Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/oStUIKNdOxsoPkLdxbzXZVZ-_So.roa
File: oStUIKNdOxsoPkLdxbzXZVZ-_So.roa (raw, json)
Hash identifier: b2yoXaE0SVikiAhIUlGV66SAuTLwU5Bh2/ReFMsOvEI=
Subject key identifier: A1:2B:54:20:A3:5D:3B:1B:28:3E:42:DD:C5:BC:D7:65:56:7E:FD:2A
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 019428277E87E6FDE0BE07A1B4902C052B6C
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/oStUIKNdOxsoPkLdxbzXZVZ-_So.roa
Signing time: Thu 02 Jan 2025 17:54:24 +0000
ROA not before: Thu 02 Jan 2025 17:54:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203459
IP address blocks: 185.133.224.0/24 maxlen: 24
185.133.225.0/24 maxlen: 24
185.133.226.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
2a06:7fc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:7e:87:e6:fd:e0:be:07:a1:b4:90:2c:05:2b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Jan 2 17:54:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a12b5420a35d3b1b283e42ddc5bcd765567efd2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e9:c6:2a:fd:22:3a:18:e5:77:c6:8d:90:09:
99:c5:49:a8:fd:d6:34:f8:03:fe:18:16:86:8b:4a:
a4:bb:b1:0b:d9:d5:ae:8c:e1:6b:31:4a:17:f3:6e:
53:cd:11:5c:26:99:3d:80:45:4f:39:72:77:eb:73:
7f:53:69:31:6d:15:cc:a5:62:71:b9:29:ef:59:03:
13:8b:91:88:d9:b1:3d:28:86:1d:8c:78:9b:dd:95:
6e:21:97:74:ba:59:58:6e:40:c0:d9:bd:e3:34:3e:
ba:d8:e8:8c:f4:0f:d1:7e:96:f2:3c:06:19:a3:99:
b2:f1:93:02:93:4e:17:9c:28:8c:55:2e:57:a7:95:
a3:75:0c:17:96:6f:b2:00:b8:c8:f6:2d:95:1c:ea:
6b:c7:b0:3d:9d:e5:d7:e4:23:1b:48:18:0e:96:52:
ee:9c:4f:39:ef:e4:4d:23:80:90:f2:dc:a0:ce:f7:
5b:f2:7a:69:5e:73:64:be:20:55:f2:7d:93:6a:0c:
80:b0:60:49:69:a9:d6:92:c5:6a:f0:a4:1a:5b:69:
12:8b:b9:d2:2e:c2:6f:1d:34:4a:fb:7b:11:a1:30:
98:77:28:54:11:1f:ae:ad:4c:63:6a:41:90:df:ea:
6f:c8:f4:84:8d:e6:2b:b7:74:b3:77:68:f9:9b:db:
37:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2B:54:20:A3:5D:3B:1B:28:3E:42:DD:C5:BC:D7:65:56:7E:FD:2A
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/oStUIKNdOxsoPkLdxbzXZVZ-_So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.224.0/22
IPv6:
2a06:7fc0::/29
Signature Algorithm: sha256WithRSAEncryption
79:a9:1e:67:14:0d:f6:43:59:43:e0:2a:c1:30:9e:74:b6:e8:
fc:6e:49:47:bc:41:80:d2:8a:f5:47:bc:1f:85:7a:75:5c:47:
1a:cf:ff:51:5f:55:61:6b:c1:3e:da:4b:86:c2:af:e8:ec:46:
43:3a:d1:c3:67:2f:d1:7c:99:d8:19:76:38:5e:15:57:96:bb:
14:ea:c4:5d:09:f2:92:a3:bc:7e:61:eb:76:e9:57:c1:06:e8:
3b:b5:f6:0c:26:7f:a3:f8:5f:0d:76:e2:f3:9e:6e:ac:45:4d:
db:54:ed:31:ac:7d:1a:9b:1e:f6:e2:af:b7:0f:d6:53:84:66:
77:d4:5a:19:55:0e:a6:14:57:13:f6:a0:f0:56:82:b1:f0:b8:
90:d2:85:e8:cb:d5:5b:91:a6:2f:79:ef:9b:c7:d4:77:f7:f2:
bf:8e:d0:b4:06:2d:f4:50:79:7f:0e:46:fe:8c:ea:2d:9c:c5:
7d:87:f0:0f:69:1e:c2:12:c7:b9:72:4c:ce:b6:01:d1:33:bc:
b6:1a:75:ae:1c:6c:31:47:30:4a:b6:c8:d5:1b:be:c4:fe:6f:
f6:ba:d9:1f:95:f9:01:c4:1a:34:05:43:b2:e1:91:50:bd:7f:
9e:e8:d0:61:fe:45:19:db:a2:32:8f:99:f6:e4:24:64:6a:c3:
d7:81:eb:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJ36H5v3gvgehtJAsBStsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjUwMTAyMTc1NDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJiNTQyMGEzNWQzYjFiMjgzZTQyZGRjNWJjZDc2NTU2N2VmZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwenGKv0iOhjld8aNkAmZxUmo/dY0
+AP+GBaGi0qku7EL2dWujOFrMUoX825TzRFcJpk9gEVPOXJ363N/U2kxbRXMpWJx
uSnvWQMTi5GI2bE9KIYdjHib3ZVuIZd0ullYbkDA2b3jND662OiM9A/RfpbyPAYZ
o5my8ZMCk04XnCiMVS5Xp5WjdQwXlm+yALjI9i2VHOprx7A9neXX5CMbSBgOllLu
nE857+RNI4CQ8tygzvdb8nppXnNkviBV8n2TagyAsGBJaanWksVq8KQaW2kSi7nS
LsJvHTRK+3sRoTCYdyhUER+urUxjakGQ3+pvyPSEjeYrt3Szd2j5m9s35QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKErVCCjXTsbKD5C3cW812VWfv0qMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvb1N0VUlLTmRPeHNvUGtMZHhielhaVlotX1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYXgMA0E
AgACMAcDBQMqBn/AMA0GCSqGSIb3DQEBCwUAA4IBAQB5qR5nFA32Q1lD4CrBMJ50
tuj8bklHvEGA0or1R7wfhXp1XEcaz/9RX1Vha8E+2kuGwq/o7EZDOtHDZy/RfJnY
GXY4XhVXlrsU6sRdCfKSo7x+Yet26VfBBug7tfYMJn+j+F8NduLznm6sRU3bVO0x
rH0amx724q+3D9ZThGZ31FoZVQ6mFFcT9qDwVoKx8LiQ0oXoy9VbkaYvee+bx9R3
9/K/jtC0Bi30UHl/Dkb+jOotnMV9h/APaR7CEse5ckzOtgHRM7y2GnWuHGwxRzBK
tsjVG77E/m/2utkflfkBxBo0BUOy4ZFQvX+e6NBh/kUZ26Iyj5n25CRkasPXgev0
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:35:03 2025 by rpki-client