Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4688ad-feb0-4777-94d7-fff1b3a1e9ea/1/oNpTTK3T1dZkqngwuYJWdeYHZqE.roa
File: oNpTTK3T1dZkqngwuYJWdeYHZqE.roa (raw, json)
Hash identifier: lDAY/EHv+ZKOVlmf1s6M/z+nfyvXLw356+3rQvqkd08=
Subject key identifier: A0:DA:53:4C:AD:D3:D5:D6:64:AA:78:30:B9:82:56:75:E6:07:66:A1
Certificate issuer: /CN=4b0f3a6bea15f2cfdaaf11e526178af6a0811acf
Certificate serial: 0185701EE1389316C58A04D6F884EBB0C252
Authority key identifier: 4B:0F:3A:6B:EA:15:F2:CF:DA:AF:11:E5:26:17:8A:F6:A0:81:1A:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sw86a-oV8s_arxHlJheK9qCBGs8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4688ad-feb0-4777-94d7-fff1b3a1e9ea/1/oNpTTK3T1dZkqngwuYJWdeYHZqE.roa
Signing time: Mon 02 Jan 2023 01:35:49 +0000
ROA not before: Mon 02 Jan 2023 01:35:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58075
IP address blocks: 194.110.27.0/24 maxlen: 24
194.110.30.0/24 maxlen: 24
194.110.72.0/24 maxlen: 24
194.110.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e1:38:93:16:c5:8a:04:d6:f8:84:eb:b0:c2:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b0f3a6bea15f2cfdaaf11e526178af6a0811acf
Validity
Not Before: Jan 2 01:35:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0da534cadd3d5d664aa7830b9825675e60766a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:02:be:98:da:18:6b:ed:5c:f3:ff:3c:0f:06:
fe:6b:75:b4:6a:68:76:d5:46:7a:35:53:32:99:a8:
b8:02:9d:08:c3:e7:64:0c:57:a0:91:41:9c:ee:85:
b9:17:56:6b:41:35:78:45:ea:90:5d:15:51:18:f7:
e2:1f:f7:72:c2:55:dc:e3:de:d1:e1:54:0a:0d:4f:
21:ba:57:d2:b7:80:88:fb:0a:5c:33:2b:b4:4b:b0:
3f:51:b7:fb:98:d4:be:4e:0e:6b:5c:cd:0b:9f:f3:
2d:5b:8d:78:4f:45:99:0c:34:8d:92:4e:a9:21:72:
bb:96:2c:c4:ea:a2:d0:c1:c5:4a:8d:54:fe:29:b4:
b4:bb:6a:93:17:33:ef:f1:78:a0:ed:5a:fb:16:0f:
3e:53:0a:c0:02:9c:d7:81:8f:b5:4d:e7:6c:b0:2d:
92:f4:e9:34:25:38:ee:4a:0a:24:c1:86:a7:a3:63:
68:a8:f1:af:07:ae:11:65:7d:db:02:a0:3c:fd:cd:
84:5a:32:75:65:95:9a:36:c5:f5:3a:d0:50:6c:0e:
68:ca:57:30:11:6c:26:e0:15:60:eb:e2:ac:9c:79:
cc:c4:77:4f:a3:97:13:3b:58:e9:84:b9:eb:4e:c1:
33:2f:76:0b:ac:37:60:35:52:1c:ea:50:33:9f:77:
a8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DA:53:4C:AD:D3:D5:D6:64:AA:78:30:B9:82:56:75:E6:07:66:A1
X509v3 Authority Key Identifier:
keyid:4B:0F:3A:6B:EA:15:F2:CF:DA:AF:11:E5:26:17:8A:F6:A0:81:1A:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sw86a-oV8s_arxHlJheK9qCBGs8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4688ad-feb0-4777-94d7-fff1b3a1e9ea/1/oNpTTK3T1dZkqngwuYJWdeYHZqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4688ad-feb0-4777-94d7-fff1b3a1e9ea/1/Sw86a-oV8s_arxHlJheK9qCBGs8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.22.0/24
