Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/ecb293-8fa4-4849-9562-56f9f23afc35/1/C4k5IeI5ibR1u1NpOxnjlDc1Ab8.roa
File: C4k5IeI5ibR1u1NpOxnjlDc1Ab8.roa (raw, json)
Hash identifier: OwZHnQSfWERYT5Kgb7LdwoV9OF0nYetOafQZOQo6UBg=
Subject key identifier: 0B:89:39:21:E2:39:89:B4:75:BB:53:69:3B:19:E3:94:37:35:01:BF
Certificate issuer: /CN=730c530a14854bc8b5b4dfb1747ab3543e4afcc3
Certificate serial: 0D90E04A
Authority key identifier: 73:0C:53:0A:14:85:4B:C8:B5:B4:DF:B1:74:7A:B3:54:3E:4A:FC:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cwxTChSFS8i1tN-xdHqzVD5K_MM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/ecb293-8fa4-4849-9562-56f9f23afc35/1/C4k5IeI5ibR1u1NpOxnjlDc1Ab8.roa
Signing time: Sat 01 Jan 2022 12:03:29 +0000
ROA not before: Sat 01 Jan 2022 12:03:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197985
IP address blocks: 185.38.152.0/22 maxlen: 22
31.177.32.0/21 maxlen: 21
185.192.144.0/22 maxlen: 22
2a03:ea40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227598410 (0xd90e04a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=730c530a14854bc8b5b4dfb1747ab3543e4afcc3
Validity
Not Before: Jan 1 12:03:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b893921e23989b475bb53693b19e394373501bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:cf:0c:0c:08:4a:08:a3:38:f1:d3:25:d3:
12:24:b5:bc:08:63:38:38:8f:5e:32:29:0e:5b:8b:
32:45:2a:0a:cc:f3:f1:03:03:b2:43:bf:f6:f2:0f:
63:d9:2c:5e:35:54:eb:96:0c:55:f2:8c:4a:a6:3c:
9c:bd:79:96:36:78:59:43:dc:2c:8f:2c:83:c4:f4:
26:3b:0a:44:f3:93:27:f5:d9:4d:93:66:38:28:3c:
00:92:64:ac:36:09:42:14:bc:0e:bd:c5:d9:ef:95:
1c:6c:cb:52:0e:a1:84:59:ab:fc:5d:ff:c8:59:2b:
d4:82:eb:72:02:8e:3e:58:a7:68:49:41:03:c2:27:
04:80:b7:8e:95:ef:53:55:7f:7f:a8:04:2e:dd:80:
bf:72:35:74:69:88:9d:f8:58:1f:f4:51:13:76:c1:
3f:6c:1a:4f:ca:4d:6d:1a:75:7c:e1:a7:57:28:52:
10:0f:53:04:63:f6:58:13:a8:8a:95:c6:c9:89:0e:
50:f6:2c:0f:87:e4:e7:60:b7:c2:ee:31:41:74:b4:
08:60:26:8f:19:d7:8e:08:32:5f:4a:af:9c:b3:5f:
48:0e:dc:ea:d3:8d:04:73:4b:89:cf:b2:a6:62:f7:
2c:68:06:39:9c:77:87:7b:76:c7:71:41:65:89:a0:
1d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:89:39:21:E2:39:89:B4:75:BB:53:69:3B:19:E3:94:37:35:01:BF
X509v3 Authority Key Identifier:
keyid:73:0C:53:0A:14:85:4B:C8:B5:B4:DF:B1:74:7A:B3:54:3E:4A:FC:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwxTChSFS8i1tN-xdHqzVD5K_MM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ecb293-8fa4-4849-9562-56f9f23afc35/1/C4k5IeI5ibR1u1NpOxnjlDc1Ab8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ecb293-8fa4-4849-9562-56f9f23afc35/1/cwxTChSFS8i1tN-xdHqzVD5K_MM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.32.0/21
