Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/oh3SppIs_ckVmap0u5wbLmGFMT4.roa
File: oh3SppIs_ckVmap0u5wbLmGFMT4.roa (raw, json)
Hash identifier: G4fX5sBc44O5zr4Vqzv7Ro4WibWYKzccPaDK0lJpc2s=
Subject key identifier: A2:1D:D2:A6:92:2C:FD:C9:15:99:AA:74:BB:9C:1B:2E:61:85:31:3E
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 0635467D
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/oh3SppIs_ckVmap0u5wbLmGFMT4.roa
Signing time: Sat 01 Jan 2022 10:05:32 +0000
ROA not before: Sat 01 Jan 2022 10:05:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48095
IP address blocks: 152.89.130.0/23 maxlen: 23
152.89.128.0/23 maxlen: 23
92.118.42.0/23 maxlen: 23
92.118.40.0/23 maxlen: 23
77.83.170.0/23 maxlen: 23
77.83.168.0/23 maxlen: 23
45.66.238.0/23 maxlen: 23
45.66.236.0/23 maxlen: 23
194.59.202.0/23 maxlen: 23
194.59.200.0/23 maxlen: 23
185.252.168.0/22 maxlen: 22
86.62.58.0/23 maxlen: 23
185.234.4.0/22 maxlen: 22
86.62.56.0/23 maxlen: 23
193.47.236.0/22 maxlen: 22
5.253.118.0/23 maxlen: 23
5.253.116.0/23 maxlen: 23
46.175.152.0/22 maxlen: 22
85.208.122.0/23 maxlen: 23
85.208.120.0/23 maxlen: 23
81.16.128.0/22 maxlen: 22
2.56.50.0/23 maxlen: 23
2.56.48.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104154749 (0x635467d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Jan 1 10:05:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a21dd2a6922cfdc91599aa74bb9c1b2e6185313e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7f:bb:60:ab:56:a7:d3:6d:72:8e:d6:54:35:
3d:78:63:64:bf:b2:03:34:64:81:69:52:9a:09:97:
25:12:09:8b:a5:b9:7a:fb:7d:77:d7:20:b3:e4:ca:
88:07:83:f0:d2:85:4d:8c:e6:1b:56:8f:ca:9f:8b:
cd:e5:8a:77:c3:e5:20:14:40:24:a3:d4:88:96:ed:
f3:58:7e:0d:53:fb:3c:ec:c7:34:51:05:0c:d3:d5:
aa:d6:c6:21:db:1f:69:3c:65:61:20:96:65:0e:97:
80:10:73:e2:95:81:5f:64:78:4c:80:d9:ad:ba:9b:
25:e3:e0:e8:67:1f:81:48:cd:f0:f2:cd:db:f7:90:
62:b8:77:ac:c3:33:8e:35:1d:50:bc:6c:bc:51:4e:
1d:4f:00:aa:be:e4:0f:12:45:ad:3d:a2:80:bd:ad:
16:0e:c6:9d:96:d5:b6:cc:38:93:8a:9c:cf:97:98:
08:31:aa:47:dc:40:31:d2:56:4e:43:ae:40:49:94:
e6:4d:10:27:8b:cf:a7:20:05:a0:df:bf:7f:f2:fa:
e3:96:2d:b1:82:61:d8:33:7a:66:83:ec:6a:0a:0d:
33:83:9e:58:b5:09:f2:4e:af:ef:bc:e5:0d:bd:c5:
88:b4:9e:77:3a:9e:58:c0:88:6e:88:ab:fd:76:fc:
04:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1D:D2:A6:92:2C:FD:C9:15:99:AA:74:BB:9C:1B:2E:61:85:31:3E
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/oh3SppIs_ckVmap0u5wbLmGFMT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.48.0/22
5.253.116.0/22
45.66.236.0/22
46.175.152.0/22
77.83.168.0/22
81.16.128.0/22
85.208.120.0/22
86.62.56.0/22
92.118.40.0/22
152.89.128.0/22
185.234.4.0/22
185.252.168.0/22
