Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/OqOCQtZBHzCV5Z0xJrS8FJFSEWY.roa
File: OqOCQtZBHzCV5Z0xJrS8FJFSEWY.roa (raw, json)
Hash identifier: xZeH8Q+yxnCI5oid4Rq8ssEGEdCZgg6NEVRbko+oKkA=
Subject key identifier: 3A:A3:82:42:D6:41:1F:30:95:E5:9D:31:26:B4:BC:14:91:52:11:66
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 01954D24EB3281A85E923198E514A3015D54
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/OqOCQtZBHzCV5Z0xJrS8FJFSEWY.roa
Signing time: Fri 28 Feb 2025 15:20:19 +0000
ROA not before: Fri 28 Feb 2025 15:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210619
IP address blocks: 185.137.221.0/24 maxlen: 24
185.137.223.0/24 maxlen: 24
2a0a:a501::/32 maxlen: 32
2a0a:a501::/48 maxlen: 48
2a0a:a502::/32 maxlen: 32
2a0a:a502::/48 maxlen: 48
2a0a:a503::/32 maxlen: 32
2a0a:a504::/32 maxlen: 32
2a0a:a505::/32 maxlen: 32
2a0a:a507::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:24:eb:32:81:a8:5e:92:31:98:e5:14:a3:01:5d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Feb 28 15:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aa38242d6411f3095e59d3126b4bc1491521166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:eb:6b:6f:44:91:3c:b1:bc:df:56:e9:66:4c:
97:47:ba:da:61:d9:29:9f:f1:dc:65:78:7a:3a:26:
fa:d7:ac:6a:39:05:89:78:e7:2c:40:4a:0d:f9:11:
b7:ed:82:bb:6d:36:c3:19:5b:80:e7:8c:f4:c4:93:
33:4b:cd:b5:6c:62:e7:f9:e8:53:ce:c0:84:bd:55:
d1:c8:0a:fa:78:d5:11:c0:02:3a:3a:a8:7b:a8:45:
0f:c9:11:7a:32:61:f6:f7:c1:cb:d0:27:fc:ae:10:
72:e6:aa:af:d8:cc:6b:e4:72:63:05:95:32:44:52:
97:32:bc:a3:3e:a3:f2:18:a9:c7:fa:8b:53:2e:b1:
7f:d3:49:14:5b:d4:bc:da:a0:37:7b:8e:7c:86:e7:
38:a3:36:00:43:10:4d:93:01:1b:38:1c:d5:4c:3e:
a9:0a:3c:a4:27:cb:9d:1f:df:cd:87:49:7b:5a:89:
56:98:89:50:d8:b9:fc:8d:ab:14:2d:f7:d9:f8:89:
d9:f4:92:96:f0:d7:e2:4e:b9:25:a1:06:c7:24:77:
8f:2d:7d:7c:ad:ce:5d:98:0e:51:2d:a3:fc:b8:1b:
c8:57:c0:e2:e8:e1:cd:86:9e:85:fa:e2:37:92:0c:
0f:2e:67:ef:74:28:13:7c:d1:06:c5:4c:24:c8:75:
17:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A3:82:42:D6:41:1F:30:95:E5:9D:31:26:B4:BC:14:91:52:11:66
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/OqOCQtZBHzCV5Z0xJrS8FJFSEWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.221.0/24
185.137.223.0/24
IPv6:
2a0a:a501::-2a0a:a505:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:a507::/32
Signature Algorithm: sha256WithRSAEncryption
01:60:2b:0c:18:22:26:d5:2f:2a:c6:45:81:09:55:12:f5:21:
ee:a9:df:c9:fc:1f:6d:cf:a5:79:ef:bb:f2:9c:f9:89:7b:9d:
e0:9b:44:52:17:67:06:83:ae:25:b8:2e:0f:58:1f:86:a3:13:
20:35:47:47:52:17:83:2b:c5:6d:d4:c9:13:bd:6e:d1:4a:b8:
59:07:03:f7:50:b9:ec:b5:40:b8:bf:eb:e8:c1:f6:41:07:ab:
16:9e:3d:1d:42:cf:ec:8d:de:65:d2:98:25:18:19:01:1d:2a:
b7:21:a0:1f:09:6f:ad:03:ca:60:04:57:ef:e3:45:ed:1c:7a:
5e:6c:a8:ac:59:49:78:96:0b:cd:b2:54:1d:fb:fb:0e:68:63:
c9:bc:76:f7:05:c2:dd:f8:54:37:bb:b3:fb:f8:a0:5f:0e:28:
f4:b8:91:66:92:2f:69:ac:20:cb:b6:10:03:c2:14:6f:43:8e:
4e:31:57:b5:47:78:fc:e1:a1:17:8f:d1:50:fc:23:aa:72:d4:
a1:89:51:af:49:da:65:fc:b5:72:c9:10:ab:40:5e:a6:8f:ab:
69:e3:a3:b5:19:06:b7:a2:4e:90:6f:51:36:9e:27:3b:b7:0e:
d9:c0:72:45:e1:eb:c6:cc:02:99:ee:25:c8:d7:fb:bb:10:e6:
b2:0a:37:4b
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZVNJOsygahekjGY5RSjAV1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjUwMjI4MTUyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWEzODI0MmQ2NDExZjMwOTVlNTlkMzEyNmI0YmMxNDkxNTIxMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9utrb0SRPLG831bpZkyXR7raYdkp
n/HcZXh6Oib616xqOQWJeOcsQEoN+RG37YK7bTbDGVuA54z0xJMzS821bGLn+ehT
zsCEvVXRyAr6eNURwAI6Oqh7qEUPyRF6MmH298HL0Cf8rhBy5qqv2Mxr5HJjBZUy
RFKXMryjPqPyGKnH+otTLrF/00kUW9S82qA3e458huc4ozYAQxBNkwEbOBzVTD6p
CjykJ8udH9/Nh0l7WolWmIlQ2Ln8jasULffZ+InZ9JKW8NfiTrkloQbHJHePLX18
rc5dmA5RLaP8uBvIV8Di6OHNhp6F+uI3kgwPLmfvdCgTfNEGxUwkyHUXHQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFDqjgkLWQR8wleWdMSa0vBSRUhFmMB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEvT3FPQ1F0WkJIekNWNVoweEpyUzhGSkZTRVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzASBAIAATAMAwQAuYndAwQA
uYnfMB0EAgACMBcwDgMFACoKpQEDBQEqCqUEAwUAKgqlBzANBgkqhkiG9w0BAQsF
AAOCAQEAAWArDBgiJtUvKsZFgQlVEvUh7qnfyfwfbc+lee+78pz5iXud4JtEUhdn
BoOuJbguD1gfhqMTIDVHR1IXgyvFbdTJE71u0Uq4WQcD91C57LVAuL/r6MH2QQer
Fp49HULP7I3eZdKYJRgZAR0qtyGgHwlvrQPKYARX7+NF7Rx6XmyorFlJeJYLzbJU
Hfv7Dmhjybx29wXC3fhUN7uz+/igXw4o9LiRZpIvaawgy7YQA8IUb0OOTjFXtUd4
/OGhF4/RUPwjqnLUoYlRr0naZfy1cskQq0Bepo+raeOjtRkGt6JOkG9RNp4nO7cO
2cByReHrxswCme4lyNf7uxDmsgo3Sw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:36:19 2025 by rpki-client