Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/oN7VCg6T70AqCgkw7T1ItoiQojs.roa
File: oN7VCg6T70AqCgkw7T1ItoiQojs.roa (raw, json)
Hash identifier: ubQf5XIeT3TyemTYWbKwF4nof6o0ij8Yjn+TYfFOmQQ=
Subject key identifier: A0:DE:D5:0A:0E:93:EF:40:2A:0A:09:30:ED:3D:48:B6:88:90:A2:3B
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018C21B99D2159C74A0651DEE93C1CD2A497
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/oN7VCg6T70AqCgkw7T1ItoiQojs.roa
Signing time: Thu 30 Nov 2023 19:34:21 +0000
ROA not before: Thu 30 Nov 2023 19:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.172.20.0/22 maxlen: 24
185.64.100.0/22 maxlen: 24
194.88.112.0/20 maxlen: 24
93.113.184.0/21 maxlen: 24
62.112.12.0/23 maxlen: 24
194.58.64.0/23 maxlen: 24
188.240.40.0/23 maxlen: 24
188.212.104.0/22 maxlen: 24
94.190.248.0/22 maxlen: 24
195.133.202.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
89.37.216.0/23 maxlen: 24
84.234.16.0/20 maxlen: 24
84.234.24.0/22 maxlen: 24
185.77.250.0/23 maxlen: 24
188.211.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:b9:9d:21:59:c7:4a:06:51:de:e9:3c:1c:d2:a4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Nov 30 19:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0ded50a0e93ef402a0a0930ed3d48b68890a23b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:06:40:fe:6f:10:5b:e1:9f:c3:4e:4d:12:82:
d3:69:15:e8:66:22:ec:67:37:2b:31:37:02:41:a4:
af:f0:e1:52:b8:3b:f9:97:76:71:7d:2c:a4:37:24:
e0:82:46:6c:b1:7b:5a:6f:a2:a5:48:e1:8f:aa:b7:
db:f7:7a:6e:9b:d0:d0:bf:fc:99:d4:3a:37:07:3e:
10:46:f5:33:74:d8:41:c4:5d:f1:2f:f5:3a:7f:43:
09:82:69:39:6b:a8:41:60:9b:57:45:28:d1:e9:01:
62:ea:4b:1b:e6:b0:e6:09:30:cb:63:97:c3:d8:05:
56:84:aa:b0:96:2c:e3:b9:62:e7:dc:18:7b:36:a5:
20:87:2d:1f:29:ae:51:b2:38:0a:8a:e4:0b:8b:90:
7f:fb:51:2c:42:a1:db:50:f6:04:9a:c8:9b:63:c9:
91:26:3d:28:13:bc:09:ad:b5:ce:f9:89:23:c4:08:
35:33:10:e1:1a:a2:02:c4:59:58:72:e5:63:bc:26:
fc:b2:89:f9:0f:53:fc:d8:87:fa:e5:32:e4:e4:58:
3e:5c:50:d2:80:94:df:59:ed:b9:83:7d:b0:2a:25:
12:ee:83:d2:f6:a9:5f:59:de:d2:b8:18:17:54:c0:
bf:0d:4b:23:b8:ee:5c:f3:3d:c5:1d:85:ec:1d:24:
69:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DE:D5:0A:0E:93:EF:40:2A:0A:09:30:ED:3D:48:B6:88:90:A2:3B
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/oN7VCg6T70AqCgkw7T1ItoiQojs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
84.234.16.0/20
89.37.216.0/23
93.113.184.0/21
94.190.248.0/22
185.64.100.0/22
