Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/oIKeScBXNP08SzFzC94DmvUIs80.roa
File: oIKeScBXNP08SzFzC94DmvUIs80.roa (raw, json)
Hash identifier: NFvZgh8Blc1rDmTWkTD21o0JAYAkx72d5ckrzpZJxzc=
Subject key identifier: A0:82:9E:49:C0:57:34:FD:3C:4B:31:73:0B:DE:03:9A:F5:08:B3:CD
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 0194228E2F1AF5F58B218024440A2209B4CF
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/oIKeScBXNP08SzFzC94DmvUIs80.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44066
IP address blocks: 31.172.80.0/20 maxlen: 32
37.114.96.0/19 maxlen: 32
79.133.32.0/19 maxlen: 32
82.211.0.0/18 maxlen: 32
82.211.17.0/24 maxlen: 32
84.200.0.0/16 maxlen: 32
84.200.39.0/24 maxlen: 32
84.200.205.0/24 maxlen: 32
84.201.0.0/18 maxlen: 32
84.201.17.0/24 maxlen: 32
84.201.18.0/24 maxlen: 32
159.100.0.0/19 maxlen: 32
185.26.96.0/22 maxlen: 32
185.171.204.0/22 maxlen: 32
194.143.134.0/23 maxlen: 32
194.187.164.0/22 maxlen: 32
212.224.64.0/18 maxlen: 32
2001:1608::/32 maxlen: 48
2001:1638::/32 maxlen: 48
2a01:7e0::/29 maxlen: 48
2a01:7e0::/32 maxlen: 32
2a01:7e0:2f::/48 maxlen: 48
2a01:7e0:1fc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2f:1a:f5:f5:8b:21:80:24:44:0a:22:09:b4:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0829e49c05734fd3c4b31730bde039af508b3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d5:b7:c3:61:ba:1c:d2:57:04:53:d4:55:1b:
a7:a0:7c:8a:21:9c:80:05:29:25:ce:7a:8a:7d:f3:
e1:a9:21:46:ca:58:22:85:c8:e9:0e:c5:96:91:d0:
af:7c:a3:af:03:e4:b8:72:16:7b:7d:2e:ca:4e:69:
2e:27:0e:79:19:30:77:c7:58:84:d1:d3:4a:38:a5:
a4:94:a2:fa:7e:6f:df:76:24:d7:7f:13:90:45:00:
2c:83:81:fd:39:28:29:81:64:9f:63:a4:14:a4:3d:
b7:02:37:e0:c1:41:78:f8:08:f1:61:9e:13:22:69:
51:7a:79:9d:14:7d:26:35:e6:f7:37:a4:6f:f0:1b:
99:67:08:d7:74:0e:7b:e9:05:b7:c8:f3:4e:5e:a6:
52:07:f4:61:75:27:65:da:b5:81:0b:00:e6:0b:6e:
1a:69:79:fa:0a:d7:2a:ba:d6:c3:53:41:20:cc:c0:
91:e9:bc:a8:b1:da:f9:05:40:67:4a:e0:49:35:ce:
ec:27:96:0f:02:f1:a9:aa:b3:2f:86:88:03:ec:06:
d8:a6:d0:e2:3d:25:5e:6e:89:f8:66:37:21:06:ac:
23:07:b1:10:02:4a:2a:6f:11:f7:c4:ee:82:63:7c:
cb:8c:27:62:da:ec:6d:ff:bb:03:a3:fa:52:f5:3f:
c9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:82:9E:49:C0:57:34:FD:3C:4B:31:73:0B:DE:03:9A:F5:08:B3:CD
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/oIKeScBXNP08SzFzC94DmvUIs80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.80.0/20
37.114.96.0/19
79.133.32.0/19