185.38.152.0/22
185.192.144.0/22
IPv6:
2a03:ea40::/32
Signature Algorithm: sha256WithRSAEncryption
46:d6:09:eb:da:d4:e9:ec:2e:c1:38:84:c8:a2:cc:11:79:2c:
2d:7e:17:51:29:0a:83:c7:81:27:08:42:9b:3c:eb:51:0a:58:
1b:33:1a:dd:16:29:21:dd:5f:44:9c:4b:fc:22:d0:e8:50:31:
67:d0:69:de:de:c9:16:64:81:6e:60:cb:e1:f8:69:bb:0c:74:
52:d0:92:65:e8:a7:c4:47:eb:10:d9:04:60:de:aa:0e:2a:0d:
fe:9e:a9:76:6f:01:c7:0e:d5:c2:d5:0a:a8:43:5b:ae:12:d5:
12:19:32:56:84:19:af:69:56:8d:0e:3f:ef:85:96:23:ab:1d:
df:3c:d4:f2:b3:9a:ca:fe:a1:e7:2d:2d:af:a9:75:c0:32:44:
74:27:95:fd:23:47:d5:a1:72:20:63:65:35:00:ba:f5:29:ea:
91:06:c6:26:af:20:57:76:cd:4c:b2:77:59:3d:66:3b:c1:10:
b4:60:18:b6:a4:98:29:c9:5e:af:28:e8:94:a7:42:b2:02:eb:
47:d2:1f:75:ba:54:97:6a:fb:61:c5:f8:8b:b3:a1:00:f7:db:
c9:9b:51:9d:76:8c:c5:42:e9:86:b4:a8:31:bd:d4:bc:4c:bd:
63:6f:3b:67:f5:1b:04:d3:44:af:1b:61:6d:2c:49:05:19:c5:
6c:3e:63:e4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEDZDgSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzBjNTMwYTE0ODU0YmM4YjViNGRmYjE3NDdhYjM1NDNlNGFmY2MzMB4XDTIyMDEw
MTEyMDMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI4OTM5MjFlMjM5
ODliNDc1YmI1MzY5M2IxOWUzOTQzNzM1MDFiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7VzwwMCEoIozjx0yXTEiS1vAhjODiPXjIpDluLMkUqCszz
8QMDskO/9vIPY9ksXjVU65YMVfKMSqY8nL15ljZ4WUPcLI8sg8T0JjsKRPOTJ/XZ
TZNmOCg8AJJkrDYJQhS8Dr3F2e+VHGzLUg6hhFmr/F3/yFkr1ILrcgKOPlinaElB
A8InBIC3jpXvU1V/f6gELt2Av3I1dGmInfhYH/RRE3bBP2waT8pNbRp1fOGnVyhS
EA9TBGP2WBOoipXGyYkOUPYsD4fk52C3wu4xQXS0CGAmjxnXjggyX0qvnLNfSA7c
6tONBHNLic+ypmL3LGgGOZx3h3t2x3FBZYmgHd8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQLiTkh4jmJtHW7U2k7GeOUNzUBvzAfBgNVHSMEGDAWgBRzDFMKFIVLyLW0
37F0erNUPkr8wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N3eFRDaFNGUzhpMXROLXhkSHF6VkQ1S19NTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvZWNiMjkzLThmYTQtNDg0OS05NTYyLTU2ZjlmMjNhZmMzNS8x
L0M0azVJZUk1aWJSMXUxTnBPeG5qbERjMUFiOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
ZWNiMjkzLThmYTQtNDg0OS05NTYyLTU2ZjlmMjNhZmMzNS8xL2N3eFRDaFNGUzhp
MXROLXhkSHF6VkQ1S19NTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAx+xIAMEArkmmAMEArnAkDANBAIA
AjAHAwUAKgPqQDANBgkqhkiG9w0BAQsFAAOCAQEARtYJ69rU6ewuwTiEyKLMEXks
LX4XUSkKg8eBJwhCmzzrUQpYGzMa3RYpId1fRJxL/CLQ6FAxZ9Bp3t7JFmSBbmDL
4fhpuwx0UtCSZeinxEfrENkEYN6qDioN/p6pdm8Bxw7VwtUKqENbrhLVEhkyVoQZ
r2lWjQ4/74WWI6sd3zzU8rOayv6h5y0tr6l1wDJEdCeV/SNH1aFyIGNlNQC69Snq
kQbGJq8gV3bNTLJ3WT1mO8EQtGAYtqSYKcleryjolKdCsgLrR9IfdbpUl2r7YcX4
i7OhAPfbyZtRnXaMxULphrSoMb3UvEy9Y287Z/UbBNNErxthbSxJBRnFbD5j5A==
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:43:48 2025 by rpki-client