Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/oHODWhLkbstYmHHTrRBipwqnvTo.roa
File: oHODWhLkbstYmHHTrRBipwqnvTo.roa (raw, json)
Hash identifier: wd/odOWkp9lyla6nYjQJnZVQnKQTNhUaf6/rJbiaciM=
Subject key identifier: A0:73:83:5A:12:E4:6E:CB:58:98:71:D3:AD:10:62:A7:0A:A7:BD:3A
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 019517A289A67D0250C7714EBEDABAFAB85E
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/oHODWhLkbstYmHHTrRBipwqnvTo.roa
Signing time: Tue 18 Feb 2025 05:58:02 +0000
ROA not before: Tue 18 Feb 2025 05:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.136.37.0/24 maxlen: 24
45.136.38.0/24 maxlen: 24
45.136.39.0/24 maxlen: 24
185.38.26.0/24 maxlen: 24
185.38.27.0/24 maxlen: 24
194.31.165.0/24 maxlen: 24
194.31.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:17:a2:89:a6:7d:02:50:c7:71:4e:be:da:ba:fa:b8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Feb 18 05:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a073835a12e46ecb589871d3ad1062a70aa7bd3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6e:c7:ed:c4:c2:4e:26:97:65:2c:86:36:dd:
f0:01:2c:db:d5:e0:8b:a8:3b:88:34:62:d6:5b:ae:
2a:4e:a1:f2:41:82:ac:e3:20:19:96:e6:18:71:f4:
6f:69:01:57:8c:33:c5:9d:3d:76:2e:c9:6d:11:9f:
9f:58:ab:70:fb:6b:db:a7:a6:c6:56:02:1f:44:70:
e9:69:86:48:f8:85:d3:9f:62:56:93:00:c0:c3:80:
aa:61:82:92:69:d6:cd:cc:e7:73:3e:64:c6:52:e2:
d3:35:3d:9c:d2:c7:e0:79:cd:1c:b2:18:6a:8b:c2:
d5:55:31:0f:f9:a1:0b:86:89:f7:6d:7f:d3:1d:1a:
ca:98:53:80:a1:1f:8f:79:81:29:ba:9f:b7:c1:4b:
29:29:aa:0a:e8:d1:5b:65:1c:f4:85:85:fe:cd:4e:
6a:bf:a8:35:0d:c0:5c:07:57:8e:f0:68:9a:d0:e8:
b9:42:24:cd:25:58:63:67:f6:55:72:06:fb:b0:9c:
1d:8d:13:89:60:3c:df:fc:52:be:b7:b3:c9:c7:98:
1b:62:d6:21:8b:03:59:ca:18:76:c9:4d:97:b6:ac:
40:d1:47:66:ca:ef:da:b8:1e:c2:f1:85:ed:fb:96:
10:10:9a:bb:fd:06:8d:cb:f2:75:34:ad:e0:a8:d3:
7e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:73:83:5A:12:E4:6E:CB:58:98:71:D3:AD:10:62:A7:0A:A7:BD:3A
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/oHODWhLkbstYmHHTrRBipwqnvTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.37.0-45.136.39.255
185.38.26.0/23
194.31.165.0/24
194.31.167.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:09:8f:70:8c:11:04:15:f6:51:0e:b5:0c:7f:98:c5:ab:eb:
50:8c:f1:5a:e5:b2:24:00:fd:fe:58:a3:83:1e:80:3b:02:e7:
6e:38:1e:0b:e0:59:37:43:02:95:7c:7b:e4:1b:19:9a:f3:dc:
50:19:ec:01:56:cd:04:31:e4:53:be:cd:12:2e:79:20:03:b0:
4d:1d:78:dd:d5:b9:50:3f:ac:0c:f2:ed:74:94:eb:e3:9b:0a:
01:7d:ee:9a:9a:f2:d7:28:71:3c:72:7e:af:43:7a:ff:a2:2d:
3e:33:78:88:cd:51:57:cb:2d:bf:2f:d6:dc:63:d4:32:d0:ac:
16:6b:a5:94:a5:8d:97:7f:db:c6:07:31:bd:df:5b:6b:ab:b4:
4f:b7:11:ca:5f:d5:51:99:4b:e8:ae:a0:4e:76:16:15:7b:47:
b1:2b:03:b2:98:7d:08:a5:81:3f:e7:c3:20:a6:a1:56:a9:b1:
22:71:36:7c:73:15:ad:42:2c:12:b5:0b:ec:cf:cf:bf:54:74:
ff:c7:73:c6:5e:ac:1c:8e:eb:ba:89:bb:30:35:ef:9c:68:16:
ae:33:2b:24:09:dd:89:a8:91:c7:33:ad:ce:b5:ee:da:1e:88:
8a:1a:24:00:5b:a4:f3:8b:ce:f9:35:e6:7d:e5:37:1c:7f:f1:
b3:5b:31:b9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZUXoommfQJQx3FOvtq6+rheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwMjE4MDU1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDczODM1YTEyZTQ2ZWNiNTg5ODcxZDNhZDEwNjJhNzBhYTdiZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G7H7cTCTiaXZSyGNt3wASzb1eCL
qDuINGLWW64qTqHyQYKs4yAZluYYcfRvaQFXjDPFnT12LsltEZ+fWKtw+2vbp6bG
VgIfRHDpaYZI+IXTn2JWkwDAw4CqYYKSadbNzOdzPmTGUuLTNT2c0sfgec0cshhq
i8LVVTEP+aELhon3bX/THRrKmFOAoR+PeYEpup+3wUspKaoK6NFbZRz0hYX+zU5q
v6g1DcBcB1eO8Gia0Oi5QiTNJVhjZ/ZVcgb7sJwdjROJYDzf/FK+t7PJx5gbYtYh
iwNZyhh2yU2XtqxA0Udmyu/auB7C8YXt+5YQEJq7/QaNy/J1NK3gqNN+GQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKBzg1oS5G7LWJhx060QYqcKp706MB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvb0hPRFdoTGtic3RZbUhIVHJSQmlwd3FudlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAtiCUD
BAMtiCADBAG5JhoDBADCH6UDBADCH6cwDQYJKoZIhvcNAQELBQADggEBAJ4Jj3CM
EQQV9lEOtQx/mMWr61CM8VrlsiQA/f5Yo4MegDsC5244HgvgWTdDApV8e+QbGZrz
3FAZ7AFWzQQx5FO+zRIueSADsE0deN3VuVA/rAzy7XSU6+ObCgF97pqa8tcocTxy
fq9Dev+iLT4zeIjNUVfLLb8v1txj1DLQrBZrpZSljZd/28YHMb3fW2urtE+3Ecpf
1VGZS+iuoE52FhV7R7ErA7KYfQilgT/nwyCmoVapsSJxNnxzFa1CLBK1C+zPz79U
dP/Hc8ZerByO67qJuzA175xoFq4zKyQJ3Ymokcczrc617toeiIoaJABbpPOLzvk1
5n3lNxx/8bNbMbk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:57:42 2025 by rpki-client