185.77.250.0/23
185.172.20.0/22
188.211.252.0/22
188.212.104.0/22
188.240.40.0/23
194.58.64.0/23
194.88.96.0/21
194.88.112.0/20
195.133.202.0/23
Signature Algorithm: sha256WithRSAEncryption
20:5d:9a:cc:02:58:db:98:41:16:74:5c:7d:45:9e:19:29:97:
c9:bd:4e:af:92:c1:72:f1:c6:5a:8f:10:db:d9:fa:a7:2b:63:
72:69:36:1a:4e:15:73:3c:d7:a3:ff:2a:f3:eb:2f:9a:75:0f:
ca:62:86:dd:38:66:ea:96:ac:8f:40:4a:8e:d3:57:08:c4:b9:
3d:23:2f:cc:56:dc:0c:50:5c:56:39:3b:ad:e3:ff:10:e0:a3:
59:ae:7c:f9:18:f8:c6:cc:4a:8f:42:5d:43:08:f2:10:16:57:
5e:5f:16:8a:48:4c:e5:3a:30:39:38:5d:62:ad:e6:a0:18:59:
41:d2:00:56:cc:93:96:39:39:17:65:4b:39:71:59:0b:b4:f7:
95:97:3a:23:b9:83:f6:c3:5a:e9:b7:44:41:19:9a:53:02:07:
97:bb:be:0f:a8:28:6f:87:0a:d8:3a:a1:7c:ae:f5:c3:6c:56:
34:00:59:e4:9f:84:48:3c:56:eb:c0:dd:2c:0b:be:89:20:42:
ee:80:db:18:bb:ea:99:07:69:31:64:92:7b:c9:ad:66:1c:26:
f7:9d:4c:48:58:9b:4e:b1:28:0b:a3:81:09:b7:b4:0a:55:b5:
23:29:2b:6e:e1:af:54:ad:f0:9f:0c:b5:57:41:99:f3:55:cb:
36:2e:94:7b
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYwhuZ0hWcdKBlHe6Twc0qSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMTMwMTkzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRlZDUwYTBlOTNlZjQwMmEwYTA5MzBlZDNkNDhiNjg4OTBhMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAZA/m8QW+Gfw05NEoLTaRXoZiLs
ZzcrMTcCQaSv8OFSuDv5l3ZxfSykNyTggkZssXtab6KlSOGPqrfb93pum9DQv/yZ
1Do3Bz4QRvUzdNhBxF3xL/U6f0MJgmk5a6hBYJtXRSjR6QFi6ksb5rDmCTDLY5fD
2AVWhKqwlizjuWLn3Bh7NqUghy0fKa5RsjgKiuQLi5B/+1EsQqHbUPYEmsibY8mR
Jj0oE7wJrbXO+YkjxAg1MxDhGqICxFlYcuVjvCb8son5D1P82If65TLk5Fg+XFDS
gJTfWe25g32wKiUS7oPS9qlfWd7SuBgXVMC/DUsjuO5c8z3FHYXsHSRpmQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFKDe1QoOk+9AKgoJMO09SLaIkKI7MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvb043VkNnNlQ3MEFxQ2drdzdUMUl0b2lRb2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBPnAMAwQE
VOoQAwQBWSXYAwQDXXG4AwQCXr74AwQCuUBkAwQBuU36AwQCuawUAwQCvNP8AwQC
vNRoAwQBvPAoAwQBwjpAAwQDwlhgAwQEwlhwAwQBw4XKMA0GCSqGSIb3DQEBCwUA
A4IBAQAgXZrMAljbmEEWdFx9RZ4ZKZfJvU6vksFy8cZajxDb2fqnK2NyaTYaThVz
PNej/yrz6y+adQ/KYobdOGbqlqyPQEqO01cIxLk9Iy/MVtwMUFxWOTut4/8Q4KNZ
rnz5GPjGzEqPQl1DCPIQFldeXxaKSEzlOjA5OF1ireagGFlB0gBWzJOWOTkXZUs5
cVkLtPeVlzojuYP2w1rpt0RBGZpTAgeXu74PqChvhwrYOqF8rvXDbFY0AFnkn4RI
PFbrwN0sC76JIELugNsYu+qZB2kxZJJ7ya1mHCb3nUxIWJtOsSgLo4EJt7QKVbUj
KStu4a9UrfCfDLVXQZnzVcs2LpR7
-----END CERTIFICATE-----
Generated at Mon May 12 05:59:04 2025 by rpki-client