Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/oAZxYtQ4Og3cgsl-3lYamhsa7e4.roa
File: oAZxYtQ4Og3cgsl-3lYamhsa7e4.roa (raw, json)
Hash identifier: 3ae/XOyTNvdp+V+oKgkV4BxFv5zwWxKjx15ZyehKjvA=
Subject key identifier: A0:06:71:62:D4:38:3A:0D:DC:82:C9:7E:DE:56:1A:9A:1B:1A:ED:EE
Certificate issuer: /CN=b795aaf033004c92d7a26c236c14d32552d78d94
Certificate serial: 01942445834A1444BCE03D94880F3F9DC6C8
Authority key identifier: B7:95:AA:F0:33:00:4C:92:D7:A2:6C:23:6C:14:D3:25:52:D7:8D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t5Wq8DMATJLXomwjbBTTJVLXjZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/oAZxYtQ4Og3cgsl-3lYamhsa7e4.roa
Signing time: Wed 01 Jan 2025 23:48:42 +0000
ROA not before: Wed 01 Jan 2025 23:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199758
IP address blocks: 91.132.252.0/22 maxlen: 22
91.132.252.0/23 maxlen: 23
91.132.254.0/23 maxlen: 23
185.46.228.0/22 maxlen: 22
185.46.228.0/23 maxlen: 23
185.46.230.0/23 maxlen: 23
185.153.8.0/22 maxlen: 22
185.153.8.0/23 maxlen: 23
185.153.10.0/23 maxlen: 23
195.13.47.0/24 maxlen: 24
195.13.51.0/24 maxlen: 24
195.14.7.0/24 maxlen: 24
2a01:8760::/32 maxlen: 32
2a03:ac60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:83:4a:14:44:bc:e0:3d:94:88:0f:3f:9d:c6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b795aaf033004c92d7a26c236c14d32552d78d94
Validity
Not Before: Jan 1 23:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0067162d4383a0ddc82c97ede561a9a1b1aedee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:06:33:36:a7:da:8b:c1:72:37:34:87:23:86:
03:28:50:4f:2a:8a:ea:23:51:f7:54:95:08:0b:97:
e1:7e:f6:10:be:5e:3c:5e:a3:6a:3b:d8:aa:0d:93:
35:00:3c:73:3b:c0:62:4a:f1:1e:8f:e2:5d:38:ae:
12:e4:30:74:61:61:d8:70:d0:f2:b6:e7:6d:36:d6:
b1:24:d0:6c:be:3c:94:78:23:11:97:ec:df:5a:eb:
c4:3c:b7:fb:b9:a5:35:28:e2:94:2a:f5:0e:f6:a3:
62:55:95:da:92:f3:07:50:d1:d1:75:6d:0e:fd:78:
84:92:32:7c:d8:d8:7d:fa:5a:be:06:19:90:e7:3e:
1f:16:73:8a:df:6e:00:98:3d:e7:6c:16:7e:5c:7e:
59:51:33:ca:ee:b8:2b:dc:53:29:d2:3b:2d:c1:ce:
75:37:a9:5d:1d:3a:ee:ad:0e:42:9b:2a:f2:f4:ec:
57:9b:3d:c6:f9:77:b6:06:53:b2:b0:4f:61:c8:68:
a0:1f:4a:83:ea:93:14:5d:7c:43:e5:21:32:ac:56:
b8:bc:31:71:4f:9a:44:dc:51:c5:57:69:54:52:1a:
e8:7b:18:6b:74:cf:b1:fe:43:ec:3e:76:bf:c1:92:
ad:23:88:f5:5e:14:2e:6a:6c:37:8f:1c:64:53:e0:
72:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:06:71:62:D4:38:3A:0D:DC:82:C9:7E:DE:56:1A:9A:1B:1A:ED:EE
X509v3 Authority Key Identifier:
keyid:B7:95:AA:F0:33:00:4C:92:D7:A2:6C:23:6C:14:D3:25:52:D7:8D:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5Wq8DMATJLXomwjbBTTJVLXjZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/oAZxYtQ4Og3cgsl-3lYamhsa7e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c752b2-18f9-4191-88f8-c065f242f020/1/t5Wq8DMATJLXomwjbBTTJVLXjZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.252.0/22
