Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/1OpL7R1BVF30eYquogWaFw9Zjpg.roa
File: 1OpL7R1BVF30eYquogWaFw9Zjpg.roa (raw, json)
Hash identifier: 5HBfkLhlNjgyPTg16npPx/gVvuAnNfr9yckXUxVoyH8=
Subject key identifier: D4:EA:4B:ED:1D:41:54:5D:F4:79:8A:AE:A2:05:9A:17:0F:59:8E:98
Certificate issuer: /CN=923a2b3dd7667275f09886df7da079f755ceed59
Certificate serial: 01942068547480105CE14BF30D83523EA971
Authority key identifier: 92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/1OpL7R1BVF30eYquogWaFw9Zjpg.roa
Signing time: Wed 01 Jan 2025 05:48:15 +0000
ROA not before: Wed 01 Jan 2025 05:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207143
IP address blocks: 185.101.156.0/22 maxlen: 22
185.101.156.0/24 maxlen: 24
185.101.157.0/24 maxlen: 24
185.101.158.0/24 maxlen: 24
185.101.159.0/24 maxlen: 24
185.229.88.0/24 maxlen: 24
185.229.89.0/24 maxlen: 24
185.229.90.0/24 maxlen: 24
185.229.91.0/24 maxlen: 24
193.203.253.0/24 maxlen: 24
213.254.165.0/24 maxlen: 24
2a11:8b81::/32 maxlen: 32
2a11:8b82::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:54:74:80:10:5c:e1:4b:f3:0d:83:52:3e:a9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923a2b3dd7667275f09886df7da079f755ceed59
Validity
Not Before: Jan 1 05:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4ea4bed1d41545df4798aaea2059a170f598e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c8:42:ce:14:df:1c:2d:d4:74:78:5d:05:fb:
6e:ff:90:4e:dd:bd:03:69:59:c3:ac:fc:37:2f:df:
dc:49:18:40:73:ac:54:dd:07:c9:76:ee:26:92:7f:
89:97:77:27:ba:e3:0b:da:9e:bc:2c:9a:2f:15:a4:
50:0a:ab:a5:e8:25:64:39:3a:a1:4b:6c:5c:25:bc:
ce:44:d5:f0:3c:21:d5:67:7d:27:07:92:81:d5:7c:
13:4e:30:b2:95:26:6f:6d:9f:d6:79:eb:bb:1f:06:
d3:bd:5d:f4:d7:de:40:75:34:2f:03:e2:d7:2c:5b:
ff:90:98:f0:6f:82:01:fd:a3:a8:50:1d:42:6b:14:
56:b3:e2:62:1e:9e:d4:c1:01:33:be:be:07:54:a7:
6f:18:92:39:9d:72:20:62:34:ef:bc:77:da:85:46:
c1:e2:c1:15:af:ba:32:9f:b0:81:e9:51:30:01:3b:
0e:21:2d:d2:b8:91:7f:c3:78:7c:fc:eb:8f:bf:64:
85:7f:12:17:6a:bf:3f:7f:7b:d2:5d:47:14:c8:e3:
5b:e0:ff:f5:40:c8:73:ad:df:36:7a:48:a5:0a:9b:
3a:c5:ce:ff:ec:a9:98:2b:e6:ac:8f:1b:e7:4f:82:
af:db:af:dd:aa:71:1f:13:65:0e:7b:bb:40:f8:18:
e9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EA:4B:ED:1D:41:54:5D:F4:79:8A:AE:A2:05:9A:17:0F:59:8E:98
X509v3 Authority Key Identifier:
keyid:92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/1OpL7R1BVF30eYquogWaFw9Zjpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.156.0/22
185.229.88.0/22
