Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/c163lHr13Nat44YCYr1A3B2hhb0.roa
File: c163lHr13Nat44YCYr1A3B2hhb0.roa (raw, json)
Hash identifier: w9WOxmBtg+10kU9kd6nwrCs3tVoz3tCsXV5y4fVVl/c=
Subject key identifier: 73:5E:B7:94:7A:F5:DC:D6:AD:E3:86:02:62:BD:40:DC:1D:A1:85:BD
Certificate issuer: /CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Certificate serial: 37AB7CB3
Authority key identifier: 3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/c163lHr13Nat44YCYr1A3B2hhb0.roa
Signing time: Sat 01 Jan 2022 05:03:08 +0000
ROA not before: Sat 01 Jan 2022 05:03:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35492
IP address blocks: 193.238.156.0/22 maxlen: 22
185.194.20.0/22 maxlen: 22
78.41.112.0/21 maxlen: 21
2a02:60::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 933985459 (0x37ab7cb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Validity
Not Before: Jan 1 05:03:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=735eb7947af5dcd6ade3860262bd40dc1da185bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0e:87:ea:e0:f8:08:d6:59:b6:5e:29:13:51:
bf:66:1e:49:37:c1:f0:83:94:bc:2c:10:b7:e6:d7:
15:68:0b:6d:a7:8e:8a:d2:cf:f3:e1:92:82:fe:75:
46:f7:4d:9e:ad:a1:f1:ed:ef:de:c4:f1:bc:8a:52:
35:d9:7a:e5:0b:7f:91:4d:8e:62:c4:0a:b1:d1:2b:
46:68:25:b2:c2:b9:bc:6f:84:02:9f:e1:29:3e:08:
0f:8e:4d:a4:cb:45:e2:18:de:b4:12:c9:e0:56:18:
c7:aa:5e:d1:3f:90:a8:1a:66:54:56:79:ed:44:16:
96:c3:0d:8f:93:44:71:c9:8e:eb:55:7b:48:d4:a0:
ad:64:f4:93:ee:00:4e:26:5e:55:94:c5:e6:a6:c1:
d5:5c:38:a2:38:77:20:c0:3b:eb:60:c2:b4:d2:48:
02:27:d4:e1:9e:40:ea:f3:1e:3a:9a:5f:f2:8c:8e:
ce:75:18:90:38:fe:38:27:ee:40:d0:83:7d:7a:ba:
0b:21:29:56:d8:0e:15:ce:18:5a:00:06:be:f3:25:
71:70:a4:84:e1:6e:ab:08:a3:3c:63:32:99:60:41:
32:ad:8e:59:b6:10:9d:5a:58:28:89:34:59:9e:5a:
fe:56:e8:96:f9:5a:cf:a9:02:f4:85:a4:a9:66:c2:
a7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:5E:B7:94:7A:F5:DC:D6:AD:E3:86:02:62:BD:40:DC:1D:A1:85:BD
X509v3 Authority Key Identifier:
keyid:3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/c163lHr13Nat44YCYr1A3B2hhb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.112.0/21
185.194.20.0/22
193.238.156.0/22
IPv6:
2a02:60::/29
Signature Algorithm: sha256WithRSAEncryption
07:c3:98:9e:0c:2c:58:cc:77:80:c4:58:de:8c:0f:7f:1b:be:
04:10:e0:32:42:cf:9d:4b:e3:fe:93:e8:78:88:9b:e8:07:46:
d1:e3:fe:50:52:5b:85:83:f6:c3:65:04:30:c6:92:7a:ae:f8:
