c:7b:
74:6c:c2:c1:7d:c8:cf:fb:9e:f1:23:a2:a4:92:ce:93:49:06:
fe:43:c6:94
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1ss7YB4+oZaveviZPKKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDVkZGVlZGZiZDcyZDMxM2U5ZWU4Y2NlZWFlODQwM2Nj
MzQxNDYwHhcNMjUwMTAxMjE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjg1ZWI3ZGY1M2VhZDIxYzNhNmJlOTM1ZmIyMjk4NGVlZmUzY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGJgSG8vgUJ5zEM27QVAq0/u+r/R
ufdHi8lo4c/jYNoWcSswrbzR6F1ecmIi/Iz5dCpg+sarOj3iGlmE3fRUcfQIDIMy
7bEvz1wu2dovJd8Q0MNDc9p+2jrirkKpoZk2VtLD50tKDdWtuid8QQPomLXU0jRM
RbSWiSiIuayjEnORrSUyvlW6gxCoaF34CorxUNSH2X9+Durbb7eVro1QNC8GAztR
KRVO4n4ChsisjDvLNULSh74dKvrPcBASyR/6CllquyczIOF8aReLgqL+Nvkdhfyq
knLOkynoq0km454LB7p/oWCOdZurVnlRv1ea6D1m0l0GZkLFdpAu87FvPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNKF6331Pq0hw6a+k1+yKYTu/jzpMB8GA1UdIwQY
MBaAFHRF3e7fvXLTE+nujM7q6EA8w0FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMt
NmNhMzQwZmE3NDkzLzEvMG9YcmZmVS1yU0hEcHI2VFg3SXBoTzctUE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMtNmNhMzQwZmE3NDkz
LzEvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5fAAwQC
WMrQAwQCWNScAwQCuQiEMA0GCSqGSIb3DQEBCwUAA4IBAQAuJ37lEN4awbc/WtCY
AgEv+cx4akQpjX+ulYD6Le7vzZg5iNQnKd/Knm85cHwrm2zSkWB3Wgz1w7yVY8wi
CKMM4MMax/kCbndq0huoYXV+W6Q1rPTCW9qgPFmF9uu6djNk0J0ub1bvzWQo1Qcd
zdqHgFwzaG32j3X0cbTzzni8h6tN02EoNmbZptZr7fyXBwfw4xD1hkHOt/HO8tQh
3iLoiLByjla2jXXbQpeWCPM9dZzTKY35bnSGrxbHy/owv58cSK5UGEnfHMrR1NAY
W4jZ20Hr7gkqHnJBzlcGlib75IOX+t5mCkhOLHt0bMLBfcjP+57xI6Kkks6TSQb+
Q8aU
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:48:57 2025 by rpki-client