185.46.228.0/22
185.153.8.0/22
195.13.47.0/24
195.13.51.0/24
195.14.7.0/24
IPv6:
2a01:8760::/32
2a03:ac60::/32
Signature Algorithm: sha256WithRSAEncryption
9c:ad:5e:6c:db:cc:df:fe:ae:b8:da:aa:a5:ec:92:ee:af:35:
20:6e:27:b5:d5:d3:74:2c:c9:26:d3:c6:8a:a0:64:a5:15:df:
1d:ad:69:7b:bf:54:5c:46:a5:13:b5:38:36:03:e9:f2:83:30:
8b:dd:61:e6:97:ae:84:33:4c:d8:f8:d7:c3:30:36:f8:0c:ab:
26:86:41:8b:ce:13:4f:0f:2d:d5:12:51:b5:af:82:51:34:2e:
d8:5e:af:96:89:e3:0a:fd:f5:cb:f3:44:4f:68:10:ed:32:d2:
92:80:20:74:c6:96:6d:aa:21:66:63:a4:16:c2:4d:6b:8e:44:
65:cc:1a:10:c5:1b:31:9e:aa:92:50:5a:3b:2b:9e:b5:1c:64:
89:e2:a0:a9:44:e1:b1:20:a5:b6:a0:89:fc:38:7a:63:a1:d1:
fb:8a:e0:ab:d3:dd:fa:ce:17:8e:a7:51:46:07:84:10:d1:2c:
93:ba:90:9b:4e:c7:f8:a9:62:cb:98:82:0f:cd:cc:61:1c:f3:
c6:9f:0b:1b:e2:99:8b:b8:fa:c7:f6:54:75:1a:76:bd:d0:17:
61:9f:ff:8e:97:c1:6b:54:2e:ed:6a:00:2b:9a:20:ce:58:84:
86:59:b4:91:5a:ca:60:8c:ec:fc:63:3c:f5:29:73:41:41:98:
e2:d5:a9:1d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQkRYNKFES84D2UiA8/ncbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OTVhYWYwMzMwMDRjOTJkN2EyNmMyMzZjMTRkMzI1NTJk
NzhkOTQwHhcNMjUwMTAxMjM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDA2NzE2MmQ0MzgzYTBkZGM4MmM5N2VkZTU2MWE5YTFiMWFlZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wYzNqfai8FyNzSHI4YDKFBPKorq
I1H3VJUIC5fhfvYQvl48XqNqO9iqDZM1ADxzO8BiSvEej+JdOK4S5DB0YWHYcNDy
tudtNtaxJNBsvjyUeCMRl+zfWuvEPLf7uaU1KOKUKvUO9qNiVZXakvMHUNHRdW0O
/XiEkjJ82Nh9+lq+BhmQ5z4fFnOK324AmD3nbBZ+XH5ZUTPK7rgr3FMp0jstwc51
N6ldHTrurQ5Cmyry9OxXmz3G+Xe2BlOysE9hyGigH0qD6pMUXXxD5SEyrFa4vDFx
T5pE3FHFV2lUUhroexhrdM+x/kPsPna/wZKtI4j1XhQuamw3jxxkU+ByuQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKAGcWLUODoN3ILJft5WGpobGu3uMB8GA1UdIwQY
MBaAFLeVqvAzAEyS16JsI2wU0yVS142UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVXcThETUFUSkxYb213amJCVFRKVkxYalpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jNzUyYjItMThmOS00MTkxLTg4Zjgt
YzA2NWYyNDJmMDIwLzEvb0FaeFl0UTRPZzNjZ3NsLTNsWWFtaHNhN2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jNzUyYjItMThmOS00MTkxLTg4ZjgtYzA2NWYyNDJmMDIw
LzEvdDVXcThETUFUSkxYb213amJCVFRKVkxYalpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCW4T8AwQC
uS7kAwQCuZkIAwQAww0vAwQAww0zAwQAww4HMBQEAgACMA4DBQAqAYdgAwUAKgOs
YDANBgkqhkiG9w0BAQsFAAOCAQEAnK1ebNvM3/6uuNqqpeyS7q81IG4ntdXTdCzJ
JtPGiqBkpRXfHa1pe79UXEalE7U4NgPp8oMwi91h5peuhDNM2PjXwzA2+AyrJoZB
i84TTw8t1RJRta+CUTQu2F6vlonjCv31y/NET2gQ7TLSkoAgdMaWbaohZmOkFsJN
a45EZcwaEMUbMZ6qklBaOyuetRxkieKgqUThsSCltqCJ/Dh6Y6HR+4rgq9Pd+s4X
jqdRRgeEENEsk7qQm07H+Kliy5iCD83MYRzzxp8LG+KZi7j6x/ZUdRp2vdAXYZ//
jpfBa1Qu7WoAK5ogzliEhlm0kVrKYIzs/GM89SlzQUGY4tWpHQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:49:14 2025 by rpki-client