Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/Og4benknUaYvyBl8C8lB8DKfbSo.roa
File: Og4benknUaYvyBl8C8lB8DKfbSo.roa (raw, json)
Hash identifier: TQqadthf/kh9OIwjjMN2uQk0/QsRWQBIciqjBrVKhk8=
Subject key identifier: 3A:0E:1B:7A:79:27:51:A6:2F:C8:19:7C:0B:C9:41:F0:32:9F:6D:2A
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 0191EBD8067E83569E42396F74BA28F28491
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/Og4benknUaYvyBl8C8lB8DKfbSo.roa
Signing time: Fri 13 Sep 2024 14:44:48 +0000
ROA not before: Fri 13 Sep 2024 14:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43647
IP address blocks: 82.148.0.0/21 maxlen: 24
89.232.184.0/22 maxlen: 24
94.154.128.0/22 maxlen: 24
185.76.12.0/22 maxlen: 24
185.228.88.0/22 maxlen: 24
213.232.225.0/24 maxlen: 24
213.232.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:d8:06:7e:83:56:9e:42:39:6f:74:ba:28:f2:84:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Sep 13 14:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a0e1b7a792751a62fc8197c0bc941f0329f6d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5f:61:26:ea:15:65:a1:ef:b3:f7:88:59:bb:
d9:0c:8d:89:86:b4:1e:96:d7:71:ae:79:8c:e5:f7:
a4:f5:dc:bc:1c:c5:e1:3c:79:7c:9c:fd:a3:3a:13:
ff:86:05:28:7e:ae:2e:9d:51:eb:50:39:96:bb:c8:
b6:d1:b9:3d:24:a6:4b:59:0b:65:de:65:4b:42:12:
9c:4d:05:59:26:93:97:c4:55:21:d4:56:05:37:e5:
31:f2:34:8a:b8:2c:66:2d:47:bc:81:eb:8d:cd:08:
0f:3b:ff:2e:38:ee:67:b7:fe:64:ff:45:df:83:11:
65:a5:ec:e2:e4:3d:44:6b:b9:63:b3:29:3a:82:82:
94:27:d5:d2:b5:9e:1b:3c:95:b6:2c:07:50:eb:1b:
f3:73:53:d8:99:7c:c1:f8:29:70:20:77:ce:15:b1:
a9:f9:78:de:71:bc:db:a6:bc:71:ea:54:48:8d:b9:
09:cf:c3:38:a6:8c:4d:dc:3e:7a:c0:94:9d:9d:1b:
3f:06:8f:91:7b:89:96:6a:2f:72:0c:82:21:c1:40:
0f:d9:00:70:ef:dc:df:92:58:3e:ef:38:ed:07:ec:
51:d1:4f:9b:69:4d:69:67:fa:c3:e9:d2:01:fc:7e:
7b:c3:3f:7d:91:78:64:d0:9c:da:68:1f:2d:09:78:
15:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0E:1B:7A:79:27:51:A6:2F:C8:19:7C:0B:C9:41:F0:32:9F:6D:2A
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/Og4benknUaYvyBl8C8lB8DKfbSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.0.0/21
89.232.184.0/22
94.154.128.0/22
185.76.12.0/22
185.228.88.0/22
213.232.225.0/24
213.232.245.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:a9:e5:04:3e:2e:80:9b:e6:0f:e9:90:44:36:08:05:96:47:
56:f3:9f:ff:8f:e3:24:8a:5e:2b:04:9a:ee:ed:40:3a:ad:c4:
be:18:b4:78:a8:fe:d2:a2:7c:72:ba:18:d7:07:d0:1f:99:c6:
28:d1:f6:6a:4b:52:37:2b:1e:5b:82:c6:4e:d9:e8:aa:52:d6:
37:d2:e0:40:f3:9c:56:3a:7a:cd:25:d5:ef:6a:37:14:eb:35:
76:96:c2:67:01:98:2b:da:d8:13:9b:8a:de:de:03:67:cb:b3:
23:d9:bd:60:81:63:33:d6:27:03:7c:96:86:20:ef:6a:78:e6:
e4:93:b0:bd:fe:7d:d4:1f:ec:8e:ee:7d:be:0a:75:f7:6d:1a:
41:10:26:70:2d:95:df:ba:3b:94:89:3f:18:0d:55:f0:58:1f:
46:a6:e5:cf:3a:cc:be:ce:82:ce:b4:88:4b:5d:fb:b1:09:e9:
fa:70:e4:5e:42:0d:02:cf:30:9d:5a:69:1e:48:f7:19:c2:d2:
92:21:a2:d6:0b:62:f1:eb:f2:e5:c2:f5:bb:b6:31:42:4e:cc:
fe:8f:94:b7:ed:64:09:f0:48:2f:c0:d6:ac:ae:81:40:3d:ef:
28:0c:ed:5d:0a:74:62:c8:2a:7f:27:7a:66:6f:9b:82:d2:da:
db:57:a3:3f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZHr2AZ+g1aeQjlvdLoo8oSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjQwOTEzMTQ0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBlMWI3YTc5Mjc1MWE2MmZjODE5N2MwYmM5NDFmMDMyOWY2ZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V9hJuoVZaHvs/eIWbvZDI2JhrQe
ltdxrnmM5fek9dy8HMXhPHl8nP2jOhP/hgUofq4unVHrUDmWu8i20bk9JKZLWQtl
3mVLQhKcTQVZJpOXxFUh1FYFN+Ux8jSKuCxmLUe8geuNzQgPO/8uOO5nt/5k/0Xf
gxFlpezi5D1Ea7ljsyk6goKUJ9XStZ4bPJW2LAdQ6xvzc1PYmXzB+ClwIHfOFbGp
+Xjecbzbprxx6lRIjbkJz8M4poxN3D56wJSdnRs/Bo+Re4mWai9yDIIhwUAP2QBw
79zfklg+7zjtB+xR0U+baU1pZ/rD6dIB/H57wz99kXhk0JzaaB8tCXgVIQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDoOG3p5J1GmL8gZfAvJQfAyn20qMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvT2c0YmVua25VYVl2eUJsOEM4bEI4REtmYlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDUpQAAwQC
Wei4AwQCXpqAAwQCuUwMAwQCueRYAwQA1ejhAwQA1ej1MA0GCSqGSIb3DQEBCwUA
A4IBAQCnqeUEPi6Am+YP6ZBENggFlkdW85//j+Mkil4rBJru7UA6rcS+GLR4qP7S
onxyuhjXB9AfmcYo0fZqS1I3Kx5bgsZO2eiqUtY30uBA85xWOnrNJdXvajcU6zV2
lsJnAZgr2tgTm4re3gNny7Mj2b1ggWMz1icDfJaGIO9qeObkk7C9/n3UH+yO7n2+
CnX3bRpBECZwLZXfujuUiT8YDVXwWB9GpuXPOsy+zoLOtIhLXfuxCen6cOReQg0C
zzCdWmkeSPcZwtKSIaLWC2Lx6/LlwvW7tjFCTsz+j5S37WQJ8EgvwNasroFAPe8o
DO1dCnRiyCp/J3pmb5uC0trbV6M/
-----END CERTIFICATE-----
Generated at Wed Apr 9 04:11:28 2025 by rpki-client