Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/O4PSH-N8yj0S93DKDu2LBJ5eAtI.roa
File: O4PSH-N8yj0S93DKDu2LBJ5eAtI.roa (raw, json)
Hash identifier: ASz/XoDRdaxMh3dSkJ1mqbsS8mqFUZOBdc4xyp39gUE=
Subject key identifier: 3B:83:D2:1F:E3:7C:CA:3D:12:F7:70:CA:0E:ED:8B:04:9E:5E:02:D2
Certificate issuer: /CN=133cd7c1a9c79c82eee5c86a423c17c1d63c3413
Certificate serial: 01942521DF5C4BF93FC824F80C0153AE7D80
Authority key identifier: 13:3C:D7:C1:A9:C7:9C:82:EE:E5:C8:6A:42:3C:17:C1:D6:3C:34:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EzzXwanHnILu5chqQjwXwdY8NBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/O4PSH-N8yj0S93DKDu2LBJ5eAtI.roa
Signing time: Thu 02 Jan 2025 03:49:24 +0000
ROA not before: Thu 02 Jan 2025 03:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 185.5.44.0/24 maxlen: 24
185.5.46.0/24 maxlen: 24
185.5.47.0/24 maxlen: 24
2a02:7ac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:df:5c:4b:f9:3f:c8:24:f8:0c:01:53:ae:7d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=133cd7c1a9c79c82eee5c86a423c17c1d63c3413
Validity
Not Before: Jan 2 03:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b83d21fe37cca3d12f770ca0eed8b049e5e02d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:29:7b:9c:e5:bd:6d:e3:af:40:29:5f:cb:36:
c4:e9:93:86:d5:50:e0:51:ca:29:04:b8:1a:38:56:
21:c7:b7:f0:c0:a4:95:2f:f3:ee:16:f1:c2:2c:f9:
bb:0d:41:c2:95:45:11:84:d8:b4:0c:f0:62:54:c6:
a3:fd:eb:14:66:84:d3:98:33:53:5b:23:4e:43:a6:
a6:d5:df:5f:07:c2:41:7f:2b:06:7d:1a:d5:e6:58:
a7:69:cc:5a:ca:0a:eb:d3:5b:fe:83:73:c8:52:41:
2f:34:f7:c4:12:40:5f:1f:27:94:04:19:fc:c9:06:
f6:8e:a2:0f:6a:12:42:74:81:16:df:66:f9:7e:65:
0b:f0:2e:e3:46:6e:ac:da:3f:31:3b:82:19:e0:c3:
b6:93:b8:6e:7d:5b:4c:57:f7:38:69:e3:a0:34:d9:
7d:a3:34:76:41:d8:15:1e:04:ea:d0:9a:ab:41:0b:
5f:80:73:16:64:56:1f:1d:2d:4d:b3:ac:ac:b9:f9:
8f:f0:47:6a:67:35:fd:7c:81:a1:cb:41:33:3e:4a:
da:a4:c5:0c:4f:35:49:8b:e7:bb:6a:96:c3:28:7f:
30:88:dc:2d:17:15:cd:f2:56:40:a0:a2:20:84:4a:
33:c0:32:a6:7b:b3:51:a5:3e:8d:26:fd:21:a4:63:
c2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:83:D2:1F:E3:7C:CA:3D:12:F7:70:CA:0E:ED:8B:04:9E:5E:02:D2
X509v3 Authority Key Identifier:
keyid:13:3C:D7:C1:A9:C7:9C:82:EE:E5:C8:6A:42:3C:17:C1:D6:3C:34:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzzXwanHnILu5chqQjwXwdY8NBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/O4PSH-N8yj0S93DKDu2LBJ5eAtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/EzzXwanHnILu5chqQjwXwdY8NBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.44.0/24
185.5.46.0/23
IPv6:
2a02:7ac0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:d3:4f:1b:28:f5:7c:8f:5c:dc:d1:a6:4e:b3:40:fe:74:bb:
81:15:c0:b9:2c:6c:c9:f5:4a:60:29:d4:45:8b:f6:0a:c9:25:
7f:93:30:db:51:d0:a4:86:6c:53:f2:b0:39:72:ef:92:cf:f3:
e1:ee:95:31:20:1d:7f:53:4e:bb:5b:e4:65:da:cf:3a:84:14:
66:5f:a3:d2:62:2c:4e:6c:b0:f2:c0:d1:6f:4e:8f:9f:b0:a8:
ec:1f:e9:95:c1:00:8c:c0:d9:5d:84:3b:3c:2a:c6:11:41:f2:
a8:a9:64:da:22:5c:36:0a:ce:a9:fa:2d:12:ca:45:b2:4b:5b:
2a:14:f9:b1:77:b2:14:d6:ae:93:54:57:cb:3e:d4:b8:dd:d4:
5e:3d:ca:ae:a6:58:d5:e1:dc:cd:56:94:a6:25:60:7a:82:b3:
81:72:f1:ef:89:75:b9:77:30:f8:12:c4:cd:d0:12:b6:e2:55:
30:d5:ee:d5:7c:55:e1:b2:d0:41:eb:d6:c6:b4:c3:60:2d:d0:
f1:03:6b:40:da:a8:80:78:4f:0c:a5:de:d1:e7:cb:af:b0:97:
7b:31:55:33:4b:f9:8a:3c:8f:61:ea:6f:de:c1:8f:ef:04:49:
61:43:5d:63:8e:7c:0c:cd:07:08:6e:6f:ca:cd:b1:24:31:d2:
fe:ef:dc:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlId9cS/k/yCT4DAFTrn2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzM2NkN2MxYTljNzljODJlZWU1Yzg2YTQyM2MxN2MxZDYz
YzM0MTMwHhcNMjUwMTAyMDM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjgzZDIxZmUzN2NjYTNkMTJmNzcwY2EwZWVkOGIwNDllNWUwMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSl7nOW9beOvQClfyzbE6ZOG1VDg
UcopBLgaOFYhx7fwwKSVL/PuFvHCLPm7DUHClUURhNi0DPBiVMaj/esUZoTTmDNT
WyNOQ6am1d9fB8JBfysGfRrV5linacxaygrr01v+g3PIUkEvNPfEEkBfHyeUBBn8
yQb2jqIPahJCdIEW32b5fmUL8C7jRm6s2j8xO4IZ4MO2k7hufVtMV/c4aeOgNNl9
ozR2QdgVHgTq0JqrQQtfgHMWZFYfHS1Ns6ysufmP8EdqZzX9fIGhy0EzPkrapMUM
TzVJi+e7apbDKH8wiNwtFxXN8lZAoKIghEozwDKme7NRpT6NJv0hpGPC/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDuD0h/jfMo9Evdwyg7tiwSeXgLSMB8GA1UdIwQY
MBaAFBM818Gpx5yC7uXIakI8F8HWPDQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXp6WHdhbkhuSUx1NWNocVFqd1h3ZFk4TkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84MmMwYTItODA0Yi00NDZkLWFiMjQt
NGYzOGM2NTZiMjU2LzEvTzRQU0gtTjh5ajBTOTNES0R1MkxCSjVlQXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84MmMwYTItODA0Yi00NDZkLWFiMjQtNGYzOGM2NTZiMjU2
LzEvRXp6WHdhbkhuSUx1NWNocVFqd1h3ZFk4TkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQUsAwQB
uQUuMA0EAgACMAcDBQAqAnrAMA0GCSqGSIb3DQEBCwUAA4IBAQCd008bKPV8j1zc
0aZOs0D+dLuBFcC5LGzJ9UpgKdRFi/YKySV/kzDbUdCkhmxT8rA5cu+Sz/Ph7pUx
IB1/U067W+Rl2s86hBRmX6PSYixObLDywNFvTo+fsKjsH+mVwQCMwNldhDs8KsYR
QfKoqWTaIlw2Cs6p+i0SykWyS1sqFPmxd7IU1q6TVFfLPtS43dRePcqupljV4dzN
VpSmJWB6grOBcvHviXW5dzD4EsTN0BK24lUw1e7VfFXhstBB69bGtMNgLdDxA2tA
2qiAeE8Mpd7R58uvsJd7MVUzS/mKPI9h6m/ewY/vBElhQ11jjnwMzQcIbm/KzbEk
MdL+79z+
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:43:48 2025 by rpki-client