193.203.253.0/24
213.254.165.0/24
IPv6:
2a11:8b81::-2a11:8b82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
00:08:da:96:97:03:17:a3:87:31:d4:ec:08:72:8b:91:c9:3a:
f9:65:52:ab:3e:aa:0b:c0:59:f3:70:da:ce:81:c8:bb:c7:29:
0c:6a:e9:f5:e1:de:a0:6f:8d:1c:2a:1f:17:f9:5c:9c:d5:8b:
2c:bc:09:a5:14:09:cd:27:a0:91:dc:6a:0b:8d:cb:38:a5:d1:
48:a2:05:48:c6:71:5b:5c:be:5b:b3:da:c7:5a:a3:34:d3:8c:
85:2d:77:77:1c:8f:5f:0d:76:d4:a8:cf:d4:e3:6d:d3:1b:69:
58:0c:c8:6e:72:43:a8:8a:bb:24:ae:63:cb:c1:0f:93:07:7a:
8a:9c:99:69:5e:11:0a:9d:d6:0c:c9:e4:16:ed:58:e4:14:65:
e9:3e:84:45:39:3b:11:3a:6f:87:e9:44:9a:42:8a:ad:cc:2d:
30:f7:3b:14:74:85:9c:2a:e1:ea:aa:07:b7:a0:43:e1:00:7d:
34:a1:6d:b6:63:ee:68:c0:5c:56:9c:01:06:1e:a4:3b:b0:15:
89:cb:99:46:66:99:92:c6:98:87:5e:87:2f:93:96:04:5d:d3:
15:a1:07:02:00:74:3f:23:71:14:d9:32:55:7d:f8:03:2c:ef:
81:08:92:c6:bb:d1:43:81:78:27:99:49:2a:fe:cb:c1:2b:c3:
8d:25:20:d4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQgaFR0gBBc4UvzDYNSPqlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyM2EyYjNkZDc2NjcyNzVmMDk4ODZkZjdkYTA3OWY3NTVj
ZWVkNTkwHhcNMjUwMTAxMDU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGVhNGJlZDFkNDE1NDVkZjQ3OThhYWVhMjA1OWExNzBmNTk4ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApchCzhTfHC3UdHhdBftu/5BO3b0D
aVnDrPw3L9/cSRhAc6xU3QfJdu4mkn+Jl3cnuuML2p68LJovFaRQCqul6CVkOTqh
S2xcJbzORNXwPCHVZ30nB5KB1XwTTjCylSZvbZ/Weeu7HwbTvV30195AdTQvA+LX
LFv/kJjwb4IB/aOoUB1CaxRWs+JiHp7UwQEzvr4HVKdvGJI5nXIgYjTvvHfahUbB
4sEVr7oyn7CB6VEwATsOIS3SuJF/w3h8/OuPv2SFfxIXar8/f3vSXUcUyONb4P/1
QMhzrd82ekilCps6xc7/7KmYK+asjxvnT4Kv26/dqnEfE2UOe7tA+BjplwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNTqS+0dQVRd9HmKrqIFmhcPWY6YMB8GA1UdIwQY
MBaAFJI6Kz3XZnJ18JiG332gefdVzu1ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjkt
MjczOGJjYjQzZDZkLzEvMU9wTDdSMUJWRjMwZVlxdW9nV2FGdzlaanBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjktMjczOGJjYjQzZDZk
LzEva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCuWWcAwQC
ueVYAwQAwcv9AwQA1f6lMBYEAgACMBAwDgMFACoRi4EDBQAqEYuCMA0GCSqGSIb3
DQEBCwUAA4IBAQAACNqWlwMXo4cx1OwIcouRyTr5ZVKrPqoLwFnzcNrOgci7xykM
aun14d6gb40cKh8X+Vyc1YssvAmlFAnNJ6CR3GoLjcs4pdFIogVIxnFbXL5bs9rH
WqM004yFLXd3HI9fDXbUqM/U423TG2lYDMhuckOoirskrmPLwQ+TB3qKnJlpXhEK
ndYMyeQW7VjkFGXpPoRFOTsROm+H6USaQoqtzC0w9zsUdIWcKuHqqge3oEPhAH00
oW22Y+5owFxWnAEGHqQ7sBWJy5lGZpmSxpiHXocvk5YEXdMVoQcCAHQ/I3EU2TJV
ffgDLO+BCJLGu9FDgXgnmUkq/svBK8ONJSDU
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:38:37 2025 by rpki-client