Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/OxKu9-YwlNk7_AcO6xkbmwWOM2w.roa
File: OxKu9-YwlNk7_AcO6xkbmwWOM2w.roa (raw, json)
Hash identifier: rNAcD697cQm29Tqb2E8H7LryNG5SudAa/QR11jB4jcs=
Subject key identifier: 3B:12:AE:F7:E6:30:94:D9:3B:FC:07:0E:EB:19:1B:9B:05:8E:33:6C
Certificate issuer: /CN=472694d8a399a3a66f442ec72295c754acbbad41
Certificate serial: 0187E7D55B41012D2E550C6F8ABED8D5E6F3
Authority key identifier: 47:26:94:D8:A3:99:A3:A6:6F:44:2E:C7:22:95:C7:54:AC:BB:AD:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/OxKu9-YwlNk7_AcO6xkbmwWOM2w.roa
Signing time: Thu 04 May 2023 17:35:32 +0000
ROA not before: Thu 04 May 2023 17:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200807
IP address blocks: 78.31.213.0/24 maxlen: 24
78.31.212.0/23 maxlen: 23
78.31.212.0/24 maxlen: 24
185.173.164.0/22 maxlen: 22
185.173.164.0/23 maxlen: 23
185.173.166.0/24 maxlen: 24
2a0b:4f00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:d5:5b:41:01:2d:2e:55:0c:6f:8a:be:d8:d5:e6:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=472694d8a399a3a66f442ec72295c754acbbad41
Validity
Not Before: May 4 17:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b12aef7e63094d93bfc070eeb191b9b058e336c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:33:39:3a:d9:b8:93:76:1e:11:9a:c8:7e:a5:
93:22:0f:48:cb:6b:d4:5e:1a:84:5b:df:18:b3:b4:
db:f0:1e:63:84:64:3c:02:3d:08:d1:09:0e:45:38:
71:f7:4f:bd:f3:69:2b:4d:e8:02:bf:c7:3e:f0:75:
3e:5e:d6:27:70:80:8d:86:32:b9:c8:2d:95:56:50:
7f:d1:76:a2:f5:07:e4:74:dc:eb:7b:c8:17:d1:94:
06:45:d8:2f:01:9c:a8:17:cc:f1:ef:ad:49:a6:a4:
e9:65:fc:d5:e6:52:6a:9a:cc:a2:a3:4d:23:ea:65:
e7:66:0c:be:b4:03:9a:d1:83:b6:a3:40:07:ab:82:
a0:83:93:f2:af:b3:20:6b:1b:ee:5a:9a:30:66:57:
6d:42:81:ed:57:e3:23:ff:70:a1:f2:b5:3b:44:79:
3b:15:4f:17:2a:b2:1a:b5:46:6c:fd:7b:dc:2e:ef:
2d:09:bb:8e:44:b3:55:a3:89:5d:f0:9e:0c:71:b9:
6a:a5:50:e6:d7:d7:99:0a:66:a2:47:b8:4c:1a:1a:
89:34:06:0d:af:f2:c7:4e:ef:fd:37:d1:63:b0:6d:
63:a7:99:10:87:1b:70:b4:47:a1:0a:b4:e7:e4:91:
0e:03:3e:62:91:f8:3a:14:82:1f:7e:7f:f5:c8:e4:
bf:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:12:AE:F7:E6:30:94:D9:3B:FC:07:0E:EB:19:1B:9B:05:8E:33:6C
X509v3 Authority Key Identifier:
keyid:47:26:94:D8:A3:99:A3:A6:6F:44:2E:C7:22:95:C7:54:AC:BB:AD:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/OxKu9-YwlNk7_AcO6xkbmwWOM2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ddc26e-31da-43dd-b4d1-063a0881a6d2/1/RyaU2KOZo6ZvRC7HIpXHVKy7rUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.212.0/23
185.173.164.0/22
IPv6:
