Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/O-S-dPXUX8oENZUa50MVpg07C10.roa
File: O-S-dPXUX8oENZUa50MVpg07C10.roa (raw, json)
Hash identifier: Bc02V5NQruEwZkalpsD7ITX5YY1VH3b1KWoHI0WBY1s=
Subject key identifier: 3B:E4:BE:74:F5:D4:5F:CA:04:35:95:1A:E7:43:15:A6:0D:3B:0B:5D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0341E0FD
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/O-S-dPXUX8oENZUa50MVpg07C10.roa
Signing time: Tue 12 Apr 2022 19:27:03 +0000
ROA not before: Tue 12 Apr 2022 19:27:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 85.158.145.0/24 maxlen: 24
5.178.4.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
109.205.211.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
5.10.243.0/24 maxlen: 24
5.10.246.0/24 maxlen: 24
5.10.249.0/24 maxlen: 24
5.10.252.0/24 maxlen: 24
5.10.255.0/24 maxlen: 24
88.151.197.0/24 maxlen: 24
88.151.198.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
88.151.196.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
164.215.96.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
164.215.98.0/24 maxlen: 24
164.215.99.0/24 maxlen: 24
5.10.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54649085 (0x341e0fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 12 19:27:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3be4be74f5d45fca0435951ae74315a60d3b0b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ba:e0:f2:b2:d6:3b:7e:ea:1f:7d:4f:f8:62:
c6:09:da:a5:e7:21:5f:09:dc:90:fe:ca:3e:2a:8b:
c2:ff:97:40:87:81:a2:3e:ba:75:5a:db:47:05:b2:
eb:db:13:8e:dc:fc:b0:0c:92:56:66:5d:6c:bf:08:
44:e3:d3:09:08:88:0b:6f:68:93:ef:96:d5:25:d0:
50:a0:b2:a7:3c:5e:14:21:a4:3c:df:a9:88:1f:13:
cc:e5:a3:92:eb:3c:63:58:dd:80:85:fc:73:3e:90:
b8:66:f3:c6:d6:cb:ff:c7:05:69:9d:67:93:1b:1b:
2a:c9:e9:df:b5:db:d1:35:b5:de:f6:92:65:80:77:
0e:57:19:35:e3:ff:c9:ba:17:63:15:e9:15:aa:24:
6b:91:c8:5a:0c:24:99:34:10:e2:40:f2:b5:43:9c:
9d:b6:6c:c8:ba:9f:4f:f7:f2:50:69:e0:b0:f4:72:
d9:2d:a8:7c:bc:1c:53:cc:51:bf:25:1d:ac:01:59:
24:0b:ec:b9:10:e3:1f:00:9a:4a:b4:13:e8:2f:db:
c8:74:08:fc:7b:59:e6:a4:b5:08:b8:57:20:90:68:
c2:72:2b:b2:d6:84:fc:ad:67:da:aa:a9:47:f7:0e:
23:88:e0:15:4f:99:31:51:36:13:71:6f:78:3f:cf:
9a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E4:BE:74:F5:D4:5F:CA:04:35:95:1A:E7:43:15:A6:0D:3B:0B:5D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/O-S-dPXUX8oENZUa50MVpg07C10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/24
5.10.243.0/24
5.10.246.0/24
5.10.249.0/24
5.10.252.0/24
5.10.255.0/24
5.178.4.0/22
85.158.145.0/24
88.151.195.0-88.151.199.255
109.205.211.0-109.205.212.255
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:f8:a0:c8:35:6c:3e:c0:93:e1:d9:d8:b4:cd:d4:45:e8:ae:
a2:75:8b:04:50:92:e3:56:a9:e5:51:50:53:bd:ed:20:fb:8e:
e9:42:07:71:1b:e8:af:ef:45:c2:69:aa:0e:52:b2:58:c4:6f:
6a:6a:30:f7:ad:e4:c9:b4:43:fd:ae:d4:24:bf:a6:ae:85:d2:
8d:48:38:22:2a:0a:6f:e6:2c:3c:0c:a5:89:b8:da:06:f3:1e:
61:d7:11:bf:68:26:7d:13:22:2b:8b:1e:1b:68:f0:40:f0:e9:
41:10:c8:bd:8b:4d:97:4d:31:cf:1b:e9:63:d1:7c:97:dd:ae:
8f:fa:68:40:a9:de:49:23:bb:f1:3d:02:00:f2:65:91:6f:65:
2a:15:b9:2c:ea:ab:56:7d:f1:44:bf:7b:55:ee:b5:f2:ce:2c:
f8:e8:fc:06:c7:ab:40:7a:06:96:8d:1a:2c:a6:bb:0a:6c:1c:
a1:c9:c5:75:16:8e:7a:61:36:5b:52:20:56:29:66:cf:6a:a1:
b1:58:ba:7e:89:c4:5d:dc:3b:f9:4e:c1:90:8f:03:50:c4:af:
95:15:75:e1:0b:f3:36:ce:e7:b7:6f:6b:70:94:8c:a1:a0:3e:
14:07:89:ad:6f:da:dd:b1:8c:1c:42:aa:aa:54:39:c0:07:aa:
f7:89:11:1c
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIEA0Hg/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDQx
MjE5MjcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JlNGJlNzRmNWQ0
NWZjYTA0MzU5NTFhZTc0MzE1YTYwZDNiMGI1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO664PKy1jt+6h99T/hixgnapechXwnckP7KPiqLwv+XQIeB
oj66dVrbRwWy69sTjtz8sAySVmZdbL8IROPTCQiIC29ok++W1SXQUKCypzxeFCGk
PN+piB8TzOWjkus8Y1jdgIX8cz6QuGbzxtbL/8cFaZ1nkxsbKsnp37Xb0TW13vaS
ZYB3DlcZNeP/yboXYxXpFaoka5HIWgwkmTQQ4kDytUOcnbZsyLqfT/fyUGngsPRy
2S2ofLwcU8xRvyUdrAFZJAvsuRDjHwCaSrQT6C/byHQI/HtZ5qS1CLhXIJBownIr
staE/K1n2qqpR/cOI4jgFU+ZMVE2E3FveD/Pml8CAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBQ75L509dRfygQ1lRrnQxWmDTsLXTAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
L08tUy1kUFhVWDhvRU5aVWE1ME1WcGcwN0MxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowWAQCAAEwUgMEAAUK8AMEAAUK8wMEAAUK9gMEAAUK
+QMEAAUK/AMEAAUK/wMEAgWyBAMEAFWekTAMAwQAWJfDAwQDWJfAMAwDBABtzdMD
BABtzdQDBAKk12AwDQYJKoZIhvcNAQELBQADggEBAK34oMg1bD7Ak+HZ2LTN1EXo
rqJ1iwRQkuNWqeVRUFO97SD7julCB3Eb6K/vRcJpqg5SsljEb2pqMPet5Mm0Q/2u
1CS/pq6F0o1IOCIqCm/mLDwMpYm42gbzHmHXEb9oJn0TIiuLHhto8EDw6UEQyL2L
TZdNMc8b6WPRfJfdro/6aECp3kkju/E9AgDyZZFvZSoVuSzqq1Z98US/e1XutfLO
LPjo/AbHq0B6BpaNGiymuwpsHKHJxXUWjnphNltSIFYpZs9qobFYun6JxF3cO/lO
wZCPA1DEr5UVdeEL8zbO57dva3CUjKGgPhQHia1v2t2xjBxCqqpUOcAHqveJERw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:46 2025 by rpki-client