Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/9252e2-45de-4bcc-8f58-fa4117db1555/1/oi2OU2MII40wJvGP04NHRArOFvs.roa
File: oi2OU2MII40wJvGP04NHRArOFvs.roa (raw, json)
Hash identifier: VTkXyNDb4jg5wGXFkKirwnltERuwe0Q4j4rmz+H0ul4=
Subject key identifier: A2:2D:8E:53:63:08:23:8D:30:26:F1:8F:D3:83:47:44:0A:CE:16:FB
Certificate issuer: /CN=cc27531ad999b6d5a0441b75faea7d578653e42a
Certificate serial: 01942369731D4692F0C5CE7181E066AA38FE
Authority key identifier: CC:27:53:1A:D9:99:B6:D5:A0:44:1B:75:FA:EA:7D:57:86:53:E4:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdTGtmZttWgRBt1-up9V4ZT5Co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/9252e2-45de-4bcc-8f58-fa4117db1555/1/oi2OU2MII40wJvGP04NHRArOFvs.roa
Signing time: Wed 01 Jan 2025 19:48:20 +0000
ROA not before: Wed 01 Jan 2025 19:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197589
IP address blocks: 46.235.136.0/21 maxlen: 21
85.204.112.0/22 maxlen: 22
89.42.0.0/21 maxlen: 21
94.176.44.0/22 maxlen: 22
94.177.68.0/22 maxlen: 22
185.96.20.0/22 maxlen: 22
2a04:d680::/29 maxlen: 29
2a04:d680::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:73:1d:46:92:f0:c5:ce:71:81:e0:66:aa:38:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc27531ad999b6d5a0441b75faea7d578653e42a
Validity
Not Before: Jan 1 19:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a22d8e536308238d3026f18fd38347440ace16fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:56:0c:c3:b9:db:fa:ef:07:c4:71:43:db:b9:
11:40:6e:ad:f6:15:5f:9c:7b:17:50:44:44:df:c7:
5d:32:3c:fd:0d:74:38:d6:6e:29:71:59:83:12:f0:
85:d0:16:85:55:e2:82:f9:b1:a4:be:4d:58:a8:78:
ae:00:8b:e6:1a:20:ef:7e:f8:67:c9:46:dc:c3:f0:
b0:fd:42:02:1f:23:ca:12:bd:21:7c:91:e6:60:cf:
e5:9f:ad:e2:ae:b3:02:1f:b7:f3:4d:06:b6:d9:43:
44:b8:5a:ff:f4:7f:2c:3c:f8:8b:f5:fd:08:12:2a:
4f:9b:4d:b6:81:42:ae:78:b4:92:20:04:77:3a:e9:
b2:b4:9a:05:18:2c:8a:79:b0:ba:6e:b5:58:54:8f:
91:54:f9:df:fd:72:79:76:96:25:5b:a7:72:f3:89:
79:d5:cf:f1:c3:66:93:2e:d0:7f:e2:83:0e:8f:3b:
e1:91:e7:41:f7:5f:fa:b8:48:89:90:78:a3:a4:0e:
4b:04:eb:ee:e3:82:ff:9b:10:fa:25:45:aa:6d:da:
d8:cd:75:56:2c:ce:49:b9:52:aa:4d:01:28:73:76:
61:aa:67:59:d6:46:63:bc:db:ac:a1:f1:af:e7:b9:
16:63:3d:a9:ab:c0:75:66:f7:0b:1f:ba:53:3a:ed:
a8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:2D:8E:53:63:08:23:8D:30:26:F1:8F:D3:83:47:44:0A:CE:16:FB
X509v3 Authority Key Identifier:
keyid:CC:27:53:1A:D9:99:B6:D5:A0:44:1B:75:FA:EA:7D:57:86:53:E4:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdTGtmZttWgRBt1-up9V4ZT5Co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/9252e2-45de-4bcc-8f58-fa4117db1555/1/oi2OU2MII40wJvGP04NHRArOFvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/9252e2-45de-4bcc-8f58-fa4117db1555/1/zCdTGtmZttWgRBt1-up9V4ZT5Co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.136.0/21
