Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/OVN1KA3X2-427Ts0pRfktqRjpAo.roa
File: OVN1KA3X2-427Ts0pRfktqRjpAo.roa (raw, json)
Hash identifier: UH/528Nv0M/lj/aSssxhWkEuiRAEztROXljsntpm8LE=
Subject key identifier: 39:53:75:28:0D:D7:DB:EE:36:ED:3B:34:A5:17:E4:B6:A4:63:A4:0A
Certificate issuer: /CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Certificate serial: 0194214455468D3A434646C17C721A5442E0
Authority key identifier: 1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/OVN1KA3X2-427Ts0pRfktqRjpAo.roa
Signing time: Wed 01 Jan 2025 09:48:33 +0000
ROA not before: Wed 01 Jan 2025 09:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25135
IP address blocks: 85.255.224.0/20 maxlen: 20
85.255.232.0/23 maxlen: 23
85.255.234.0/23 maxlen: 23
85.255.236.0/23 maxlen: 23
88.82.0.0/19 maxlen: 19
148.252.128.0/19 maxlen: 19
148.252.128.0/23 maxlen: 23
148.252.132.0/23 maxlen: 23
148.252.136.0/22 maxlen: 22
148.252.140.0/23 maxlen: 23
148.252.144.0/23 maxlen: 23
148.252.146.0/23 maxlen: 23
148.252.148.0/23 maxlen: 23
148.252.150.0/24 maxlen: 24
148.252.152.0/24 maxlen: 24
148.252.156.0/23 maxlen: 23
148.252.158.0/23 maxlen: 23
148.252.160.0/19 maxlen: 19
185.69.144.0/23 maxlen: 23
185.69.146.0/23 maxlen: 23
194.62.232.0/24 maxlen: 24
194.62.238.0/24 maxlen: 24
212.183.128.0/19 maxlen: 19
212.183.128.0/20 maxlen: 20
212.183.152.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:55:46:8d:3a:43:46:46:c1:7c:72:1a:54:42:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Validity
Not Before: Jan 1 09:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=395375280dd7dbee36ed3b34a517e4b6a463a40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2d:8d:8f:bc:b0:4e:79:4b:88:21:a6:d2:75:
83:2c:20:d2:80:d5:8a:ad:a3:e5:05:6d:02:40:43:
53:ef:61:91:19:fc:7c:f7:bf:06:77:be:f9:3f:b6:
5b:be:ea:67:9b:7a:aa:2d:69:ec:8d:67:ac:bf:ba:
1a:93:1a:2e:7a:23:40:42:d6:9b:44:77:63:64:04:
be:d6:4e:a9:47:4a:4e:74:1c:8d:c7:f6:03:07:de:
ba:c1:f7:85:5a:e8:8a:2a:b2:92:af:45:d1:5e:a6:
c9:74:0f:61:5f:7c:b2:81:a9:f7:90:c9:69:06:9e:
0b:cd:56:65:b3:74:e0:01:2c:4a:63:0e:ef:75:4b:
f4:a3:05:fc:69:b5:b6:50:e2:d7:b3:a8:dd:8b:61:
8b:b7:3f:92:a3:73:b3:0a:43:9d:d5:ad:76:6f:9f:
c6:70:1f:9e:95:fb:cb:75:18:04:b5:04:2c:1d:14:
25:d8:d8:a9:44:a7:a2:39:ca:fd:c5:45:6c:05:3e:
d2:6b:e3:d7:bf:dd:21:c5:dd:14:64:bc:01:e7:dc:
50:02:bf:cd:81:f2:65:f5:07:0f:7f:8e:12:33:e2:
93:dd:b5:af:1a:81:20:26:cb:80:45:35:1d:2c:d9:
21:0a:57:ba:57:c4:2a:88:27:54:cf:0e:79:54:8b:
95:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:53:75:28:0D:D7:DB:EE:36:ED:3B:34:A5:17:E4:B6:A4:63:A4:0A
X509v3 Authority Key Identifier:
keyid:1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/OVN1KA3X2-427Ts0pRfktqRjpAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.224.0/20
88.82.0.0/19
148.252.128.0/18
185.69.144.0/22
194.62.232.0/24
194.62.238.0/24
212.183.128.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:73:7e:27:ed:99:4d:2e:ed:f5:95:28:cc:d0:37:69:59:44:
fe:77:6a:ec:c1:35:60:b6:f9:51:e2:e0:df:64:b5:bf:15:a2:
86:33:60:90:77:8e:6f:b8:e1:73:15:a9:13:00:f6:42:a0:79:
c8:66:c0:5b:6e:dd:5d:c5:11:3f:ab:88:11:00:6d:83:6d:fe:
c2:39:36:0e:70:30:93:df:bd:ad:40:95:e3:fe:f0:53:4f:4d:
c9:59:d5:38:4a:0b:66:f3:44:46:06:09:2a:b7:d7:78:0c:e4:
24:42:84:76:0b:f9:7e:82:5b:14:b1:0e:6e:56:d9:4c:c4:5c:
5d:87:85:1f:b5:94:a2:cd:b2:96:c7:29:04:6c:9d:51:0e:51:
f1:f8:02:e9:60:fe:91:9c:8e:f4:79:a8:10:d5:31:73:87:0f:
7f:52:2f:1a:1f:51:b8:5e:98:3e:7b:b2:f7:2c:88:cc:ce:3d:
a5:20:7e:d7:be:5e:2f:8c:0d:fa:f2:e6:60:95:a3:3a:bd:7c:
91:e6:96:ae:bb:76:98:c3:b7:41:cb:59:aa:ba:31:b5:e1:39:
44:2e:83:e8:dc:65:e3:44:bd:6b:2d:85:ea:a5:95:9b:f3:eb:
2e:83:eb:d6:79:d2:ae:8f:60:9b:af:77:ad:2b:ff:5b:59:0b:
63:97:8e:32
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQhRFVGjTpDRkbBfHIaVELgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZGEyMjVjYjdmMjk0MTZlNzUzNDY5NWZiZmIyMTc2MmZl
ZTkzYzgwHhcNMjUwMTAxMDk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTUzNzUyODBkZDdkYmVlMzZlZDNiMzRhNTE3ZTRiNmE0NjNhNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C2Nj7ywTnlLiCGm0nWDLCDSgNWK
raPlBW0CQENT72GRGfx8978Gd775P7Zbvupnm3qqLWnsjWesv7oakxoueiNAQtab
RHdjZAS+1k6pR0pOdByNx/YDB966wfeFWuiKKrKSr0XRXqbJdA9hX3yygan3kMlp
Bp4LzVZls3TgASxKYw7vdUv0owX8abW2UOLXs6jdi2GLtz+So3OzCkOd1a12b5/G
cB+elfvLdRgEtQQsHRQl2NipRKeiOcr9xUVsBT7Sa+PXv90hxd0UZLwB59xQAr/N
gfJl9QcPf44SM+KT3bWvGoEgJsuARTUdLNkhCle6V8QqiCdUzw55VIuVgwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDlTdSgN19vuNu07NKUX5LakY6QKMB8GA1UdIwQY
MBaAFBraIly38pQW51NGlfv7IXYv7pPIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUt
NzUyNWQ0ZDQwOGI1LzEvT1ZOMUtBM1gyLTQyN1RzMHBSZmt0cVJqcEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUtNzUyNWQ0ZDQwOGI1
LzEvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQEVf/gAwQF
WFIAAwQGlPyAAwQCuUWQAwQAwj7oAwQAwj7uAwQF1LeAMA0GCSqGSIb3DQEBCwUA
A4IBAQBbc34n7ZlNLu31lSjM0DdpWUT+d2rswTVgtvlR4uDfZLW/FaKGM2CQd45v
uOFzFakTAPZCoHnIZsBbbt1dxRE/q4gRAG2Dbf7COTYOcDCT372tQJXj/vBTT03J
WdU4Sgtm80RGBgkqt9d4DOQkQoR2C/l+glsUsQ5uVtlMxFxdh4UftZSizbKWxykE
bJ1RDlHx+ALpYP6RnI70eagQ1TFzhw9/Ui8aH1G4Xpg+e7L3LIjMzj2lIH7Xvl4v
jA368uZglaM6vXyR5pauu3aYw7dBy1mqujG14TlELoPo3GXjRL1rLYXqpZWb8+su
g+vWedKuj2Cbr3etK/9bWQtjl44y
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:31:14 2025 by rpki-client