Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/O10H_NXAAD1i_gphnWNg3Wq_zvU.roa
File: O10H_NXAAD1i_gphnWNg3Wq_zvU.roa (raw, json)
Hash identifier: S3bnGRkcKICV24Gqt4GllsXulmARfu6sriFJ2/wRC7Y=
Subject key identifier: 3B:5D:07:FC:D5:C0:00:3D:62:FE:0A:61:9D:63:60:DD:6A:BF:CE:F5
Certificate issuer: /CN=3e20c700d98d76a9c640173889f9367da9de8997
Certificate serial: 0194258F79B21B3952AB60257171CD6787FE
Authority key identifier: 3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/O10H_NXAAD1i_gphnWNg3Wq_zvU.roa
Signing time: Thu 02 Jan 2025 05:49:07 +0000
ROA not before: Thu 02 Jan 2025 05:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51601
IP address blocks: 87.239.184.0/21 maxlen: 24
91.194.116.0/23 maxlen: 24
176.56.160.0/19 maxlen: 24
185.65.172.0/22 maxlen: 24
193.33.70.0/23 maxlen: 24
195.189.120.0/22 maxlen: 24
2a03:9d40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:79:b2:1b:39:52:ab:60:25:71:71:cd:67:87:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e20c700d98d76a9c640173889f9367da9de8997
Validity
Not Before: Jan 2 05:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b5d07fcd5c0003d62fe0a619d6360dd6abfcef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:98:13:63:f8:eb:24:56:f3:6b:4b:5c:6b:a6:
6b:f9:3d:65:cf:b1:61:aa:75:fa:89:ba:b7:e6:e1:
79:ea:15:88:26:0d:a2:b8:31:da:8e:af:a8:d4:b0:
b0:49:c2:66:b4:bf:8f:eb:b2:0b:32:cb:e0:5c:b4:
95:17:34:88:ee:de:42:d4:54:74:a5:dd:56:d0:e7:
b6:91:c7:75:43:52:40:a0:23:bc:5c:7e:68:1d:c4:
03:95:4d:c6:b3:1b:7b:1d:67:03:5b:83:7b:34:0a:
7c:d1:1c:f8:08:81:a6:44:32:3c:fa:eb:ad:c0:57:
c2:5b:ce:cd:39:19:95:28:5a:91:16:8e:d9:84:9b:
47:71:9b:07:eb:44:2a:32:40:95:92:04:cd:8e:5f:
10:52:c8:05:45:34:69:9f:d7:3b:63:74:81:ee:6c:
a5:50:ff:82:1d:33:34:4d:e8:b4:b4:cf:9a:bc:58:
c0:01:78:20:a6:f6:df:a3:17:73:da:af:47:2b:08:
8b:65:54:53:8d:b5:d4:0d:4c:f1:24:b1:87:95:0d:
4a:70:a0:87:47:72:69:8f:0e:b0:97:cd:34:b3:5b:
df:60:12:39:a3:1a:db:ac:5b:ad:5c:af:12:59:75:
ce:0b:01:d6:91:9c:bf:bc:9b:0f:42:31:79:65:6d:
09:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:5D:07:FC:D5:C0:00:3D:62:FE:0A:61:9D:63:60:DD:6A:BF:CE:F5
X509v3 Authority Key Identifier:
keyid:3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/O10H_NXAAD1i_gphnWNg3Wq_zvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.184.0/21
91.194.116.0/23
176.56.160.0/19
185.65.172.0/22
193.33.70.0/23
195.189.120.0/22
IPv6:
2a03:9d40::/32
