Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/DO5JxTJH7uFwng3XYM_phi6lYsk.roa
File: DO5JxTJH7uFwng3XYM_phi6lYsk.roa (raw, json)
Hash identifier: JkK9R1ORzNwJ0NnlHo6OVYHIr+VFHHeNmWeu1gLSL4s=
Subject key identifier: 0C:EE:49:C5:32:47:EE:E1:70:9E:0D:D7:60:CF:E9:86:2E:A5:62:C9
Certificate issuer: /CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Certificate serial: 018CC9BCCC4433FFA2E923CE7EFCC6068FDF
Authority key identifier: 3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/DO5JxTJH7uFwng3XYM_phi6lYsk.roa
Signing time: Tue 02 Jan 2024 10:34:02 +0000
ROA not before: Tue 02 Jan 2024 10:34:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35492
IP address blocks: 193.238.156.0/22 maxlen: 22
185.194.20.0/22 maxlen: 22
78.41.112.0/21 maxlen: 21
2a02:60::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:cc:44:33:ff:a2:e9:23:ce:7e:fc:c6:06:8f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Validity
Not Before: Jan 2 10:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cee49c53247eee1709e0dd760cfe9862ea562c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6a:28:ce:f3:1d:10:a0:ed:fa:64:d9:3d:a0:
61:d8:2b:cb:88:6d:ad:c7:29:a6:f4:97:e7:e9:fb:
8b:03:dd:ca:78:5c:3a:ce:e8:41:a1:6b:3e:c3:3f:
1c:27:65:f5:3b:d5:04:da:eb:fe:fd:4e:2b:0a:3d:
78:a1:7f:9d:9c:a4:7a:0e:3d:bc:7e:86:80:92:ef:
92:9e:68:e6:77:18:99:f1:f4:b2:bf:c2:7f:f4:a0:
4d:60:60:97:56:dd:1e:1b:46:d8:ef:85:12:ea:ee:
ca:5b:54:48:7d:e8:82:c2:32:cb:12:54:2f:34:9e:
b2:19:fa:c2:c0:ad:8e:0c:79:5b:d0:0b:bd:53:97:
e5:6d:65:d7:66:14:9a:27:8f:0b:9c:48:3b:2a:0b:
03:78:ce:81:c5:fd:ca:3f:9c:f1:6c:98:2a:13:49:
78:56:f2:45:eb:29:54:5e:21:ef:e3:6f:61:b8:10:
f1:71:08:6f:63:c4:0d:08:34:c8:c4:d5:52:14:18:
b1:e4:82:be:ba:ed:d5:a5:a4:4d:46:13:87:bb:3c:
4d:04:ed:b3:90:6d:90:d8:b3:f8:ad:96:66:b6:e5:
80:7e:c6:a3:69:e4:53:c1:91:12:8b:e1:e7:83:c8:
13:9c:1c:6a:bc:69:ca:cf:f3:f9:80:89:2a:d4:96:
81:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:EE:49:C5:32:47:EE:E1:70:9E:0D:D7:60:CF:E9:86:2E:A5:62:C9
X509v3 Authority Key Identifier:
keyid:3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/DO5JxTJH7uFwng3XYM_phi6lYsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.112.0/21
185.194.20.0/22
193.238.156.0/22
IPv6:
2a02:60::/29
Signature Algorithm: sha256WithRSAEncryption
3e:11:ab:eb:99:3e:d7:e2:be:85:1d:dd:ea:34:d8:99:6c:58:
