Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/S2Oderrp7lYRIScX-QAUHtFKgP0.roa
File: S2Oderrp7lYRIScX-QAUHtFKgP0.roa (raw, json)
Hash identifier: CJ1oiM/HycEGfncA5aOP1zkSKBg0JuVq13Asp3X8j2w=
Subject key identifier: 4B:63:9D:7A:BA:E9:EE:56:11:21:27:17:F9:00:14:1E:D1:4A:80:FD
Certificate issuer: /CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Certificate serial: 019426D96B92770026B14D746E5E17CEC9DD
Authority key identifier: 8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/S2Oderrp7lYRIScX-QAUHtFKgP0.roa
Signing time: Thu 02 Jan 2025 11:49:30 +0000
ROA not before: Thu 02 Jan 2025 11:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 31.22.12.0/22 maxlen: 24
45.89.4.0/22 maxlen: 24
51.179.192.0/18 maxlen: 24
62.64.128.0/21 maxlen: 24
62.64.136.0/22 maxlen: 24
62.64.144.0/20 maxlen: 24
141.195.128.0/18 maxlen: 24
185.102.148.0/22 maxlen: 24
185.147.244.0/23 maxlen: 24
188.74.64.0/19 maxlen: 24
193.17.86.0/23 maxlen: 24
193.17.176.0/23 maxlen: 24
212.132.160.0/19 maxlen: 24
217.142.64.0/18 maxlen: 24
217.168.248.0/21 maxlen: 24
2a04:c880::/32 maxlen: 48
2a05:87c0::/29 maxlen: 48
2a0a:5580::/29 maxlen: 48
2a0f:9d80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:6b:92:77:00:26:b1:4d:74:6e:5e:17:ce:c9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Validity
Not Before: Jan 2 11:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b639d7abae9ee5611212717f900141ed14a80fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:50:aa:db:c8:ed:50:a4:53:ae:cb:5e:d0:b3:
6d:6b:3e:3f:5f:8d:ec:44:8f:a7:8a:c1:d3:8b:05:
b2:48:3b:90:04:9b:fc:5b:16:be:79:76:76:19:f5:
02:95:fc:e5:9b:22:8e:15:78:cb:56:d3:88:05:08:
c2:2f:69:7c:d9:a3:01:33:b5:10:2d:51:52:cf:05:
51:86:28:e9:1d:ae:31:59:ea:9d:49:2d:fc:80:ac:
b6:d9:fd:ed:e1:93:b7:26:75:33:33:a2:26:2e:3e:
59:19:98:ad:84:9e:50:a9:2c:3b:49:b2:dc:f6:9f:
ad:2b:1a:19:3a:92:61:28:8c:e1:6f:17:dd:65:4d:
a6:9f:68:d7:f8:2e:85:ba:14:4d:96:f9:87:a2:17:
72:7a:2d:b0:2b:df:88:1e:9f:42:28:a4:d5:e3:d8:
38:4f:90:41:71:bb:59:5b:12:a9:b3:2c:c7:68:61:
28:02:6b:4b:76:1d:50:b6:ef:55:09:63:5b:9f:0a:
83:9c:df:68:ac:b6:3d:1e:59:76:2b:b7:66:b6:0e:
11:df:c1:67:f0:93:0c:53:95:9b:4f:de:91:f9:a7:
52:6c:83:99:7b:3f:60:0f:29:20:f4:a2:d9:91:f5:
02:34:b1:33:6d:8e:c7:c3:5b:b2:36:3e:46:9e:19:
fa:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:63:9D:7A:BA:E9:EE:56:11:21:27:17:F9:00:14:1E:D1:4A:80:FD
X509v3 Authority Key Identifier:
keyid:8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/S2Oderrp7lYRIScX-QAUHtFKgP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.12.0/22
45.89.4.0/22
51.179.192.0/18
62.64.128.0-62.64.139.255
62.64.144.0/20
141.195.128.0/18
185.102.148.0/22
185.147.244.0/23
188.74.64.0/19
