Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/OAW_7h2EYB-AetyjnC6dPC5xWiU.roa
File: OAW_7h2EYB-AetyjnC6dPC5xWiU.roa (raw, json)
Hash identifier: Qb9CaMWmpJGq5jbkx9cyLIDy3RWws7T479eRi22vsSU=
Subject key identifier: 38:05:BF:EE:1D:84:60:1F:80:7A:DC:A3:9C:2E:9D:3C:2E:71:5A:25
Certificate issuer: /CN=9d21834344a76816682d211a3144040e5f8534d0
Certificate serial: 0571FE39
Authority key identifier: 9D:21:83:43:44:A7:68:16:68:2D:21:1A:31:44:04:0E:5F:85:34:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/OAW_7h2EYB-AetyjnC6dPC5xWiU.roa
Signing time: Sat 01 Jan 2022 14:57:38 +0000
ROA not before: Sat 01 Jan 2022 14:57:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204151
IP address blocks: 212.237.176.0/21 maxlen: 21
185.107.15.0/24 maxlen: 24
185.107.13.0/24 maxlen: 24
185.107.12.0/22 maxlen: 22
185.107.14.0/24 maxlen: 24
194.45.76.0/22 maxlen: 22
185.233.252.0/24 maxlen: 24
185.233.252.0/22 maxlen: 22
185.233.253.0/24 maxlen: 24
185.233.254.0/24 maxlen: 24
185.233.255.0/24 maxlen: 24
78.31.252.0/22 maxlen: 22
46.32.144.0/21 maxlen: 24
2a06:4000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91356729 (0x571fe39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d21834344a76816682d211a3144040e5f8534d0
Validity
Not Before: Jan 1 14:57:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3805bfee1d84601f807adca39c2e9d3c2e715a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:de:3f:20:44:86:13:0f:8b:2b:4d:60:86:c5:
25:ef:5b:f6:09:de:2f:53:6b:be:b7:45:83:21:60:
0c:64:02:07:42:27:fd:f4:4b:de:40:8f:88:d4:b3:
07:c2:e1:fc:86:4a:d2:bc:2d:13:ba:94:1d:b7:d7:
52:8a:07:f3:38:3e:8e:2f:bc:8e:b7:d1:4a:2c:cb:
ef:0e:74:6e:0b:b0:f6:c5:e9:82:9d:ac:29:59:ad:
62:17:23:dd:3f:13:f4:0d:3d:b6:c2:5f:76:92:ea:
37:8d:fa:97:81:bf:0d:b6:4b:77:ea:b8:b2:c5:85:
7b:88:29:0d:1c:21:c1:de:1d:48:0e:a3:b4:32:e1:
d5:8a:59:d9:27:a2:26:e1:09:3a:25:c8:8a:2d:21:
74:92:1d:41:49:2a:fb:09:a6:19:0f:4a:49:d1:f7:
22:d8:10:a0:c8:48:d9:30:3d:a7:77:7f:3b:d3:ec:
21:1a:d9:4f:fa:b3:01:f4:b5:00:7d:c8:2d:58:62:
9e:21:f4:9f:3f:63:5a:74:a0:15:a2:bf:bb:cb:44:
66:8f:97:d3:6d:23:5a:f1:41:d7:32:e6:dd:c8:2d:
fe:d1:91:9f:13:d2:0f:6d:05:49:53:c2:04:49:94:
cb:5d:ef:5c:17:e9:c3:ff:a7:66:1a:da:b1:13:ca:
3e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:05:BF:EE:1D:84:60:1F:80:7A:DC:A3:9C:2E:9D:3C:2E:71:5A:25
X509v3 Authority Key Identifier:
keyid:9D:21:83:43:44:A7:68:16:68:2D:21:1A:31:44:04:0E:5F:85:34:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/OAW_7h2EYB-AetyjnC6dPC5xWiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.144.0/21
78.31.252.0/22
185.107.12.0/22
185.233.252.0/22
194.45.76.0/22