7b:40:41:43:56:01:61:1e:f0:40:38:6e:f0:08:b7:39:b3:c8:
bf:c8:1f:83:18:04:05:ca:97:bc:1d:eb:e9:d7:99:e8:80:83:
11:45:cc:3c:30:25:b8:77:91:69:f7:92:45:d5:d3:b4:cd:54:
89:f2:5d:e3:6f:74:3c:25:27:b5:f5:f3:72:66:8b:c2:43:f9:
40:07:ca:cf:15:f4:8f:58:30:95:2c:d1:d0:19:51:24:aa:f0:
6b:ca:bd:fd:7d:44:f1:c5:7f:9c:2e:18:b6:82:45:02:9c:48:
db:bc:60:c7:1d:4f:7a:b1:40:37:6b:e3:e9:6e:01:33:53:c2:
e0:4c:e0:a7:91:9f:ca:e6:e4:e5:79:d9:c1:ed:8f:0e:47:69:
58:79:b0:e3:45:d3:df:2d:e8:13:65:c1:95:f0:7a:99:65:00:
87:14:65:34:74:d1:1c:f3:c2:55:d1:79:c8:c5:82:ce:fa:f2:
31:c3:6b:9e:46:f0:df:bc:b2:3d:c7:af:51:13:69:31:e4:13:
a7:79:6f:39:61:d1:47:e1:f4:ed:de:b1:ff:43:f3:ce:da:71:
74:11:62:62:f7:c1:64:83:d8:3e:8e:1f:9d:a4:2d:63:72:3a:
d3:30:86:d1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJvMxEM/+i6SPOfvzGBo/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzBmMWY2NTYzZGU0M2ExMWQzNjQ0OTc1NjY3YzFjMjhl
Nzk1OWUwHhcNMjQwMTAyMTAzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2VlNDljNTMyNDdlZWUxNzA5ZTBkZDc2MGNmZTk4NjJlYTU2MmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WoozvMdEKDt+mTZPaBh2CvLiG2t
xymm9Jfn6fuLA93KeFw6zuhBoWs+wz8cJ2X1O9UE2uv+/U4rCj14oX+dnKR6Dj28
foaAku+SnmjmdxiZ8fSyv8J/9KBNYGCXVt0eG0bY74US6u7KW1RIfeiCwjLLElQv
NJ6yGfrCwK2ODHlb0Au9U5flbWXXZhSaJ48LnEg7KgsDeM6Bxf3KP5zxbJgqE0l4
VvJF6ylUXiHv429huBDxcQhvY8QNCDTIxNVSFBix5IK+uu3VpaRNRhOHuzxNBO2z
kG2Q2LP4rZZmtuWAfsajaeRTwZESi+Hng8gTnBxqvGnKz/P5gIkq1JaB0QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAzuScUyR+7hcJ4N12DP6YYupWLJMB8GA1UdIwQY
MBaAFD1w8fZWPeQ6EdNkSXVmfBwo55WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82YzA3NWUtNjI2My00ZmYzLWEyNmQt
OGQzMjIyMDcxNWVlLzEvRE81SnhUSkg3dUZ3bmczWFlNX3BoaTZsWXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82YzA3NWUtNjI2My00ZmYzLWEyNmQtOGQzMjIyMDcxNWVl
LzEvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDTilwAwQC
ucIUAwQCwe6cMA0EAgACMAcDBQMqAgBgMA0GCSqGSIb3DQEBCwUAA4IBAQA+Eavr
mT7X4r6FHd3qNNiZbFh7QEFDVgFhHvBAOG7wCLc5s8i/yB+DGAQFype8Hevp15no
gIMRRcw8MCW4d5Fp95JF1dO0zVSJ8l3jb3Q8JSe19fNyZovCQ/lAB8rPFfSPWDCV
LNHQGVEkqvBryr39fUTxxX+cLhi2gkUCnEjbvGDHHU96sUA3a+PpbgEzU8LgTOCn
kZ/K5uTlednB7Y8OR2lYebDjRdPfLegTZcGV8HqZZQCHFGU0dNEc88JV0XnIxYLO
+vIxw2ueRvDfvLI9x69RE2kx5BOneW85YdFH4fTt3rH/Q/PO2nF0EWJi98Fkg9g+
jh+dpC1jcjrTMIbR
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:51:00 2025 by rpki-client