Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/OBolhnloBmPcHeiFFTvCer3P7KE.roa
File: OBolhnloBmPcHeiFFTvCer3P7KE.roa (raw, json)
Hash identifier: e0LNQZL39IyRivNQjrXAsaIJaGdolHnOAKHDatnT5/M=
Subject key identifier: 38:1A:25:86:79:68:06:63:DC:1D:E8:85:15:3B:C2:7A:BD:CF:EC:A1
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 01942143FC3A868B6E781350F8E16118271C
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/OBolhnloBmPcHeiFFTvCer3P7KE.roa
Signing time: Wed 01 Jan 2025 09:48:11 +0000
ROA not before: Wed 01 Jan 2025 09:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57877
IP address blocks: 37.139.120.0/21 maxlen: 21
178.174.110.0/23 maxlen: 23
185.76.216.0/22 maxlen: 22
195.135.12.0/23 maxlen: 23
195.135.48.0/20 maxlen: 20
195.135.48.0/24 maxlen: 24
2a05:5cc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:fc:3a:86:8b:6e:78:13:50:f8:e1:61:18:27:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Jan 1 09:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=381a258679680663dc1de885153bc27abdcfeca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f2:9b:6b:8c:a4:12:06:b6:dc:70:08:bd:2c:
de:ad:80:11:a2:ef:f8:e9:54:ec:bc:39:e8:0e:5f:
1b:50:0a:04:c4:6a:1e:40:dd:4c:1a:db:9f:7b:9d:
75:ff:a7:be:d0:64:f7:f3:a8:fd:4b:f4:2a:7e:8f:
5d:fd:76:39:59:85:e9:58:27:5b:ec:18:2c:0d:6a:
51:ba:92:25:4d:5c:8c:f9:75:f0:7a:1b:fd:dc:11:
4d:3d:b1:ff:6f:0e:b0:d5:c1:4b:53:0f:59:43:30:
58:1b:3c:e2:e5:1d:1d:23:bf:f4:b0:23:9c:07:50:
ff:68:57:1c:65:52:da:3c:c6:09:2b:61:02:5d:59:
64:d2:a0:13:7e:e6:ad:f8:3f:61:04:30:1a:dc:b5:
6e:48:94:e6:f8:2b:ac:17:4c:8a:93:02:19:e9:95:
f5:e1:12:e1:72:b7:79:db:b4:0c:ad:02:f2:3a:6a:
86:a2:84:8b:74:4b:df:65:a0:25:40:15:d8:6c:b2:
4b:27:0f:b5:56:d8:8d:82:81:75:47:9a:44:51:8b:
9e:c3:9d:43:5d:7b:11:5a:93:49:c3:c3:dc:63:4a:
c7:9c:a7:37:34:18:9b:94:19:4f:7b:3a:a8:54:6b:
c4:82:51:63:20:c0:c2:b0:09:e6:65:80:37:fa:f8:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1A:25:86:79:68:06:63:DC:1D:E8:85:15:3B:C2:7A:BD:CF:EC:A1
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/OBolhnloBmPcHeiFFTvCer3P7KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.120.0/21
178.174.110.0/23
185.76.216.0/22
195.135.12.0/23
195.135.48.0/20
IPv6:
2a05:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:33:e0:45:4b:37:0b:d8:42:23:bc:e3:f5:ae:89:99:bd:a5:
0b:65:0e:b2:07:4d:b5:a8:5b:5c:02:e1:c8:e1:86:3e:cf:94:
2f:87:7c:1b:b5:a0:b7:e1:77:d3:fe:20:84:10:d4:1a:09:2f:
4b:4a:3b:7f:10:a0:fd:6f:e6:27:3f:a7:ed:11:00:87:53:2f:
9f:d5:63:fe:bb:20:2d:10:ee:2a:b0:15:48:c8:02:48:fc:d4:
3c:94:13:79:46:3c:31:22:3b:71:e1:08:e6:c0:b8:7b:c8:50:
db:85:b7:7e:e0:eb:63:e1:9c:aa:5d:aa:10:85:9d:01:09:67:
57:f1:78:14:9c:c0:a2:a7:72:77:22:aa:c6:d9:30:d4:63:9f:
75:ad:2e:a6:a3:6c:d7:b3:c8:15:8a:25:db:ab:73:d9:7a:39:
f8:99:db:0c:71:b2:ae:ab:87:66:9d:9b:bf:2c:d3:45:a4:fd:
aa:df:61:bb:ed:e4:df:04:5c:75:4a:76:c7:a1:3e:48:55:db:
09:16:96:ae:87:43:6f:f7:9f:23:d8:b9:7f:65:a1:ae:71:94:
a4:e2:ab:9e:e2:26:ba:97:5a:2c:c9:87:75:76:fa:75:ce:cc:
42:1e:96:83:39:c8:8b:b2:1f:13:2b:ba:5d:70:d8:3c:bf:ca:
12:4f:44:d7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQhQ/w6hotueBNQ+OFhGCccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjUwMTAxMDk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFhMjU4Njc5NjgwNjYzZGMxZGU4ODUxNTNiYzI3YWJkY2ZlY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPKba4ykEga23HAIvSzerYARou/4
6VTsvDnoDl8bUAoExGoeQN1MGtufe511/6e+0GT386j9S/Qqfo9d/XY5WYXpWCdb
7BgsDWpRupIlTVyM+XXwehv93BFNPbH/bw6w1cFLUw9ZQzBYGzzi5R0dI7/0sCOc
B1D/aFccZVLaPMYJK2ECXVlk0qATfuat+D9hBDAa3LVuSJTm+CusF0yKkwIZ6ZX1
4RLhcrd527QMrQLyOmqGooSLdEvfZaAlQBXYbLJLJw+1VtiNgoF1R5pEUYuew51D
XXsRWpNJw8PcY0rHnKc3NBiblBlPezqoVGvEglFjIMDCsAnmZYA3+vgiawIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDgaJYZ5aAZj3B3ohRU7wnq9z+yhMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvT0JvbGhubG9CbVBjSGVpRkZUdkNlcjNQN0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJYt4AwQB
sq5uAwQCuUzYAwQBw4cMAwQEw4cwMA0EAgACMAcDBQMqBVzAMA0GCSqGSIb3DQEB
CwUAA4IBAQB8M+BFSzcL2EIjvOP1romZvaULZQ6yB021qFtcAuHI4YY+z5Qvh3wb
taC34XfT/iCEENQaCS9LSjt/EKD9b+YnP6ftEQCHUy+f1WP+uyAtEO4qsBVIyAJI
/NQ8lBN5RjwxIjtx4QjmwLh7yFDbhbd+4Otj4ZyqXaoQhZ0BCWdX8XgUnMCip3J3
IqrG2TDUY591rS6mo2zXs8gViiXbq3PZejn4mdsMcbKuq4dmnZu/LNNFpP2q32G7
7eTfBFx1SnbHoT5IVdsJFpauh0Nv958j2Ll/ZaGucZSk4que4ia6l1osyYd1dvp1
zsxCHpaDOciLsh8TK7pdcNg8v8oST0TX
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:42:39 2025 by rpki-client