5c:a2:e9:36:df:2e:f2:2b:8b:f4:0b:53:5a:eb:6a:02:60:f2:
ca:f9:71:a3:c1:21:05:07:4a:c0:c4:bd:ad:de:7d:3a:af:c6:
48:6b:3d:b2:08:a6:ea:a4:39:eb:52:17:bf:2a:d4:82:f4:2a:
52:58:ef:aa:d7:08:ad:d2:1c:ff:11:59:e6:9d:3c:de:4a:2c:
86:37:ca:b6:16:93:9e:77:58:3f:e5:5d:f0:45:ec:e6:32:41:
61:e3:d1:b9:33:a2:fb:8c:cf:5e:cc:70:28:b7:94:45:6e:e2:
99:bb:2c:ac:a2:c4:f5:d1:68:ae:a1:90:ee:4e:e1:56:bd:fd:
80:37:1c:e1:a0:25:3f:c5:e2:94:4c:b2:f4:2e:5d:65:6e:0c:
62:b7:b2:54:ce:e6:cb:86:9b:57:c1:b7:7e:e0:04:40:74:76:
ef:56:dd:45:63:5b:87:c5:0d:9e:39:69:98:b9:69:bf:f2:81:
8a:21:43:bf:b8:19:8c:ff:35:9f:50:47:80:f7:b1:3b:84:d4:
dc:1d:18:36
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEN6t8szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDcwZjFmNjU2M2RlNDNhMTFkMzY0NDk3NTY2N2MxYzI4ZTc5NTllMB4XDTIyMDEw
MTA1MDMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzM1ZWI3OTQ3YWY1
ZGNkNmFkZTM4NjAyNjJiZDQwZGMxZGExODViZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcOh+rg+AjWWbZeKRNRv2YeSTfB8IOUvCwQt+bXFWgLbaeO
itLP8+GSgv51RvdNnq2h8e3v3sTxvIpSNdl65Qt/kU2OYsQKsdErRmglssK5vG+E
Ap/hKT4ID45NpMtF4hjetBLJ4FYYx6pe0T+QqBpmVFZ57UQWlsMNj5NEccmO61V7
SNSgrWT0k+4ATiZeVZTF5qbB1Vw4ojh3IMA762DCtNJIAifU4Z5A6vMeOppf8oyO
znUYkDj+OCfuQNCDfXq6CyEpVtgOFc4YWgAGvvMlcXCkhOFuqwijPGMymWBBMq2O
WbYQnVpYKIk0WZ5a/lbolvlaz6kC9IWkqWbCp3sCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRzXreUevXc1q3jhgJivUDcHaGFvTAfBgNVHSMEGDAWgBQ9cPH2Vj3kOhHT
ZEl1ZnwcKOeVnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BYRHg5bFk5NURvUjAyUkpkV1o4SENqbmxaNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvNmMwNzVlLTYyNjMtNGZmMy1hMjZkLThkMzIyMjA3MTVlZS8x
L2MxNjNsSHIxM05hdDQ0WUNZcjFBM0IyaGhiMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
NmMwNzVlLTYyNjMtNGZmMy1hMjZkLThkMzIyMjA3MTVlZS8xL1BYRHg5bFk5NURv
UjAyUkpkV1o4SENqbmxaNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA04pcAMEArnCFAMEAsHunDANBAIA
AjAHAwUDKgIAYDANBgkqhkiG9w0BAQsFAAOCAQEAB8OYngwsWMx3gMRY3owPfxu+
BBDgMkLPnUvj/pPoeIib6AdG0eP+UFJbhYP2w2UEMMaSeq74XKLpNt8u8iuL9AtT
WutqAmDyyvlxo8EhBQdKwMS9rd59Oq/GSGs9sgim6qQ561IXvyrUgvQqUljvqtcI
rdIc/xFZ5p083koshjfKthaTnndYP+Vd8EXs5jJBYePRuTOi+4zPXsxwKLeURW7i
mbssrKLE9dForqGQ7k7hVr39gDcc4aAlP8XilEyy9C5dZW4MYreyVM7my4abV8G3
fuAEQHR271bdRWNbh8UNnjlpmLlpv/KBiiFDv7gZjP81n1BHgPexO4TU3B0YNg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:47 2025 by rpki-client