194.110.27.0/24
194.110.30.0/24
194.110.72.0/24
Signature Algorithm: sha256WithRSAEncryption
50:44:6e:c3:cf:49:78:19:77:1f:94:90:28:e8:c5:d0:bf:08:
3a:be:6f:a3:79:2a:e7:7a:79:bd:c4:19:36:5c:d1:fc:50:fd:
09:4a:41:d6:a0:66:ce:bd:21:cc:7d:f1:aa:f9:9e:94:f0:ff:
10:b5:a5:b0:53:90:6c:c9:b6:f9:53:5e:bc:35:90:4c:94:87:
84:62:d8:75:44:63:e1:9a:fd:29:f4:fe:1e:c3:f5:da:19:89:
fc:c7:bd:54:41:b4:1b:50:42:71:69:66:1e:1b:aa:b8:af:97:
0d:46:f8:3f:b8:23:22:2c:41:40:9b:22:32:40:fe:1c:60:cc:
a5:11:1b:bd:69:0e:7c:ef:e2:a0:10:41:cc:6e:1c:12:c0:ee:
6f:c9:93:d5:19:35:d3:29:7a:75:07:75:f8:38:a4:be:f9:23:
f5:46:6b:fe:ab:ed:86:5d:94:ab:06:83:77:ed:f6:b2:16:ea:
17:a9:06:0c:31:59:2b:0e:43:89:44:17:75:a0:92:b0:c5:b5:
6f:9c:a8:c8:98:9b:72:85:cc:bc:b6:2d:a1:18:f7:54:4b:6c:
36:30:5c:04:2d:f8:a5:e8:00:ff:60:06:9c:8f:1b:e3:d8:8c:
a9:eb:8b:79:3e:1f:bd:58:fb:37:c8:e6:d9:72:9f:ca:e7:f3:
e1:f4:33:4e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwHuE4kxbFigTW+ITrsMJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMGYzYTZiZWExNWYyY2ZkYWFmMTFlNTI2MTc4YWY2YTA4
MTFhY2YwHhcNMjMwMTAyMDEzNTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRhNTM0Y2FkZDNkNWQ2NjRhYTc4MzBiOTgyNTY3NWU2MDc2NmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgK+mNoYa+1c8/88Dwb+a3W0amh2
1UZ6NVMymai4Ap0Iw+dkDFegkUGc7oW5F1ZrQTV4ReqQXRVRGPfiH/dywlXc497R
4VQKDU8hulfSt4CI+wpcMyu0S7A/Ubf7mNS+Tg5rXM0Ln/MtW414T0WZDDSNkk6p
IXK7lizE6qLQwcVKjVT+KbS0u2qTFzPv8Xig7Vr7Fg8+UwrAApzXgY+1TedssC2S
9Ok0JTjuSgokwYano2NoqPGvB64RZX3bAqA8/c2EWjJ1ZZWaNsX1OtBQbA5oylcw
EWwm4BVg6+KsnHnMxHdPo5cTO1jphLnrTsEzL3YLrDdgNVIc6lAzn3eoawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKDaU0yt09XWZKp4MLmCVnXmB2ahMB8GA1UdIwQY
MBaAFEsPOmvqFfLP2q8R5SYXivaggRrPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3c4NmEtb1Y4c19hcnhIbEpoZUs5cUNCR3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80Njg4YWQtZmViMC00Nzc3LTk0ZDct
ZmZmMWIzYTFlOWVhLzEvb05wVFRLM1QxZFprcW5nd3VZSldkZVlIWnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80Njg4YWQtZmViMC00Nzc3LTk0ZDctZmZmMWIzYTFlOWVh
LzEvU3c4NmEtb1Y4c19hcnhIbEpoZUs5cUNCR3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwm4WAwQA
wm4bAwQAwm4eAwQAwm5IMA0GCSqGSIb3DQEBCwUAA4IBAQBQRG7Dz0l4GXcflJAo
6MXQvwg6vm+jeSrnenm9xBk2XNH8UP0JSkHWoGbOvSHMffGq+Z6U8P8QtaWwU5Bs
ybb5U168NZBMlIeEYth1RGPhmv0p9P4ew/XaGYn8x71UQbQbUEJxaWYeG6q4r5cN
Rvg/uCMiLEFAmyIyQP4cYMylERu9aQ587+KgEEHMbhwSwO5vyZPVGTXTKXp1B3X4
OKS++SP1Rmv+q+2GXZSrBoN37fayFuoXqQYMMVkrDkOJRBd1oJKwxbVvnKjImJty
hcy8ti2hGPdUS2w2MFwELfil6AD/YAacjxvj2Iyp64t5Ph+9WPs3yObZcp/K5/Ph
9DNO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:00 2025 by rpki-client