212.237.176.0/21
IPv6:
2a06:4000::/29
Signature Algorithm: sha256WithRSAEncryption
7f:bf:28:a0:0c:8c:42:6c:c0:53:af:47:62:d6:a1:be:7e:cc:
40:97:5b:a2:d2:97:0a:24:90:54:23:d6:fb:7d:22:7a:10:e5:
5b:5b:89:e1:1e:bf:bb:26:f5:f0:ed:eb:ce:3f:0c:dc:e1:1c:
89:5a:a2:77:5c:a8:b0:16:45:e1:24:49:55:f1:ac:66:e1:4d:
23:31:e7:be:fc:c6:dd:53:91:59:34:f8:03:f9:11:11:ea:bf:
5d:df:65:eb:86:ec:14:99:f7:22:7a:eb:1c:ad:10:6c:38:3f:
b4:a7:83:a2:8f:0a:8a:59:3b:0b:43:2d:10:b8:4d:4e:7e:0f:
17:c4:8c:bb:0e:69:8a:22:df:0e:ea:41:bd:8b:bf:83:af:e5:
0a:b4:c3:0e:e9:65:46:c4:c7:23:87:37:d9:e5:63:5e:fe:4b:
23:27:70:55:cf:73:46:8a:05:58:cf:ed:5f:ee:91:9b:83:a6:
46:bb:ab:85:17:87:dc:78:a1:3f:2a:49:fa:7c:0e:fc:d3:d3:
06:c8:71:5e:18:17:dc:f4:ac:09:7b:68:62:35:b7:13:20:7a:
53:0b:f2:e5:55:57:0a:f2:f4:1d:d2:e1:5f:20:e9:c9:02:20:
e1:15:2a:e0:db:d5:6e:bb:2d:74:7a:9e:fb:cc:31:0c:9a:e2:
29:ac:31:82
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEBXH+OTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDIxODM0MzQ0YTc2ODE2NjgyZDIxMWEzMTQ0MDQwZTVmODUzNGQwMB4XDTIyMDEw
MTE0NTczOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgwNWJmZWUxZDg0
NjAxZjgwN2FkY2EzOWMyZTlkM2MyZTcxNWEyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/ePyBEhhMPiytNYIbFJe9b9gneL1NrvrdFgyFgDGQCB0In
/fRL3kCPiNSzB8Lh/IZK0rwtE7qUHbfXUooH8zg+ji+8jrfRSizL7w50bguw9sXp
gp2sKVmtYhcj3T8T9A09tsJfdpLqN436l4G/DbZLd+q4ssWFe4gpDRwhwd4dSA6j
tDLh1YpZ2SeiJuEJOiXIii0hdJIdQUkq+wmmGQ9KSdH3ItgQoMhI2TA9p3d/O9Ps
IRrZT/qzAfS1AH3ILVhiniH0nz9jWnSgFaK/u8tEZo+X020jWvFB1zLm3cgt/tGR
nxPSD20FSVPCBEmUy13vXBfpw/+nZhrasRPKPgECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQ4Bb/uHYRgH4B63KOcLp08LnFaJTAfBgNVHSMEGDAWgBSdIYNDRKdoFmgt
IRoxRAQOX4U00DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TR0RRMFNuYUJab0xTRWFNVVFFRGwtRk5OQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvODAxZjU1LWVjOGEtNGE4My1hMjFlLTk2YTQyZWZjZTk3OC8x
L09BV183aDJFWUItQWV0eWpuQzZkUEM1eFdpVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
ODAxZjU1LWVjOGEtNGE4My1hMjFlLTk2YTQyZWZjZTk3OC8xL25TR0RRMFNuYUJa
b0xTRWFNVVFFRGwtRk5OQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAy4gkAMEAk4f/AMEArlrDAMEArnp
/AMEAsItTAMEA9TtsDANBAIAAjAHAwUDKgZAADANBgkqhkiG9w0BAQsFAAOCAQEA
f78ooAyMQmzAU69HYtahvn7MQJdbotKXCiSQVCPW+30iehDlW1uJ4R6/uyb18O3r
zj8M3OEciVqid1yosBZF4SRJVfGsZuFNIzHnvvzG3VORWTT4A/kREeq/Xd9l64bs
FJn3InrrHK0QbDg/tKeDoo8Kilk7C0MtELhNTn4PF8SMuw5piiLfDupBvYu/g6/l
CrTDDullRsTHI4c32eVjXv5LIydwVc9zRooFWM/tX+6Rm4OmRrurhReH3HihPypJ
+nwO/NPTBshxXhgX3PSsCXtoYjW3EyB6Uwvy5VVXCvL0HdLhXyDpyQIg4RUq4NvV
brstdHqe+8wxDJriKawxgg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:21 2025 by rpki-client