82.211.0.0/18
84.200.0.0-84.201.63.255
159.100.0.0/19
185.26.96.0/22
185.171.204.0/22
194.143.134.0/23
194.187.164.0/22
212.224.64.0/18
IPv6:
2001:1608::/32
2001:1638::/32
2a01:7e0::/29
Signature Algorithm: sha256WithRSAEncryption
c2:b8:db:7c:b9:5a:00:72:b6:0e:9d:7a:98:c1:e3:8d:ab:57:
70:cd:13:16:24:46:a8:2e:0b:f7:c4:da:fe:1b:fc:33:45:06:
63:c3:65:2d:57:34:1f:43:89:77:ab:f0:7c:07:aa:8f:23:3b:
1c:6a:58:40:c0:fe:6b:34:e4:d0:30:71:9f:74:45:59:06:7b:
2e:5d:4a:f6:3e:a4:ae:84:41:22:c5:28:d0:a9:cb:47:a2:5b:
94:f9:aa:ff:ec:27:d3:49:41:63:e0:6d:d9:02:ad:e2:2d:28:
a7:6e:24:93:42:86:76:5c:d3:a0:98:02:59:9d:ad:dd:aa:45:
d8:db:47:c9:05:64:76:65:a4:99:49:ed:fb:92:b5:d3:a4:71:
53:da:ce:19:73:21:98:f1:94:3a:7d:cc:d9:ec:4d:22:ab:ac:
1a:4f:a2:32:e6:55:61:8b:6b:12:48:32:66:99:f3:5d:a1:1a:
93:75:5e:76:c0:d7:30:42:ad:03:06:a1:f0:25:0d:88:29:c5:
cb:56:6b:65:be:c8:af:e4:3f:e6:74:de:d0:19:8f:97:88:69:
96:82:6f:c3:7c:36:19:85:2b:a3:33:69:06:01:3f:48:f0:9a:
f4:f1:22:98:2b:22:27:7b:a8:d7:27:6e:03:d9:32:1f:5a:60:
01:ed:f2:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQiji8a9fWLIYAkRAoiCbTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDgyOWU0OWMwNTczNGZkM2M0YjMxNzMwYmRlMDM5YWY1MDhiM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutW3w2G6HNJXBFPUVRunoHyKIZyA
BSklznqKffPhqSFGylgihcjpDsWWkdCvfKOvA+S4chZ7fS7KTmkuJw55GTB3x1iE
0dNKOKWklKL6fm/fdiTXfxOQRQAsg4H9OSgpgWSfY6QUpD23AjfgwUF4+AjxYZ4T
ImlRenmdFH0mNeb3N6Rv8BuZZwjXdA576QW3yPNOXqZSB/RhdSdl2rWBCwDmC24a
aXn6CtcqutbDU0EgzMCR6byosdr5BUBnSuBJNc7sJ5YPAvGpqrMvhogD7AbYptDi
PSVebon4ZjchBqwjB7EQAkoqbxH3xO6CY3zLjCdi2uxt/7sDo/pS9T/JOQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFKCCnknAVzT9PEsxcwveA5r1CLPNMB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvb0lLZVNjQlhOUDA4U3pGekM5NERtdlVJczgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBPBAIAATBJAwQEH6xQAwQF
JXJgAwQFT4UgAwQGUtMAMAsDAwNUyAMEBlTJAAMEBZ9kAAMEArkaYAMEArmrzAME
AcKPhgMEAsK7pAMEBtTgQDAbBAIAAjAVAwUAIAEWCAMFACABFjgDBQMqAQfgMA0G
CSqGSIb3DQEBCwUAA4IBAQDCuNt8uVoAcrYOnXqYweONq1dwzRMWJEaoLgv3xNr+
G/wzRQZjw2UtVzQfQ4l3q/B8B6qPIzscalhAwP5rNOTQMHGfdEVZBnsuXUr2PqSu
hEEixSjQqctHoluU+ar/7CfTSUFj4G3ZAq3iLSinbiSTQoZ2XNOgmAJZna3dqkXY
20fJBWR2ZaSZSe37krXTpHFT2s4ZcyGY8ZQ6fczZ7E0iq6waT6Iy5lVhi2sSSDJm
mfNdoRqTdV52wNcwQq0DBqHwJQ2IKcXLVmtlvsiv5D/mdN7QGY+XiGmWgm/DfDYZ
hSujM2kGAT9I8Jr08SKYKyIne6jXJ24D2TIfWmAB7fKV
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:31:25 2025 by rpki-client