2a0b:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
8c:3b:22:ba:4b:cb:f3:df:db:e4:98:11:17:45:dc:2e:cb:ed:
1e:d3:8c:b2:b2:b2:2f:ff:7b:07:6e:e7:23:74:54:c2:71:44:
ae:76:bf:37:87:a6:66:ca:18:24:96:2a:52:46:52:d6:68:a6:
7b:43:34:71:88:76:11:57:f0:78:6b:6f:63:4e:80:fa:bc:42:
9f:8d:75:a1:58:51:4c:00:e3:52:a5:6a:4f:10:4c:5d:ac:ae:
0c:c6:e8:b9:c3:5f:ac:df:55:04:64:55:52:b9:6b:be:22:bd:
ec:b7:c1:e4:c3:b5:e3:ad:11:7d:62:85:7a:7d:85:96:7f:4f:
a3:a5:c8:f3:90:27:6e:fc:3e:d3:5f:bb:d8:43:00:90:0c:c3:
d4:17:9b:81:80:44:a3:71:34:67:12:52:c5:0a:6c:3d:33:bf:
4b:40:1b:f0:20:60:8b:1e:37:97:7a:80:8c:b3:1a:a0:b7:b1:
ca:ea:39:a7:35:b8:bf:dc:d1:88:cf:ed:86:b4:de:0f:88:2f:
06:5e:61:7f:6c:e9:ea:2e:ed:86:0d:ac:36:0d:cd:b6:a9:fa:
87:4e:bc:7a:f8:79:32:c8:f4:c9:ef:8f:65:ec:4f:7b:cf:c6:
89:67:67:02:17:ee:ae:f6:58:76:a5:c9:82:79:fb:17:83:73:
89:bb:c0:32
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYfn1VtBAS0uVQxvir7Y1ebzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjY5NGQ4YTM5OWEzYTY2ZjQ0MmVjNzIyOTVjNzU0YWNi
YmFkNDEwHhcNMjMwNTA0MTczNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjEyYWVmN2U2MzA5NGQ5M2JmYzA3MGVlYjE5MWI5YjA1OGUzMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzM5Otm4k3YeEZrIfqWTIg9Iy2vU
XhqEW98Ys7Tb8B5jhGQ8Aj0I0QkORThx90+982krTegCv8c+8HU+XtYncICNhjK5
yC2VVlB/0Xai9QfkdNzre8gX0ZQGRdgvAZyoF8zx761JpqTpZfzV5lJqmsyio00j
6mXnZgy+tAOa0YO2o0AHq4Kgg5Pyr7MgaxvuWpowZldtQoHtV+Mj/3Ch8rU7RHk7
FU8XKrIatUZs/XvcLu8tCbuORLNVo4ld8J4McblqpVDm19eZCmaiR7hMGhqJNAYN
r/LHTu/9N9FjsG1jp5kQhxtwtEehCrTn5JEOAz5ikfg6FIIffn/1yOS/UwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDsSrvfmMJTZO/wHDusZG5sFjjNsMB8GA1UdIwQY
MBaAFEcmlNijmaOmb0QuxyKVx1Ssu61BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlhVTJLT1pvNlp2UkM3SElwWEhWS3k3clVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZGMyNmUtMzFkYS00M2RkLWI0ZDEt
MDYzYTA4ODFhNmQyLzEvT3hLdTktWXdsTms3X0FjTzZ4a2Jtd1dPTTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZGMyNmUtMzFkYS00M2RkLWI0ZDEtMDYzYTA4ODFhNmQy
LzEvUnlhVTJLT1pvNlp2UkM3SElwWEhWS3k3clVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBTh/UAwQC
ua2kMA0EAgACMAcDBQAqC08AMA0GCSqGSIb3DQEBCwUAA4IBAQCMOyK6S8vz39vk
mBEXRdwuy+0e04yysrIv/3sHbucjdFTCcUSudr83h6ZmyhgklipSRlLWaKZ7QzRx
iHYRV/B4a29jToD6vEKfjXWhWFFMAONSpWpPEExdrK4Mxui5w1+s31UEZFVSuWu+
Ir3st8Hkw7XjrRF9YoV6fYWWf0+jpcjzkCdu/D7TX7vYQwCQDMPUF5uBgESjcTRn
ElLFCmw9M79LQBvwIGCLHjeXeoCMsxqgt7HK6jmnNbi/3NGIz+2GtN4PiC8GXmF/
bOnqLu2GDaw2Dc22qfqHTrx6+HkyyPTJ749l7E97z8aJZ2cCF+6u9lh2pcmCefsX
g3OJu8Ay
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:50:33 2025 by rpki-client