Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/oGUzs3HriURmMyvP-1mM3ixvd88.roa
File: oGUzs3HriURmMyvP-1mM3ixvd88.roa (raw, json)
Hash identifier: U9dJ3cn9/4GeEgNWQhNTsFuWjpySklwjtb60dseGPO4=
Subject key identifier: A0:65:33:B3:71:EB:89:44:66:33:2B:CF:FB:59:8C:DE:2C:6F:77:CF
Certificate issuer: /CN=88a559dcdd5bc4b66cb2496f2e6fb0e8f954aaeb
Certificate serial: 019427B5FA483B62283AFD3CED74FBC57E7C
Authority key identifier: 88:A5:59:DC:DD:5B:C4:B6:6C:B2:49:6F:2E:6F:B0:E8:F9:54:AA:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/oGUzs3HriURmMyvP-1mM3ixvd88.roa
Signing time: Thu 02 Jan 2025 15:50:25 +0000
ROA not before: Thu 02 Jan 2025 15:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47704
IP address blocks: 185.60.120.0/23 maxlen: 23
185.60.120.0/24 maxlen: 24
185.60.121.0/24 maxlen: 24
185.60.122.0/23 maxlen: 23
185.60.122.0/24 maxlen: 24
185.60.123.0/24 maxlen: 24
185.96.200.0/22 maxlen: 22
2a04:e840::/29 maxlen: 29
2a06:140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:fa:48:3b:62:28:3a:fd:3c:ed:74:fb:c5:7e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a559dcdd5bc4b66cb2496f2e6fb0e8f954aaeb
Validity
Not Before: Jan 2 15:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a06533b371eb894466332bcffb598cde2c6f77cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c0:a8:e1:fa:3b:20:04:b1:73:ed:de:25:98:
ad:cd:35:d9:ea:03:2e:e3:9a:e6:cb:0b:1b:aa:ca:
2d:09:83:ea:1d:bd:e5:89:a7:cf:b4:f9:0d:c8:e5:
dc:2c:20:0b:80:7c:c4:2b:0c:94:42:c6:51:94:b7:
3f:97:31:d3:ad:0b:f4:03:7a:9b:d1:ce:0a:fa:c7:
09:a7:0e:10:6d:40:02:a9:9b:15:0f:19:55:bd:96:
0f:c5:25:28:b5:1a:15:d5:95:2a:50:0a:9d:da:fa:
51:8a:f1:04:e6:28:5c:0d:c6:34:ca:cb:7d:bc:68:
25:2f:cb:71:2e:2f:3e:93:bd:f8:25:30:84:f2:fc:
08:8d:c9:be:74:2f:77:c4:9f:6e:96:b3:a4:30:80:
06:ee:7d:68:7d:d9:71:f8:de:c7:e1:1b:31:0c:09:
0f:92:58:0c:e1:ba:5f:b3:90:0d:a9:b3:f7:ed:80:
3f:35:53:c5:5b:ec:7a:6b:cd:e1:5f:dd:00:bf:0f:
d8:2b:d5:2f:03:b5:7d:9b:70:27:fe:28:8e:2a:6e:
fe:79:9d:fc:95:38:41:08:0a:a2:7f:56:a6:d2:17:
74:58:cb:d3:6b:97:93:d0:41:2b:03:02:b1:0f:f5:
9b:1f:4a:19:85:16:2a:ca:13:fa:b7:a0:11:35:ec:
1f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:65:33:B3:71:EB:89:44:66:33:2B:CF:FB:59:8C:DE:2C:6F:77:CF
X509v3 Authority Key Identifier:
keyid:88:A5:59:DC:DD:5B:C4:B6:6C:B2:49:6F:2E:6F:B0:E8:F9:54:AA:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/oGUzs3HriURmMyvP-1mM3ixvd88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.120.0/22
185.96.200.0/22
IPv6:
2a04:e840::/29
2a06:140::/29
Signature Algorithm: sha256WithRSAEncryption
