Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/S3gytHIiWuDnii46Cee6MjqDODU.roa
File: S3gytHIiWuDnii46Cee6MjqDODU.roa (raw, json)
Hash identifier: WjQ4G+4EZrW+UzIf8d/g5pUPAeGGv9rfo0G8Gxn9x1c=
Subject key identifier: 4B:78:32:B4:72:22:5A:E0:E7:8A:2E:3A:09:E7:BA:32:3A:83:38:35
Certificate issuer: /CN=0c202663de852c7060fdea0298b490d5edcc0f24
Certificate serial: 019423D76C87AF799534FDB1835AD6156A4D
Authority key identifier: 0C:20:26:63:DE:85:2C:70:60:FD:EA:02:98:B4:90:D5:ED:CC:0F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/S3gytHIiWuDnii46Cee6MjqDODU.roa
Signing time: Wed 01 Jan 2025 21:48:27 +0000
ROA not before: Wed 01 Jan 2025 21:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197036
IP address blocks: 178.23.152.0/21 maxlen: 24
185.19.240.0/22 maxlen: 24
185.228.20.0/22 maxlen: 24
195.28.192.0/19 maxlen: 24
213.173.48.0/22 maxlen: 24
2a02:21e8::/32 maxlen: 32
2a02:21e8:71::/48 maxlen: 48
2a09:2600::/29 maxlen: 29
2a0c:e600::/29 maxlen: 29
2a0c:e9c0::/29 maxlen: 29
2a0d:d040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:6c:87:af:79:95:34:fd:b1:83:5a:d6:15:6a:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c202663de852c7060fdea0298b490d5edcc0f24
Validity
Not Before: Jan 1 21:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b7832b472225ae0e78a2e3a09e7ba323a833835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4e:f9:1f:5a:4e:b1:f9:21:7f:86:cc:10:8d:
7f:b6:54:38:aa:8d:a1:44:d8:08:09:2f:8e:05:37:
b6:5e:08:c1:ad:e6:41:23:2f:03:3d:82:08:65:fe:
fa:a0:32:76:18:50:5c:84:95:57:07:d6:e4:d8:c3:
7b:79:6d:79:04:90:ba:43:0b:7a:1d:ba:99:d4:f9:
a9:ed:1b:e7:5d:1f:b6:be:43:ad:d2:2d:96:79:3a:
ad:75:87:39:cf:15:78:56:76:1d:26:fb:53:a2:57:
30:a1:1f:62:bf:20:55:8e:d3:4f:2e:14:32:ee:ac:
81:83:f2:e8:9f:e2:70:52:0a:53:b1:02:9a:1a:09:
65:ad:dc:f3:d0:d8:6b:01:00:24:25:85:07:fa:2b:
98:a1:ed:65:a6:d1:f0:ca:82:c8:fe:c5:ef:a1:35:
36:6d:bd:20:e4:d3:51:9a:c5:d0:3a:d0:73:f3:b6:
ce:4c:ea:19:7c:0b:07:ce:86:b3:89:2e:40:59:fc:
a8:c5:01:25:67:74:ec:41:92:38:01:19:63:7e:00:
d7:bb:af:da:cf:6b:69:e8:b7:61:96:af:1a:9a:27:
36:88:3a:7b:68:72:63:7a:62:2c:ba:61:8c:4d:8f:
a9:85:9e:7e:83:05:fc:ea:cc:1a:21:35:14:23:c0:
5a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:78:32:B4:72:22:5A:E0:E7:8A:2E:3A:09:E7:BA:32:3A:83:38:35
X509v3 Authority Key Identifier:
keyid:0C:20:26:63:DE:85:2C:70:60:FD:EA:02:98:B4:90:D5:ED:CC:0F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/S3gytHIiWuDnii46Cee6MjqDODU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.152.0/21
185.19.240.0/22
185.228.20.0/22
195.28.192.0/19
213.173.48.0/22
IPv6:
2a02:21e8::/32
2a09:2600::/29
2a0c:e600::/29
2a0c:e9c0::/29
