Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/oBJ140oLvuEM1IKPe5GbJYZpoyM.roa
File: oBJ140oLvuEM1IKPe5GbJYZpoyM.roa (raw, json)
Hash identifier: N4xbpr9ikbSQaIRK+1BiWRqbtzM7G2zAcIt4shap+BI=
Subject key identifier: A0:12:75:E3:4A:0B:BE:E1:0C:D4:82:8F:7B:91:9B:25:86:69:A3:23
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 018CCA2BCF816680EE7205DC3D3C3006FEE4
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/oBJ140oLvuEM1IKPe5GbJYZpoyM.roa
Signing time: Tue 02 Jan 2024 12:35:17 +0000
ROA not before: Tue 02 Jan 2024 12:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203394
IP address blocks: 141.105.130.0/24 maxlen: 24
185.126.255.0/24 maxlen: 24
212.79.125.0/24 maxlen: 24
194.4.71.0/24 maxlen: 24
212.87.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:cf:81:66:80:ee:72:05:dc:3d:3c:30:06:fe:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Jan 2 12:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a01275e34a0bbee10cd4828f7b919b258669a323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:fc:4f:8c:29:80:c0:9b:01:d1:e5:79:08:66:
e4:b1:26:91:b0:d3:34:c3:78:91:35:1a:2c:38:a0:
d3:d7:2f:2d:7f:90:58:f5:5d:fb:0c:95:99:1b:1e:
c5:2e:07:a0:e6:0c:d7:62:12:7d:4e:13:ae:e3:5b:
4e:0e:9b:3a:d9:4e:51:4f:27:da:e6:b2:21:13:20:
a3:1f:87:18:f0:66:78:16:f7:05:f4:21:40:b8:09:
21:ea:a1:86:ce:a2:c4:28:46:4d:26:89:91:d9:4a:
c6:25:4b:93:f5:75:46:3b:0b:01:24:e3:32:ad:db:
cd:7d:fb:d2:ff:54:d3:24:89:26:5b:7f:7e:30:d4:
a0:d9:7f:30:85:06:f7:2b:2b:2a:3a:62:10:ac:d5:
0a:6b:47:2c:25:33:a7:9b:3f:61:fb:70:74:ac:86:
01:b2:7c:f3:35:51:b3:c4:27:b4:8d:75:22:05:fc:
72:72:f9:20:bc:2c:cb:a9:cc:da:ad:04:f3:f2:5f:
bc:73:fe:91:e5:5d:fa:66:53:d9:06:04:56:ba:06:
e6:e2:6f:4c:0e:d7:9b:a5:a3:67:b8:e2:fa:f8:99:
b3:5f:fa:8c:88:a6:66:6d:ec:ad:29:94:69:bc:39:
18:96:e4:ec:1c:fd:82:6d:bb:59:cb:37:1b:02:b9:
81:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:12:75:E3:4A:0B:BE:E1:0C:D4:82:8F:7B:91:9B:25:86:69:A3:23
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/oBJ140oLvuEM1IKPe5GbJYZpoyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.130.0/24
185.126.255.0/24
194.4.71.0/24
212.79.125.0/24
212.87.168.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:a1:74:54:7b:4e:1c:83:d2:8a:fe:9b:f7:8c:a1:e2:c0:31:
67:a3:18:d4:d5:d0:6b:e0:26:7d:0b:dc:06:ca:94:09:07:7e:
cd:29:8a:b8:22:ba:db:97:72:d7:d6:2d:2b:aa:21:d7:3f:25:
08:e2:58:49:71:16:e5:7a:5f:c5:69:ec:b5:7e:aa:84:ff:8f:
66:ec:f7:00:9b:66:e4:0e:38:cc:98:31:b1:d4:cc:d3:20:b1:
a9:c9:71:7f:4a:66:a2:3b:f7:73:86:00:9a:0d:2f:3f:8b:58:
8b:84:ca:e5:87:f6:1b:e3:27:ed:99:84:18:5c:da:8a:5e:73:
3f:ad:42:f3:8a:f2:dd:bf:79:ab:e3:20:1c:1c:0a:51:3b:19:
95:18:bd:ae:df:86:31:30:43:83:94:96:c3:49:2f:f6:1c:61:
0c:81:fe:1b:e4:88:5b:b1:21:59:f9:7d:1d:b0:e0:26:86:29:
52:9b:32:b1:f0:53:4d:ac:0b:57:54:48:f2:2b:27:8a:c7:22:
2c:c8:58:fe:ad:96:b9:27:92:35:a4:6e:b1:2a:cb:a2:6d:a5:
67:6e:14:f3:aa:d1:4b:ae:8c:c8:32:27:29:a2:41:7e:af:24:
e5:14:61:bc:52:ad:67:29:81:e7:35:6e:a9:a3:e9:6f:77:3a:
91:7e:82:a2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKK8+BZoDucgXcPTwwBv7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjQwMTAyMTIzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDEyNzVlMzRhMGJiZWUxMGNkNDgyOGY3YjkxOWIyNTg2NjlhMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PxPjCmAwJsB0eV5CGbksSaRsNM0
w3iRNRosOKDT1y8tf5BY9V37DJWZGx7FLgeg5gzXYhJ9ThOu41tODps62U5RTyfa
5rIhEyCjH4cY8GZ4FvcF9CFAuAkh6qGGzqLEKEZNJomR2UrGJUuT9XVGOwsBJOMy
rdvNffvS/1TTJIkmW39+MNSg2X8whQb3KysqOmIQrNUKa0csJTOnmz9h+3B0rIYB
snzzNVGzxCe0jXUiBfxycvkgvCzLqczarQTz8l+8c/6R5V36ZlPZBgRWugbm4m9M
DtebpaNnuOL6+JmzX/qMiKZmbeytKZRpvDkYluTsHP2CbbtZyzcbArmBnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKASdeNKC77hDNSCj3uRmyWGaaMjMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvb0JKMTQwb0x2dUVNMUlLUGU1R2JKWVpwb3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAjWmCAwQA
uX7/AwQAwgRHAwQA1E99AwQA1FeoMA0GCSqGSIb3DQEBCwUAA4IBAQCtoXRUe04c
g9KK/pv3jKHiwDFnoxjU1dBr4CZ9C9wGypQJB37NKYq4Irrbl3LX1i0rqiHXPyUI
4lhJcRblel/Faey1fqqE/49m7PcAm2bkDjjMmDGx1MzTILGpyXF/SmaiO/dzhgCa
DS8/i1iLhMrlh/Yb4yftmYQYXNqKXnM/rULzivLdv3mr4yAcHApROxmVGL2u34Yx
MEODlJbDSS/2HGEMgf4b5IhbsSFZ+X0dsOAmhilSmzKx8FNNrAtXVEjyKyeKxyIs
yFj+rZa5J5I1pG6xKsuibaVnbhTzqtFLrozIMicpokF+ryTlFGG8Uq1nKYHnNW6p
o+lvdzqRfoKi
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:17 2025 by rpki-client