8a:67:ab:21:ba:86:85:1f:4c:f2:8b:18:e5:d2:c4:3a:e6:9c:
de:c0:5d:44:2b:43:f6:79:5b:ea:fb:59:0e:9a:81:a7:f2:19:
62:82:b5:a7:7c:06:e9:d8:22:b9:2c:bf:42:64:a2:a8:ec:80:
e3:da:15:c7:c8:25:b2:14:cb:8a:7a:8c:5b:69:93:03:65:22:
26:bb:b1:c5:15:b9:3f:03:8f:b0:7e:c9:bd:17:32:54:0b:91:
d5:be:18:42:19:3f:7a:22:5b:32:04:da:9b:ee:7d:d2:fc:9e:
0c:35:ba:fc:93:5d:23:8e:88:23:65:90:00:e5:81:67:1b:a2:
72:4e:f8:4f:fa:42:5e:44:91:40:bf:6d:26:44:7c:f1:1f:c6:
aa:6a:7b:28:44:6a:d7:0b:aa:c3:1e:b2:b6:38:d4:b8:a7:3f:
2a:9d:4e:6e:29:c2:38:bf:52:c1:1a:89:cb:09:13:a5:2e:23:
49:0c:ef:bf:46:7d:0b:bb:21:b6:c0:19:67:09:05:b6:77:df:
b4:7d:20:a8:7e:33:06:4b:f5:ce:0c:4c:a0:3d:ac:f0:95:3c:
90:2c:2b:2f:68:6c:e6:f4:84:66:fc:cb:b2:b2:4b:31:b0:63:
2e:17:ff:43:7b:91:a4:33:01:e1:75:3b:1d:7c:d7:7e:db:ca:
e8:43:36:f2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQntfpIO2IoOv087XT7xX58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTU1OWRjZGQ1YmM0YjY2Y2IyNDk2ZjJlNmZiMGU4Zjk1
NGFhZWIwHhcNMjUwMTAyMTU1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDY1MzNiMzcxZWI4OTQ0NjYzMzJiY2ZmYjU5OGNkZTJjNmY3N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMCo4fo7IASxc+3eJZitzTXZ6gMu
45rmywsbqsotCYPqHb3liafPtPkNyOXcLCALgHzEKwyUQsZRlLc/lzHTrQv0A3qb
0c4K+scJpw4QbUACqZsVDxlVvZYPxSUotRoV1ZUqUAqd2vpRivEE5ihcDcY0yst9
vGglL8txLi8+k734JTCE8vwIjcm+dC93xJ9ulrOkMIAG7n1ofdlx+N7H4RsxDAkP
klgM4bpfs5ANqbP37YA/NVPFW+x6a83hX90Avw/YK9UvA7V9m3An/iiOKm7+eZ38
lThBCAqif1am0hd0WMvTa5eT0EErAwKxD/WbH0oZhRYqyhP6t6ARNewfRQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKBlM7Nx64lEZjMrz/tZjN4sb3fPMB8GA1UdIwQY
MBaAFIilWdzdW8S2bLJJby5vsOj5VKrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtWWjNOMWJ4TFpzc2tsdkxtLXc2UGxVcXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hODRjZDItNDVkOS00MTc5LWE5OTct
OTIwZDJhNjIwN2E0LzEvb0dVenMzSHJpVVJtTXl2UC0xbU0zaXh2ZDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hODRjZDItNDVkOS00MTc5LWE5OTctOTIwZDJhNjIwN2E0
LzEvaUtWWjNOMWJ4TFpzc2tsdkxtLXc2UGxVcXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuTx4AwQC
uWDIMBQEAgACMA4DBQMqBOhAAwUDKgYBQDANBgkqhkiG9w0BAQsFAAOCAQEAimer
IbqGhR9M8osY5dLEOuac3sBdRCtD9nlb6vtZDpqBp/IZYoK1p3wG6dgiuSy/QmSi
qOyA49oVx8glshTLinqMW2mTA2UiJruxxRW5PwOPsH7JvRcyVAuR1b4YQhk/eiJb
MgTam+590vyeDDW6/JNdI46II2WQAOWBZxuick74T/pCXkSRQL9tJkR88R/Gqmp7
KERq1wuqwx6ytjjUuKc/Kp1ObinCOL9SwRqJywkTpS4jSQzvv0Z9C7shtsAZZwkF
tnfftH0gqH4zBkv1zgxMoD2s8JU8kCwrL2hs5vSEZvzLsrJLMbBjLhf/Q3uRpDMB
4XU7HXzXftvK6EM28g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:31 2025 by rpki-client