2a0d:d040::/29
Signature Algorithm: sha256WithRSAEncryption
cf:43:a7:b2:27:fe:7a:4f:e2:d5:b8:60:53:9b:3b:7e:cb:d4:
1a:9b:d3:09:53:9e:d8:e3:ca:28:bb:df:da:0d:75:7d:49:d9:
15:6a:31:af:18:eb:e0:da:d8:9d:91:50:f9:d8:83:58:d5:fa:
ea:8e:27:1a:c0:99:d6:a9:52:c2:73:80:fc:19:36:39:17:6d:
7e:2c:f4:d9:60:42:a8:9a:59:2c:74:e5:e9:9c:06:bb:49:f8:
f5:ec:9c:5d:21:0a:75:5c:7c:d6:c8:c4:4d:ae:a4:55:dd:33:
78:56:b3:09:d5:e0:b9:01:36:72:d2:c2:29:2b:bd:11:6b:66:
7c:79:54:40:6d:fa:7b:96:e2:d8:40:76:f5:e4:82:38:c5:1f:
91:c0:60:8e:0a:89:88:8d:7c:19:51:81:22:fe:24:b1:20:24:
83:2b:a1:24:ef:db:0c:28:bb:8d:09:f0:1d:3c:3f:bd:e3:9a:
cb:f9:76:5d:bf:87:a9:4f:ef:e8:8b:7b:74:86:ac:a9:98:35:
93:11:fa:28:6e:43:2b:8e:dc:43:a0:20:eb:a9:d4:20:5d:6a:
d4:7d:ba:f0:8b:7e:04:74:f6:c9:1f:3e:3e:eb:9a:7c:a8:b8:
2d:6e:7b:d8:11:99:9c:9e:d5:a4:d6:ed:06:d0:03:ff:42:8e:
45:eb:cf:d1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZQj12yHr3mVNP2xg1rWFWpNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjAyNjYzZGU4NTJjNzA2MGZkZWEwMjk4YjQ5MGQ1ZWRj
YzBmMjQwHhcNMjUwMTAxMjE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc4MzJiNDcyMjI1YWUwZTc4YTJlM2EwOWU3YmEzMjNhODMzODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0k75H1pOsfkhf4bMEI1/tlQ4qo2h
RNgICS+OBTe2XgjBreZBIy8DPYIIZf76oDJ2GFBchJVXB9bk2MN7eW15BJC6Qwt6
HbqZ1Pmp7RvnXR+2vkOt0i2WeTqtdYc5zxV4VnYdJvtTolcwoR9ivyBVjtNPLhQy
7qyBg/Lon+JwUgpTsQKaGgllrdzz0NhrAQAkJYUH+iuYoe1lptHwyoLI/sXvoTU2
bb0g5NNRmsXQOtBz87bOTOoZfAsHzoaziS5AWfyoxQElZ3TsQZI4ARljfgDXu6/a
z2tp6Ldhlq8amic2iDp7aHJjemIsumGMTY+phZ5+gwX86swaITUUI8BaYQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFEt4MrRyIlrg54ouOgnnujI6gzg1MB8GA1UdIwQY
MBaAFAwgJmPehSxwYP3qApi0kNXtzA8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENBbVk5NkZMSEJnX2VvQ21MU1ExZTNNRHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wOTEwZTYtYzA3NC00MGQwLWI3ODkt
YTE3ODA0NDM5ODk1LzEvUzNneXRISWlXdURuaWk0NkNlZTZNanFET0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wOTEwZTYtYzA3NC00MGQwLWI3ODktYTE3ODA0NDM5ODk1
LzEvRENBbVk5NkZMSEJnX2VvQ21MU1ExZTNNRHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQDsheYAwQC
uRPwAwQCueQUAwQFwxzAAwQC1a0wMCkEAgACMCMDBQAqAiHoAwUDKgkmAAMFAyoM
5gADBQMqDOnAAwUDKg3QQDANBgkqhkiG9w0BAQsFAAOCAQEAz0Onsif+ek/i1bhg
U5s7fsvUGpvTCVOe2OPKKLvf2g11fUnZFWoxrxjr4NrYnZFQ+diDWNX66o4nGsCZ
1qlSwnOA/Bk2ORdtfiz02WBCqJpZLHTl6ZwGu0n49eycXSEKdVx81sjETa6kVd0z
eFazCdXguQE2ctLCKSu9EWtmfHlUQG36e5bi2EB29eSCOMUfkcBgjgqJiI18GVGB
Iv4ksSAkgyuhJO/bDCi7jQnwHTw/veOay/l2Xb+HqU/v6It7dIasqZg1kxH6KG5D
K47cQ6Ag66nUIF1q1H268It+BHT2yR8+PuuafKi4LW572BGZnJ7VpNbtBtAD/0KO
RevP0Q==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:40:08 2025 by rpki-client