85.204.112.0/22
89.42.0.0/21
94.176.44.0/22
94.177.68.0/22
185.96.20.0/22
IPv6:
2a04:d680::/29
Signature Algorithm: sha256WithRSAEncryption
8e:13:64:59:38:cb:63:08:ae:06:4e:45:eb:f6:73:3e:34:34:
89:1e:73:21:16:07:0a:fd:04:33:80:0c:5e:2f:a3:0b:db:10:
62:c5:94:1d:05:0b:18:32:12:b5:97:bf:6b:c7:95:15:53:7d:
fc:ae:6e:b7:e6:57:34:93:49:0d:fa:90:1d:da:3b:ca:ab:a2:
41:da:4a:2a:58:9a:ae:2f:93:58:f9:62:1c:d6:33:d7:73:60:
b1:b3:29:ba:da:e4:7d:6d:59:39:fe:49:a4:79:ee:8f:80:92:
28:05:ce:d5:f7:68:23:9c:69:11:cf:66:d1:ef:06:ee:84:fd:
e1:3c:ab:d8:d9:dd:0f:5b:97:40:ba:3f:32:f3:b6:86:8c:4b:
f4:aa:f9:ca:a2:c9:78:e4:b5:46:b3:87:c2:d4:8d:c1:c6:6d:
4f:34:37:4c:41:cd:dd:bb:2e:42:57:c2:77:d8:36:57:a0:6d:
14:83:d0:95:92:6c:e9:bd:9b:84:a7:aa:3d:ff:24:41:cf:e2:
f7:3a:bd:03:8b:47:b9:c2:eb:89:72:8c:a9:98:3a:53:c2:4b:
84:84:f2:67:c6:ab:11:65:41:b1:f0:1d:a9:70:42:98:6b:bd:
15:17:1a:ff:c8:fe:c2:38:62:46:0b:dc:76:a0:8f:bc:c4:0a:
e7:ec:f9:b4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQjaXMdRpLwxc5xgeBmqjj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1MzFhZDk5OWI2ZDVhMDQ0MWI3NWZhZWE3ZDU3ODY1
M2U0MmEwHhcNMjUwMTAxMTk0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjJkOGU1MzYzMDgyMzhkMzAyNmYxOGZkMzgzNDc0NDBhY2UxNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFYMw7nb+u8HxHFD27kRQG6t9hVf
nHsXUERE38ddMjz9DXQ41m4pcVmDEvCF0BaFVeKC+bGkvk1YqHiuAIvmGiDvfvhn
yUbcw/Cw/UICHyPKEr0hfJHmYM/ln63irrMCH7fzTQa22UNEuFr/9H8sPPiL9f0I
EipPm022gUKueLSSIAR3OumytJoFGCyKebC6brVYVI+RVPnf/XJ5dpYlW6dy84l5
1c/xw2aTLtB/4oMOjzvhkedB91/6uEiJkHijpA5LBOvu44L/mxD6JUWqbdrYzXVW
LM5JuVKqTQEoc3ZhqmdZ1kZjvNusofGv57kWYz2pq8B1ZvcLH7pTOu2omQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKItjlNjCCONMCbxj9ODR0QKzhb7MB8GA1UdIwQY
MBaAFMwnUxrZmbbVoEQbdfrqfVeGU+QqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkVEd0bVp0dFdnUkJ0MS11cDlWNFpUNUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC85MjUyZTItNDVkZS00YmNjLThmNTgt
ZmE0MTE3ZGIxNTU1LzEvb2kyT1UyTUlJNDB3SnZHUDA0TkhSQXJPRnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC85MjUyZTItNDVkZS00YmNjLThmNTgtZmE0MTE3ZGIxNTU1
LzEvekNkVEd0bVp0dFdnUkJ0MS11cDlWNFpUNUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuuIAwQC
VcxwAwQDWSoAAwQCXrAsAwQCXrFEAwQCuWAUMA0EAgACMAcDBQMqBNaAMA0GCSqG
SIb3DQEBCwUAA4IBAQCOE2RZOMtjCK4GTkXr9nM+NDSJHnMhFgcK/QQzgAxeL6ML
2xBixZQdBQsYMhK1l79rx5UVU338rm635lc0k0kN+pAd2jvKq6JB2koqWJquL5NY
+WIc1jPXc2Cxsym62uR9bVk5/kmkee6PgJIoBc7V92gjnGkRz2bR7wbuhP3hPKvY
2d0PW5dAuj8y87aGjEv0qvnKosl45LVGs4fC1I3Bxm1PNDdMQc3duy5CV8J32DZX
oG0Ug9CVkmzpvZuEp6o9/yRBz+L3Or0Di0e5wuuJcoypmDpTwkuEhPJnxqsRZUGx
8B2pcEKYa70VFxr/yP7COGJGC9x2oI+8xArn7Pm0
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:46:29 2025 by rpki-client