Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/4xOzoiVnmp2K-Do5Pem8w_3YWig.roa
File: 4xOzoiVnmp2K-Do5Pem8w_3YWig.roa (raw, json)
Hash identifier: /AqQ6FqvpkVBOkp6IrwoIt1/4/LZWzlBNfuubBdxacY=
Subject key identifier: E3:13:B3:A2:25:67:9A:9D:8A:F8:3A:39:3D:E9:BC:C3:FD:D8:5A:28
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 0194E00C8D38C5FFDD2BB5FC372F4AA3F716
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/4xOzoiVnmp2K-Do5Pem8w_3YWig.roa
Signing time: Fri 07 Feb 2025 10:55:06 +0000
ROA not before: Fri 07 Feb 2025 10:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
82.206.16.0/20 maxlen: 24
82.206.80.0/21 maxlen: 24
82.206.88.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e0:0c:8d:38:c5:ff:dd:2b:b5:fc:37:2f:4a:a3:f7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Feb 7 10:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e313b3a225679a9d8af83a393de9bcc3fdd85a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:69:47:3f:3b:e1:15:4a:02:e1:45:5d:33:af:
30:85:0d:89:b6:06:04:ad:24:ed:7e:78:49:32:aa:
ca:6b:c3:d5:e8:93:27:14:07:14:aa:4f:c2:10:2d:
3c:c8:31:1d:6a:7b:f9:55:89:d8:e5:76:87:d5:7b:
95:c2:f6:e5:81:35:0f:b9:9d:86:79:bf:0e:53:11:
e5:1a:90:51:89:f9:20:25:cf:63:a3:58:8b:e8:ba:
90:7c:c5:71:ff:be:68:8f:e3:17:c8:83:bf:d1:63:
ee:f6:a7:33:dd:2f:90:ce:0e:82:71:ff:cb:fe:81:
06:e0:7e:32:9c:23:d1:39:a6:23:dc:ce:70:63:c5:
b1:33:11:47:46:45:61:0f:ce:1d:32:d2:18:d8:49:
e9:01:ff:1d:8e:15:f1:ae:2a:27:dc:c9:3e:a0:88:
8f:03:c1:6a:59:43:69:79:4a:50:df:39:5f:16:09:
78:16:05:30:7a:f5:71:49:85:b0:7c:60:31:d8:bc:
e0:53:6f:67:a3:2b:3d:5b:22:bc:64:06:c7:20:53:
29:09:b8:dd:6a:6b:fe:97:f9:1f:7f:34:37:9d:20:
01:4d:be:49:b9:f5:a9:1b:5f:e1:e8:00:e2:62:52:
55:75:a4:60:15:f1:87:3a:79:8a:f7:99:e6:92:2d:
49:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:13:B3:A2:25:67:9A:9D:8A:F8:3A:39:3D:E9:BC:C3:FD:D8:5A:28
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/4xOzoiVnmp2K-Do5Pem8w_3YWig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.7.255
82.206.16.0/20
82.206.80.0/20
Signature Algorithm: sha256WithRSAEncryption
27:c9:5f:16:11:58:ab:8a:b2:2a:39:b9:42:17:ff:b3:e6:fb:
2d:f8:f9:45:98:2a:d1:17:e2:25:ee:2b:92:cb:f4:42:4e:4c:
a3:d6:7f:ed:8f:08:87:a3:06:8a:c6:ee:ef:2c:47:63:c8:34:
1b:78:57:e4:26:3b:90:89:fa:a6:64:7f:f4:f0:57:cf:5e:f0:
96:66:ba:bc:4a:90:bc:4e:27:87:95:38:03:7c:7a:f0:46:7a:
2a:7d:38:15:e8:70:47:b7:1f:3a:50:78:83:48:00:74:00:57:
67:e0:68:04:fc:e3:45:bf:5e:8f:b2:f0:53:2e:0a:ab:90:a8:
e4:61:3b:86:10:af:8f:17:27:f0:8a:d9:0f:29:6c:ac:9d:3f:
e1:28:49:db:bf:04:7a:0d:5e:09:47:d8:15:4a:fd:ea:99:6d:
51:df:05:fe:90:cf:c0:b6:12:c2:bd:d8:e7:b3:bb:ff:27:24:
69:71:1e:f5:55:eb:37:0a:33:a5:4c:d6:ad:80:23:6b:7f:a4:
0c:70:4a:40:e0:48:e9:1c:d8:e7:8c:6b:d0:1a:94:fc:44:6d:
3c:06:29:00:39:6b:58:b0:05:32:83:ed:91:19:0e:f1:16:15:
40:b8:af:ce:20:4b:3a:a8:7b:8a:19:c3:72:08:72:30:c0:f7:
20:f6:d4:c9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZTgDI04xf/dK7X8Ny9Ko/cWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMjA3MTA1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzEzYjNhMjI1Njc5YTlkOGFmODNhMzkzZGU5YmNjM2ZkZDg1YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWlHPzvhFUoC4UVdM68whQ2JtgYE
rSTtfnhJMqrKa8PV6JMnFAcUqk/CEC08yDEdanv5VYnY5XaH1XuVwvblgTUPuZ2G
eb8OUxHlGpBRifkgJc9jo1iL6LqQfMVx/75oj+MXyIO/0WPu9qcz3S+Qzg6Ccf/L
/oEG4H4ynCPROaYj3M5wY8WxMxFHRkVhD84dMtIY2EnpAf8djhXxrion3Mk+oIiP
A8FqWUNpeUpQ3zlfFgl4FgUwevVxSYWwfGAx2LzgU29noys9WyK8ZAbHIFMpCbjd
amv+l/kffzQ3nSABTb5JufWpG1/h6ADiYlJVdaRgFfGHOnmK95nmki1JJwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOMTs6IlZ5qdivg6OT3pvMP92FooMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvNHhPem9pVm5tcDJLLURvNVBlbTh3XzNZV2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFSzgID
BANSzgADBARSzhADBARSzlAwDQYJKoZIhvcNAQELBQADggEBACfJXxYRWKuKsio5
uUIX/7Pm+y34+UWYKtEX4iXuK5LL9EJOTKPWf+2PCIejBorG7u8sR2PINBt4V+Qm
O5CJ+qZkf/TwV89e8JZmurxKkLxOJ4eVOAN8evBGeip9OBXocEe3HzpQeINIAHQA
V2fgaAT840W/Xo+y8FMuCquQqORhO4YQr48XJ/CK2Q8pbKydP+EoSdu/BHoNXglH
2BVK/eqZbVHfBf6Qz8C2EsK92Oezu/8nJGlxHvVV6zcKM6VM1q2AI2t/pAxwSkDg
SOkc2OeMa9AalPxEbTwGKQA5a1iwBTKD7ZEZDvEWFUC4r84gSzqoe4oZw3IIcjDA
9yD21Mk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:00 2025 by rpki-client