Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6c6f86-d378-4796-ace3-261f3ec84f2c/1/OxbjVc51ZArNjto9qJH7g33FiXI.roa
File: OxbjVc51ZArNjto9qJH7g33FiXI.roa (raw, json)
Hash identifier: K72Xrnli8qihl5Tufp89ODGECW4YIENuRU8opv6Zscc=
Subject key identifier: 3B:16:E3:55:CE:75:64:0A:CD:8E:DA:3D:A8:91:FB:83:7D:C5:89:72
Certificate issuer: /CN=4833d1b845b733ea7e81c11f9da8c54a21544134
Certificate serial: 0721CDDF
Authority key identifier: 48:33:D1:B8:45:B7:33:EA:7E:81:C1:1F:9D:A8:C5:4A:21:54:41:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SDPRuEW3M-p-gcEfnajFSiFUQTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6c6f86-d378-4796-ace3-261f3ec84f2c/1/OxbjVc51ZArNjto9qJH7g33FiXI.roa
Signing time: Sat 01 Jan 2022 02:51:53 +0000
ROA not before: Sat 01 Jan 2022 02:51:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60277
IP address blocks: 185.190.204.0/22 maxlen: 22
193.57.206.0/23 maxlen: 23
185.32.252.0/22 maxlen: 22
193.57.216.0/23 maxlen: 23
2a00:ca20::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119655903 (0x721cddf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4833d1b845b733ea7e81c11f9da8c54a21544134
Validity
Not Before: Jan 1 02:51:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b16e355ce75640acd8eda3da891fb837dc58972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:99:80:06:fb:a8:c2:d1:e2:a1:20:1f:dc:db:
92:bf:d7:63:6c:04:b8:2e:0d:c0:bc:b1:26:80:31:
6d:45:6e:19:5c:2e:40:61:1c:73:80:a9:ed:14:97:
3d:a5:6b:0a:19:32:8e:d6:9a:c2:15:08:7c:52:25:
a4:e5:0d:1b:2f:8b:fd:a8:4c:d5:38:42:ef:05:5b:
d5:11:eb:4d:c9:8f:d9:7d:e4:f0:46:70:16:1b:d4:
9c:87:d4:a9:8c:12:49:88:bd:a4:10:2c:78:34:3b:
85:0e:70:d7:95:26:13:24:e8:96:fa:f7:af:23:40:
73:cb:5b:6a:d1:62:86:6a:47:e3:a4:bd:1c:09:87:
be:6c:b4:89:c7:96:75:50:d0:4c:a1:7b:7e:aa:ad:
6f:9e:8d:c3:b2:03:a3:79:fd:28:50:a2:61:20:c8:
12:eb:9f:d6:55:30:35:bc:00:8b:23:2a:25:f8:0f:
09:d3:34:46:d5:14:d8:cc:77:e8:cb:62:96:ea:22:
fc:2f:08:ed:3f:12:5f:46:19:7a:7f:81:61:40:9f:
80:08:b5:d5:0f:cc:5c:42:fd:02:e2:24:52:a5:c3:
a9:f6:2b:45:f2:02:f6:6d:99:61:d0:d4:e7:42:01:
df:81:b8:e0:a2:b1:cf:ce:3b:f3:05:54:88:6f:0a:
80:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:16:E3:55:CE:75:64:0A:CD:8E:DA:3D:A8:91:FB:83:7D:C5:89:72
X509v3 Authority Key Identifier:
keyid:48:33:D1:B8:45:B7:33:EA:7E:81:C1:1F:9D:A8:C5:4A:21:54:41:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SDPRuEW3M-p-gcEfnajFSiFUQTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6c6f86-d378-4796-ace3-261f3ec84f2c/1/OxbjVc51ZArNjto9qJH7g33FiXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6c6f86-d378-4796-ace3-261f3ec84f2c/1/SDPRuEW3M-p-gcEfnajFSiFUQTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.252.0/22