Signature Algorithm: sha256WithRSAEncryption
1b:98:4c:92:b2:5d:03:eb:4d:8e:05:9d:f5:bf:e7:94:9c:18:
10:d4:ae:2f:24:5b:94:ff:fa:35:b3:9d:85:8b:b9:fa:fb:4b:
b1:ce:51:c5:1b:0f:5d:47:55:d1:b1:b4:60:18:5d:54:51:35:
8f:fe:86:4b:c8:23:62:b7:2c:8d:98:35:61:b3:43:7c:e0:3b:
2b:bd:01:5b:ac:5f:31:64:75:3d:55:42:a2:0d:e4:75:71:6c:
fa:8e:ac:21:de:1e:46:77:70:59:79:9d:4e:f6:a2:06:4e:71:
48:96:64:f9:75:dd:0a:b3:13:eb:be:01:21:b0:04:47:98:85:
3c:3f:47:d1:78:8e:e9:a1:45:3c:f9:3c:45:e5:bc:5c:37:21:
c1:2c:87:b9:c4:c6:8d:91:ef:4f:fb:8f:42:1f:55:31:38:47:
3d:b8:1c:f3:6c:57:5f:3a:e8:37:2a:3f:a5:ad:4e:a9:10:07:
2c:b2:a7:1e:49:1b:58:37:7f:8b:b7:dc:a6:07:f0:32:33:c0:
85:fe:0c:45:c3:06:87:c1:93:d7:6c:66:2b:61:81:4d:79:98:
45:ab:fa:89:89:f6:d7:c7:7a:ec:f6:8c:84:cf:d9:2a:b9:af:
06:2e:f0:63:7f:11:a2:b3:60:55:a7:a0:d8:d4:10:57:2f:1f:
f0:89:1d:63
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQlj3myGzlSq2AlcXHNZ4f+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjBjNzAwZDk4ZDc2YTljNjQwMTczODg5ZjkzNjdkYTlk
ZTg5OTcwHhcNMjUwMTAyMDU0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjVkMDdmY2Q1YzAwMDNkNjJmZTBhNjE5ZDYzNjBkZDZhYmZjZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5gTY/jrJFbza0tca6Zr+T1lz7Fh
qnX6ibq35uF56hWIJg2iuDHajq+o1LCwScJmtL+P67ILMsvgXLSVFzSI7t5C1FR0
pd1W0Oe2kcd1Q1JAoCO8XH5oHcQDlU3Gsxt7HWcDW4N7NAp80Rz4CIGmRDI8+uut
wFfCW87NORmVKFqRFo7ZhJtHcZsH60QqMkCVkgTNjl8QUsgFRTRpn9c7Y3SB7myl
UP+CHTM0Tei0tM+avFjAAXggpvbfoxdz2q9HKwiLZVRTjbXUDUzxJLGHlQ1KcKCH
R3Jpjw6wl800s1vfYBI5oxrbrFutXK8SWXXOCwHWkZy/vJsPQjF5ZW0J3wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDtdB/zVwAA9Yv4KYZ1jYN1qv871MB8GA1UdIwQY
MBaAFD4gxwDZjXapxkAXOIn5Nn2p3omXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5Njgt
ZTQ2ZDhkMTZhMTVmLzEvTzEwSF9OWEFBRDFpX2dwaG5XTmczV3FfenZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5NjgtZTQ2ZDhkMTZhMTVm
LzEvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV++4AwQB
W8J0AwQFsDigAwQCuUGsAwQBwSFGAwQCw714MA0EAgACMAcDBQAqA51AMA0GCSqG
SIb3DQEBCwUAA4IBAQAbmEySsl0D602OBZ31v+eUnBgQ1K4vJFuU//o1s52Fi7n6
+0uxzlHFGw9dR1XRsbRgGF1UUTWP/oZLyCNityyNmDVhs0N84DsrvQFbrF8xZHU9
VUKiDeR1cWz6jqwh3h5Gd3BZeZ1O9qIGTnFIlmT5dd0KsxPrvgEhsARHmIU8P0fR
eI7poUU8+TxF5bxcNyHBLIe5xMaNke9P+49CH1UxOEc9uBzzbFdfOug3Kj+lrU6p
EAcssqceSRtYN3+Lt9ymB/AyM8CF/gxFwwaHwZPXbGYrYYFNeZhFq/qJifbXx3rs
9oyEz9kqua8GLvBjfxGis2BVp6DY1BBXLx/wiR1j
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:35 2025 by rpki-client