Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/ORnIFt_RzVaBR7RFEat4bNZxeJM.roa
File: ORnIFt_RzVaBR7RFEat4bNZxeJM.roa (raw, json)
Hash identifier: xio+2M8NbuefiDZFcCLVubKSCLpe98+x21tl/qlptHU=
Subject key identifier: 39:19:C8:16:DF:D1:CD:56:81:47:B4:45:11:AB:78:6C:D6:71:78:93
Certificate issuer: /CN=d489a5ddd3002e800999b5c1867f786781baf13d
Certificate serial: 01856EB9293130DD947D800BB2EAEE273F87
Authority key identifier: D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/ORnIFt_RzVaBR7RFEat4bNZxeJM.roa
Signing time: Sun 01 Jan 2023 19:05:06 +0000
ROA not before: Sun 01 Jan 2023 19:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 193.161.239.0/24 maxlen: 24
193.161.236.0/22 maxlen: 22
193.161.236.0/24 maxlen: 24
193.161.238.0/24 maxlen: 24
193.161.237.0/24 maxlen: 24
194.35.82.0/23 maxlen: 23
194.35.83.0/24 maxlen: 24
194.35.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:29:31:30:dd:94:7d:80:0b:b2:ea:ee:27:3f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d489a5ddd3002e800999b5c1867f786781baf13d
Validity
Not Before: Jan 1 19:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3919c816dfd1cd568147b44511ab786cd6717893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d2:34:be:e5:b3:23:fc:41:44:6e:b6:ca:76:
e2:94:66:c1:25:e8:29:11:ab:46:6d:93:4b:e6:63:
59:17:ac:70:72:c3:80:fd:c7:69:9a:87:77:8e:f8:
87:9f:c7:55:7e:06:f6:d5:e3:0e:8c:e8:57:f5:9f:
23:f4:55:fe:5c:2f:86:43:d0:52:ca:a6:d5:6b:2b:
46:d2:0b:52:22:65:46:32:6c:e2:88:43:99:61:6a:
52:cf:37:d5:33:15:6a:66:7a:2f:8d:dc:c8:ad:cd:
43:45:33:4e:b3:2d:33:be:d2:00:c5:a8:9b:7d:92:
14:e4:b5:9b:8b:f4:10:2e:68:70:c2:5e:0a:64:ee:
c9:97:a4:d4:f9:1b:e6:b6:71:e3:b5:9f:0f:51:2b:
9e:9c:34:83:d9:c5:5e:6f:a6:bc:92:d4:53:a4:04:
8e:a0:67:d5:7f:c2:dd:77:17:91:2e:c1:15:ff:38:
c5:88:7e:44:a7:b3:1f:e0:38:21:11:51:16:4c:d8:
02:b1:83:dc:9c:69:55:6a:0e:43:50:69:e5:ce:2d:
1f:df:fb:19:9e:e1:6a:a5:d6:d2:6b:5f:00:73:6d:
75:75:0a:59:9e:fd:69:1a:e0:d0:e5:f4:08:89:36:
e7:da:09:81:78:1e:d9:c3:9b:1c:36:d7:0c:c1:05:
d0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:19:C8:16:DF:D1:CD:56:81:47:B4:45:11:AB:78:6C:D6:71:78:93
X509v3 Authority Key Identifier:
keyid:D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/ORnIFt_RzVaBR7RFEat4bNZxeJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.236.0/22
194.35.82.0/23
Signature Algorithm: sha256WithRSAEncryption
09:d8:4e:df:42:3e:7a:51:14:72:a6:95:98:0b:76:91:83:0e:
73:05:59:e4:90:b1:7d:9d:5b:2d:be:43:c7:4e:5c:8a:6a:3f:
55:1f:a2:f6:15:96:0e:9e:24:41:91:2b:34:5a:7a:95:06:59:
89:a6:56:7e:57:78:40:5a:1f:2b:1e:e9:85:78:4d:ce:b2:5c:
95:62:58:91:88:51:3c:43:0c:b9:a2:6e:07:ae:63:95:f5:09:
68:7f:a4:98:a2:7f:10:81:12:7d:33:f3:6f:c4:4a:86:cd:f9:
30:f4:a1:cc:b2:de:87:0a:f3:ac:fd:5e:21:ef:60:88:d5:b8:
7e:00:e8:b7:71:c0:5f:37:b3:c4:a3:fc:44:37:3c:e3:60:4a:
c1:6c:be:38:9a:75:5d:2a:52:76:a8:4d:24:1a:78:fb:78:a0:
ae:b2:92:e6:2f:82:b1:50:16:f1:3d:3c:2b:b9:4f:45:46:76:
53:70:8c:18:86:9e:cf:4c:09:7c:08:f4:86:b2:5e:c2:e5:cd:
46:76:cd:30:3f:2d:b3:df:c0:1d:87:52:83:ce:a4:76:40:e8:
aa:5f:69:7e:b2:d7:40:03:93:9c:b2:15:58:70:53:5e:fd:be:
43:aa:24:53:d4:2e:f7:92:54:73:98:0a:f7:a1:cd:8f:a5:6f:
90:59:e5:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuuSkxMN2UfYALsuruJz+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODlhNWRkZDMwMDJlODAwOTk5YjVjMTg2N2Y3ODY3ODFi
YWYxM2QwHhcNMjMwMTAxMTkwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTE5YzgxNmRmZDFjZDU2ODE0N2I0NDUxMWFiNzg2Y2Q2NzE3ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytI0vuWzI/xBRG62ynbilGbBJegp
EatGbZNL5mNZF6xwcsOA/cdpmod3jviHn8dVfgb21eMOjOhX9Z8j9FX+XC+GQ9BS
yqbVaytG0gtSImVGMmziiEOZYWpSzzfVMxVqZnovjdzIrc1DRTNOsy0zvtIAxaib
fZIU5LWbi/QQLmhwwl4KZO7Jl6TU+RvmtnHjtZ8PUSuenDSD2cVeb6a8ktRTpASO
oGfVf8LddxeRLsEV/zjFiH5Ep7Mf4DghEVEWTNgCsYPcnGlVag5DUGnlzi0f3/sZ
nuFqpdbSa18Ac211dQpZnv1pGuDQ5fQIiTbn2gmBeB7Zw5scNtcMwQXQlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDkZyBbf0c1WgUe0RRGreGzWcXiTMB8GA1UdIwQY
MBaAFNSJpd3TAC6ACZm1wYZ/eGeBuvE9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmIt
NTI1OWVlZGNhMDdjLzEvT1JuSUZ0X1J6VmFCUjdSRkVhdDRiTlp4ZUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmItNTI1OWVlZGNhMDdj
LzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwaHsAwQB
wiNSMA0GCSqGSIb3DQEBCwUAA4IBAQAJ2E7fQj56URRyppWYC3aRgw5zBVnkkLF9
nVstvkPHTlyKaj9VH6L2FZYOniRBkSs0WnqVBlmJplZ+V3hAWh8rHumFeE3OslyV
YliRiFE8Qwy5om4HrmOV9Qlof6SYon8QgRJ9M/NvxEqGzfkw9KHMst6HCvOs/V4h
72CI1bh+AOi3ccBfN7PEo/xENzzjYErBbL44mnVdKlJ2qE0kGnj7eKCuspLmL4Kx
UBbxPTwruU9FRnZTcIwYhp7PTAl8CPSGsl7C5c1Gds0wPy2z38Adh1KDzqR2QOiq
X2l+stdAA5OcshVYcFNe/b5DqiRT1C73klRzmAr3oc2PpW+QWeUJ
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:03:54 2025 by rpki-client