185.190.204.0/22
193.57.206.0/23
193.57.216.0/23
IPv6:
2a00:ca20::/29
Signature Algorithm: sha256WithRSAEncryption
32:f4:4e:e8:0d:51:9b:88:94:19:9e:11:a8:60:43:de:df:2d:
36:43:00:ee:44:49:69:4d:98:c1:c0:59:ce:62:74:54:0b:9d:
9c:6d:b8:f5:1a:10:e0:48:2e:a6:0f:35:5f:2b:ba:d6:8e:5a:
f5:f4:7e:0f:ab:49:c0:dc:d3:c6:88:41:43:ad:a2:71:7e:d3:
e3:69:1d:52:e9:e8:0d:ca:1e:c1:73:2b:18:1b:ad:28:f8:a6:
e4:e4:f6:05:6e:2b:24:7e:59:a4:76:dc:f2:31:ff:44:bd:02:
99:eb:2f:5a:b1:02:b8:42:bd:23:cb:5c:e2:7a:98:27:ab:87:
d3:8b:d9:7c:c2:b0:55:09:b9:81:45:78:58:04:b6:6d:ed:10:
0f:e4:1f:63:39:09:48:b8:61:8e:26:8e:f1:36:87:d8:54:64:
3b:08:8e:e4:fa:27:38:16:d2:91:8b:be:b5:c8:ac:a5:ec:70:
9d:8e:94:9a:77:9b:d4:b3:16:c8:54:2d:ed:0a:72:bd:01:94:
26:a4:80:8b:53:30:80:b5:5f:c3:69:60:08:7c:27:06:3a:53:
55:61:5c:25:bb:90:4e:fe:f7:25:1a:52:79:26:13:51:05:85:
65:6c:35:6f:69:12:e1:f1:85:a8:1b:d9:2f:a4:73:eb:86:57:
64:ac:98:1a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEByHN3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODMzZDFiODQ1YjczM2VhN2U4MWMxMWY5ZGE4YzU0YTIxNTQ0MTM0MB4XDTIyMDEw
MTAyNTE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2IxNmUzNTVjZTc1
NjQwYWNkOGVkYTNkYTg5MWZiODM3ZGM1ODk3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOZgAb7qMLR4qEgH9zbkr/XY2wEuC4NwLyxJoAxbUVuGVwu
QGEcc4Cp7RSXPaVrChkyjtaawhUIfFIlpOUNGy+L/ahM1ThC7wVb1RHrTcmP2X3k
8EZwFhvUnIfUqYwSSYi9pBAseDQ7hQ5w15UmEyTolvr3ryNAc8tbatFihmpH46S9
HAmHvmy0iceWdVDQTKF7fqqtb56Nw7IDo3n9KFCiYSDIEuuf1lUwNbwAiyMqJfgP
CdM0RtUU2Mx36Mtiluoi/C8I7T8SX0YZen+BYUCfgAi11Q/MXEL9AuIkUqXDqfYr
RfIC9m2ZYdDU50IB34G44KKxz8478wVUiG8KgMcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQ7FuNVznVkCs2O2j2okfuDfcWJcjAfBgNVHSMEGDAWgBRIM9G4Rbcz6n6B
wR+dqMVKIVRBNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NEUFJ1RVczTS1wLWdjRWZuYWpGU2lGVVFUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvNmM2Zjg2LWQzNzgtNDc5Ni1hY2UzLTI2MWYzZWM4NGYyYy8x
L094YmpWYzUxWkFyTmp0bzlxSkg3ZzMzRmlYSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
NmM2Zjg2LWQzNzgtNDc5Ni1hY2UzLTI2MWYzZWM4NGYyYy8xL1NEUFJ1RVczTS1w
LWdjRWZuYWpGU2lGVVFUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEArkg/AMEArm+zAMEAcE5zgMEAcE5
2DANBAIAAjAHAwUDKgDKIDANBgkqhkiG9w0BAQsFAAOCAQEAMvRO6A1Rm4iUGZ4R
qGBD3t8tNkMA7kRJaU2YwcBZzmJ0VAudnG249RoQ4Egupg81Xyu61o5a9fR+D6tJ
wNzTxohBQ62icX7T42kdUunoDcoewXMrGButKPim5OT2BW4rJH5ZpHbc8jH/RL0C
mesvWrECuEK9I8tc4nqYJ6uH04vZfMKwVQm5gUV4WAS2be0QD+QfYzkJSLhhjiaO
8TaH2FRkOwiO5PonOBbSkYu+tcispexwnY6Umneb1LMWyFQt7QpyvQGUJqSAi1Mw
gLVfw2lgCHwnBjpTVWFcJbuQTv73JRpSeSYTUQWFZWw1b2kS4fGFqBvZL6Rz64ZX
ZKyYGg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:32 2025 by rpki-client