Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gl3380OTvEofOC3RjNJbdD4o0Y0.roa
File: gl3380OTvEofOC3RjNJbdD4o0Y0.roa (raw, json)
Hash identifier: OF02F06y66OdEPfekMA7WcdKydQnYmJNVQysPIjxbmo=
Subject key identifier: 82:5D:F7:F3:43:93:BC:4A:1F:38:2D:D1:8C:D2:5B:74:3E:28:D1:8D
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018873C5A2EC2B7A1BD35F9A86C6B4F278EC
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gl3380OTvEofOC3RjNJbdD4o0Y0.roa
Signing time: Wed 31 May 2023 21:45:12 +0000
ROA not before: Wed 31 May 2023 21:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.237.196.0/24 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.237.208.0/24 maxlen: 24
85.237.208.0/20 maxlen: 24
85.237.214.0/24 maxlen: 24
85.237.216.0/24 maxlen: 24
85.237.223.0/24 maxlen: 24
85.158.58.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.158.61.0/24 maxlen: 24
85.158.63.0/24 maxlen: 24
85.158.62.0/24 maxlen: 24
85.158.60.0/24 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
185.93.35.0/24 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:73:c5:a2:ec:2b:7a:1b:d3:5f:9a:86:c6:b4:f2:78:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: May 31 21:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=825df7f34393bc4a1f382dd18cd25b743e28d18d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d5:32:37:ff:c6:9d:d7:78:13:66:cb:d1:63:
52:e6:85:07:6f:f7:24:7e:d2:29:e2:a1:fa:fd:8f:
46:48:8d:e1:9b:93:9e:00:e5:f8:4d:6a:71:b6:19:
92:97:e2:2a:44:77:dd:0a:ca:5d:4d:0a:d4:be:69:
06:ed:6a:3f:2a:52:72:b3:96:ff:8f:f5:09:ed:b6:
90:52:20:c7:e8:10:72:35:0d:47:d3:e9:65:37:91:
ac:ae:35:3f:74:9d:d3:14:75:4c:5a:02:b9:a6:f3:
cc:10:07:d2:21:3b:09:3a:ad:70:19:06:2f:70:20:
e4:d1:16:90:fa:05:ba:f9:fa:af:cb:2e:bd:e7:9e:
6a:7e:35:6a:43:5b:8d:94:fd:f7:74:64:03:b0:06:
69:e4:39:6f:b7:a9:e7:49:35:bd:84:0a:4c:5d:09:
8a:b2:43:71:56:a4:be:d8:71:cc:86:1e:72:b0:bc:
be:39:ac:8a:38:4f:29:71:1d:7a:8f:e9:c3:2a:65:
90:b2:46:f8:eb:0a:5e:52:2f:46:2d:b7:75:f4:71:
56:18:0a:5f:9f:a9:a2:10:c4:f3:f4:e5:ed:f6:64:
13:46:02:1d:83:4e:32:2f:b4:10:f8:44:9a:d0:23:
0d:32:c0:e6:21:ee:49:97:4f:d4:1c:9c:e2:af:a9:
cd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5D:F7:F3:43:93:BC:4A:1F:38:2D:D1:8C:D2:5B:74:3E:28:D1:8D
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gl3380OTvEofOC3RjNJbdD4o0Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0-85.158.58.255
85.158.60.0/22
85.237.196.0/24
85.237.203.0/24
85.237.205.0/24
85.237.208.0/20
185.93.32.0/24
185.93.34.0/23
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:d0:0e:52:9d:fc:fc:bf:60:f6:44:7f:0a:38:6d:ba:55:bc:
7f:cb:8a:f8:62:a8:f4:40:81:9f:5b:1c:3b:61:6f:32:b1:87:
13:39:db:55:02:a1:09:05:fb:64:24:ce:47:3e:28:a6:51:09:
c3:99:62:2e:35:e9:7f:a6:df:75:47:d0:5d:ab:68:6b:51:8e:
12:42:90:e7:45:b7:20:58:db:14:96:5e:e9:1b:a0:99:3f:08:
33:71:3c:ad:81:de:cf:ab:c7:d4:9b:a9:5a:04:c8:74:16:6c:
fa:f6:df:31:0b:a1:06:cf:df:44:fc:cc:c2:39:09:2e:a0:4c:
d7:c6:f1:01:ea:99:d4:69:26:30:9c:24:0f:c6:f0:a2:a6:0e:
9b:90:c9:6b:9b:70:44:a5:33:4f:ef:f1:ad:06:53:88:f0:83:
0c:c6:50:12:d5:47:a3:a4:12:11:64:d6:d7:bd:21:f7:69:c3:
d4:ae:b1:a3:fd:30:ab:72:07:bf:db:d2:93:73:f6:a2:f2:db:
fe:f6:ef:8c:89:3b:6d:73:9d:7a:e9:40:da:13:07:a7:d2:2b:
36:52:95:88:fe:0d:2a:01:eb:99:81:cc:32:c4:ec:98:96:9d:
e8:13:42:40:74:10:ef:a1:cd:56:da:5a:1a:7f:cd:e1:87:c4:
7b:1b:bc:0e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYhzxaLsK3ob01+ahsa08njsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNTMxMjE0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjVkZjdmMzQzOTNiYzRhMWYzODJkZDE4Y2QyNWI3NDNlMjhkMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktUyN//Gndd4E2bL0WNS5oUHb/ck
ftIp4qH6/Y9GSI3hm5OeAOX4TWpxthmSl+IqRHfdCspdTQrUvmkG7Wo/KlJys5b/
j/UJ7baQUiDH6BByNQ1H0+llN5GsrjU/dJ3TFHVMWgK5pvPMEAfSITsJOq1wGQYv
cCDk0RaQ+gW6+fqvyy69555qfjVqQ1uNlP33dGQDsAZp5Dlvt6nnSTW9hApMXQmK
skNxVqS+2HHMhh5ysLy+OayKOE8pcR16j+nDKmWQskb46wpeUi9GLbd19HFWGApf
n6miEMTz9OXt9mQTRgIdg04yL7QQ+ESa0CMNMsDmIe5Jl0/UHJzir6nNGQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFIJd9/NDk7xKHzgt0YzSW3Q+KNGNMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvZ2wzMzgwT1R2RW9mT0MzUmpOSmJkRDRvMFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBABVnjkD
BABVnjoDBAJVnjwDBABV7cQDBABV7csDBABV7c0DBARV7dADBAC5XSADBAG5XSID
BADCqdkwDQYJKoZIhvcNAQELBQADggEBAA7QDlKd/Py/YPZEfwo4bbpVvH/Livhi
qPRAgZ9bHDthbzKxhxM521UCoQkF+2Qkzkc+KKZRCcOZYi416X+m33VH0F2raGtR
jhJCkOdFtyBY2xSWXukboJk/CDNxPK2B3s+rx9SbqVoEyHQWbPr23zELoQbP30T8
zMI5CS6gTNfG8QHqmdRpJjCcJA/G8KKmDpuQyWubcESlM0/v8a0GU4jwgwzGUBLV
R6OkEhFk1te9Ifdpw9SusaP9MKtyB7/b0pNz9qLy2/7274yJO21znXrpQNoTB6fS
KzZSlYj+DSoB65mBzDLE7JiWnegTQkB0EO+hzVbaWhp/zeGHxHsbvA4=
-----END CERTIFICATE-----
Generated at Sat Jul 5 04:32:53 2025 by rpki-client