193.47.236.0/22
194.59.200.0/22
Signature Algorithm: sha256WithRSAEncryption
58:a2:de:c4:e0:29:a7:6f:17:97:96:2b:71:a7:fa:36:d0:17:
4e:eb:98:09:3b:ae:2b:54:65:e5:e7:f8:76:7b:e4:39:db:cc:
ec:b0:73:2b:1d:0d:28:81:a5:14:c3:32:ae:13:c1:ff:66:9f:
68:c4:7c:c7:58:38:18:ca:d3:6d:45:fa:0b:95:43:fb:5c:e1:
02:ee:55:c4:f4:84:ce:d7:ba:63:a7:6c:bd:ac:27:fc:a4:78:
65:56:13:44:ef:9d:67:0a:3a:81:3a:b1:dc:2b:43:7f:a8:a7:
25:88:c7:23:d8:aa:64:1c:99:53:13:ae:f1:1d:2b:7f:c2:80:
95:13:ea:6f:07:fa:1d:52:24:0a:03:c4:90:ea:89:54:8c:22:
aa:1c:5d:2e:6b:d8:91:44:06:84:da:1c:37:60:b1:ee:0c:f9:
c3:48:79:c4:7f:b2:84:40:91:e2:f4:14:6a:a0:5a:db:04:bc:
6d:85:76:e9:55:ec:f2:dc:83:51:84:1f:0d:83:b0:32:85:02:
98:28:f8:ea:3a:b1:ea:61:c2:49:25:f9:00:47:db:15:ca:b9:
d5:d0:89:f3:87:d6:2c:f1:1c:d9:e8:e1:b5:87:b6:6c:3b:f2:
92:37:9a:d0:df:ed:68:b7:1a:86:13:aa:a0:87:7b:05:00:81:
cd:c6:4f:02
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEBjVGfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Yzc4MjFlMWJjYmY2ZTA3NGVhNDgxNGFhYTVjNjNlM2JhODEzYzVmMB4XDTIyMDEw
MTEwMDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTIxZGQyYTY5MjJj
ZmRjOTE1OTlhYTc0YmI5YzFiMmU2MTg1MzEzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANl/u2CrVqfTbXKO1lQ1PXhjZL+yAzRkgWlSmgmXJRIJi6W5
evt9d9cgs+TKiAeD8NKFTYzmG1aPyp+LzeWKd8PlIBRAJKPUiJbt81h+DVP7POzH
NFEFDNPVqtbGIdsfaTxlYSCWZQ6XgBBz4pWBX2R4TIDZrbqbJePg6GcfgUjN8PLN
2/eQYrh3rMMzjjUdULxsvFFOHU8Aqr7kDxJFrT2igL2tFg7GnZbVtsw4k4qcz5eY
CDGqR9xAMdJWTkOuQEmU5k0QJ4vPpyAFoN+/f/L645YtsYJh2DN6ZoPsagoNM4Oe
WLUJ8k6v77zlDb3FiLSedzqeWMCIboir/Xb8BMkCAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBSiHdKmkiz9yRWZqnS7nBsuYYUxPjAfBgNVHSMEGDAWgBTceCHhvL9uB06k
gUqqXGPjuoE8XzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNIZ2g0YnlfYmdkT3BJRktxbHhqNDdxQlBGOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvOWRhZmY0LWYxNTgtNDgwZi1iNDFmLWQ0OGI0MmVmMTU5Yi8x
L29oM1NwcElzX2NrVm1hcDB1NXdiTG1HRk1UNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
OWRhZmY0LWYxNTgtNDgwZi1iNDFmLWQ0OGI0MmVmMTU5Yi8xLzNIZ2g0YnlfYmdk
T3BJRktxbHhqNDdxQlBGOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAgI4MAMEAgX9dAMEAi1C7AMEAi6v
mAMEAk1TqAMEAlEQgAMEAlXQeAMEAlY+OAMEAlx2KAMEAphZgAMEArnqBAMEArn8
qAMEAsEv7AMEAsI7yDANBgkqhkiG9w0BAQsFAAOCAQEAWKLexOApp28Xl5Yrcaf6
NtAXTuuYCTuuK1Rl5ef4dnvkOdvM7LBzKx0NKIGlFMMyrhPB/2afaMR8x1g4GMrT
bUX6C5VD+1zhAu5VxPSEzte6Y6dsvawn/KR4ZVYTRO+dZwo6gTqx3CtDf6inJYjH
I9iqZByZUxOu8R0rf8KAlRPqbwf6HVIkCgPEkOqJVIwiqhxdLmvYkUQGhNocN2Cx
7gz5w0h5xH+yhECR4vQUaqBa2wS8bYV26VXs8tyDUYQfDYOwMoUCmCj46jqx6mHC
SSX5AEfbFcq51dCJ84fWLPEc2ejhtYe2bDvykjea0N/taLcahhOqoId7BQCBzcZP
Ag==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:43 2025 by rpki-client