193.17.86.0/23
193.17.176.0/23
212.132.160.0/19
217.142.64.0/18
217.168.248.0/21
IPv6:
2a04:c880::/32
2a05:87c0::/29
2a0a:5580::/29
2a0f:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
a9:e3:c4:82:9c:df:6a:1b:90:eb:7d:af:cc:27:d2:6f:7e:69:
c9:2b:1a:3a:ca:39:20:bd:60:b1:0d:9a:d3:de:c2:14:fc:27:
56:55:2d:e3:ec:98:90:8f:89:a7:8e:a5:9f:b4:58:53:21:e3:
36:83:22:a7:f5:0e:2c:6f:91:57:f9:58:37:df:3e:de:21:8b:
ce:2a:05:30:8a:fd:b2:c0:61:3b:93:65:e2:53:54:f0:c4:ae:
b6:b2:e2:50:f6:f7:ed:81:84:3c:04:19:5b:9f:ef:96:aa:c9:
59:24:ee:15:c0:99:91:5f:70:60:28:96:61:ee:6b:ab:54:3d:
d1:b0:b6:4c:51:77:29:3f:47:05:85:e6:67:c7:ec:b3:cf:8b:
7d:08:b4:99:ea:af:9f:00:c0:aa:5e:56:7b:c4:ae:90:e6:51:
96:af:02:81:27:65:8f:60:d9:36:e3:c4:21:ca:07:82:1a:95:
1d:76:8d:bf:e0:18:cd:46:7f:f6:82:6f:79:7c:6a:15:68:40:
3f:eb:c0:d1:a5:81:91:9b:fa:82:7c:0c:5e:dc:46:62:f3:bf:
70:16:d7:3f:2a:75:83:0d:0f:14:db:07:05:f9:16:b3:5e:5c:
cd:23:62:15:a8:02:02:79:39:18:fd:38:e4:e5:8a:98:8c:a9:
58:a8:d6:e0
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZQm2WuSdwAmsU10bl4XzsndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMTg2YTU2ZWE4NGMxM2M2Mjc2OGE5ZDE3YmFlMTMzY2Vk
ZjEwNDUwHhcNMjUwMTAyMTE0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjYzOWQ3YWJhZTllZTU2MTEyMTI3MTdmOTAwMTQxZWQxNGE4MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVCq28jtUKRTrste0LNtaz4/X43s
RI+nisHTiwWySDuQBJv8Wxa+eXZ2GfUClfzlmyKOFXjLVtOIBQjCL2l82aMBM7UQ
LVFSzwVRhijpHa4xWeqdSS38gKy22f3t4ZO3JnUzM6ImLj5ZGZithJ5QqSw7SbLc
9p+tKxoZOpJhKIzhbxfdZU2mn2jX+C6FuhRNlvmHohdyei2wK9+IHp9CKKTV49g4
T5BBcbtZWxKpsyzHaGEoAmtLdh1Qtu9VCWNbnwqDnN9orLY9Hll2K7dmtg4R38Fn
8JMMU5WbT96R+adSbIOZez9gDykg9KLZkfUCNLEzbY7Hw1uyNj5Gnhn68QIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFEtjnXq66e5WESEnF/kAFB7RSoD9MB8GA1UdIwQY
MBaAFIwYalbqhME8YnaKnRe64TPO3xBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2Qt
MjA5MmFmNjQ3MDcwLzEvUzJPZGVycnA3bFlSSVNjWC1RQVVIdEZLZ1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2QtMjA5MmFmNjQ3MDcw
LzEvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBiBAIAATBcAwQCHxYM
AwQCLVkEAwQGM7PAMAwDBAc+QIADBAI+QIgDBAQ+QJADBAaNw4ADBAK5ZpQDBAG5
k/QDBAW8SkADBAHBEVYDBAHBEbADBAXUhKADBAbZjkADBAPZqPgwIgQCAAIwHAMF
ACoEyIADBQMqBYfAAwUDKgpVgAMFACoPnYAwDQYJKoZIhvcNAQELBQADggEBAKnj
xIKc32obkOt9r8wn0m9+ackrGjrKOSC9YLENmtPewhT8J1ZVLePsmJCPiaeOpZ+0
WFMh4zaDIqf1DixvkVf5WDffPt4hi84qBTCK/bLAYTuTZeJTVPDErray4lD29+2B
hDwEGVuf75aqyVkk7hXAmZFfcGAolmHua6tUPdGwtkxRdyk/RwWF5mfH7LPPi30I
tJnqr58AwKpeVnvErpDmUZavAoEnZY9g2TbjxCHKB4IalR12jb/gGM1Gf/aCb3l8
ahVoQD/rwNGlgZGb+oJ8DF7cRmLzv3AW1z8qdYMNDxTbBwX5FrNeXM0jYhWoAgJ5
ORj9OOTlipiMqVio1uA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:51:36 2025 by rpki-client