Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/IrOGMjJzSsxiOBejutDOAxKRoUo.roa
File: IrOGMjJzSsxiOBejutDOAxKRoUo.roa (raw, json)
Hash identifier: kvcrQugm0UPSDr1KxH+T4ZHLmAOJ12WvTXhYyyQkt5Q=
Subject key identifier: 22:B3:86:32:32:73:4A:CC:62:38:17:A3:BA:D0:CE:03:12:91:A1:4A
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 01941FFA8026B090D9CCAD26B6DF4A2C368B
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/IrOGMjJzSsxiOBejutDOAxKRoUo.roa
Signing time: Wed 01 Jan 2025 03:48:17 +0000
ROA not before: Wed 01 Jan 2025 03:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51115
IP address blocks: 81.161.98.0/23 maxlen: 24
178.248.232.0/21 maxlen: 24
185.65.148.0/22 maxlen: 24
185.94.108.0/22 maxlen: 24
195.43.92.0/23 maxlen: 24
195.43.92.0/24 maxlen: 24
2a03:70c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:80:26:b0:90:d9:cc:ad:26:b6:df:4a:2c:36:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Jan 1 03:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22b3863232734acc623817a3bad0ce031291a14a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d8:da:32:48:80:c7:5e:26:a0:98:54:c4:a3:
57:19:de:5a:2f:eb:67:f6:ac:0c:76:9f:67:7c:97:
42:d0:32:04:a1:7c:52:5f:b8:37:04:99:ce:0f:9b:
49:5c:8d:4f:89:16:0a:42:4c:79:18:ea:c8:5d:78:
8a:da:66:b4:b2:b4:73:26:14:11:33:7a:7c:65:e4:
d4:86:9e:ef:43:1c:71:62:28:01:c4:ba:11:01:f1:
83:f1:eb:1a:b6:b1:d3:07:e2:23:05:9e:c6:95:eb:
5a:cd:07:e8:45:4c:f6:67:0a:42:66:c3:25:90:6b:
75:1f:5d:43:f3:14:89:b8:b6:70:68:d8:67:a8:37:
1e:54:1b:ef:cd:66:01:1a:4f:66:7e:fe:c6:d0:bd:
24:3d:f6:ed:4b:10:90:00:a3:9b:64:8e:f3:20:c3:
3a:8d:51:14:c3:25:cc:a2:8e:0f:cf:d1:b8:53:02:
3e:67:52:51:d7:f8:f9:51:fa:2a:4a:2a:8a:70:2f:
7a:54:c7:44:22:a4:32:76:ec:dd:88:c0:3e:46:a2:
33:8f:d1:11:91:6d:47:a9:34:73:23:e0:8e:86:5e:
88:a7:cb:51:28:9f:74:98:48:7c:60:90:82:4c:31:
41:da:41:88:82:e5:09:10:a5:e0:41:8d:e9:63:f9:
59:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B3:86:32:32:73:4A:CC:62:38:17:A3:BA:D0:CE:03:12:91:A1:4A
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/IrOGMjJzSsxiOBejutDOAxKRoUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.98.0/23
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
195.43.92.0/23
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
31:e4:37:9a:d6:f0:53:11:e8:cf:38:fe:5f:53:b0:54:51:a8:
ba:64:db:0f:78:4d:5f:76:2f:0d:5e:84:91:7e:3f:8c:98:eb:
60:f8:81:43:e9:e2:68:a6:6a:b4:b5:e7:a9:10:0d:41:3f:99:
5f:86:b7:9e:35:36:56:5f:99:bf:4a:24:b4:2b:8b:be:40:cf:
b7:0f:c9:11:c7:e4:2b:01:dd:29:5b:4f:e1:df:7e:9d:df:20:
0e:05:ce:3e:85:1e:08:16:9b:24:25:b5:7d:d4:db:57:da:a8:
1c:1c:04:16:5a:72:6c:77:29:9e:ad:23:e8:04:9c:6f:c1:b9:
78:6a:78:99:db:79:93:99:16:d4:e7:fa:95:67:fb:3f:6e:32:
6e:0c:ac:95:42:72:a3:8e:0f:58:17:26:b4:f5:96:0b:e5:ca:
a6:c2:7e:25:04:b9:d5:66:01:c6:a2:06:cc:1f:4b:98:70:bf:
3b:55:47:57:55:ac:b9:d2:06:d0:a7:f0:58:ea:3a:48:98:18:
da:c6:1c:85:83:a3:45:f1:48:67:52:f9:f4:ac:cb:d6:08:d8:
d4:f6:92:1b:f5:01:1f:ae:60:fd:97:84:13:7c:f2:37:1e:7e:
e8:7d:51:75:e3:c8:db:bd:a3:f7:0a:7b:01:b3:a5:24:64:15:
37:b8:fd:a7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQf+oAmsJDZzK0mtt9KLDaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjUwMTAxMDM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmIzODYzMjMyNzM0YWNjNjIzODE3YTNiYWQwY2UwMzEyOTFhMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdjaMkiAx14moJhUxKNXGd5aL+tn
9qwMdp9nfJdC0DIEoXxSX7g3BJnOD5tJXI1PiRYKQkx5GOrIXXiK2ma0srRzJhQR
M3p8ZeTUhp7vQxxxYigBxLoRAfGD8esatrHTB+IjBZ7GletazQfoRUz2ZwpCZsMl
kGt1H11D8xSJuLZwaNhnqDceVBvvzWYBGk9mfv7G0L0kPfbtSxCQAKObZI7zIMM6
jVEUwyXMoo4Pz9G4UwI+Z1JR1/j5UfoqSiqKcC96VMdEIqQyduzdiMA+RqIzj9ER
kW1HqTRzI+COhl6Ip8tRKJ90mEh8YJCCTDFB2kGIguUJEKXgQY3pY/lZNwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCKzhjIyc0rMYjgXo7rQzgMSkaFKMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvSXJPR01qSnpTc3hpT0JlanV0RE9BeEtSb1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBUaFiAwQD
svjoAwQCuUGUAwQCuV5sAwQBwytcMA0EAgACMAcDBQAqA3DAMA0GCSqGSIb3DQEB
CwUAA4IBAQAx5Dea1vBTEejPOP5fU7BUUai6ZNsPeE1fdi8NXoSRfj+MmOtg+IFD
6eJopmq0teepEA1BP5lfhreeNTZWX5m/SiS0K4u+QM+3D8kRx+QrAd0pW0/h336d
3yAOBc4+hR4IFpskJbV91NtX2qgcHAQWWnJsdymerSPoBJxvwbl4aniZ23mTmRbU
5/qVZ/s/bjJuDKyVQnKjjg9YFya09ZYL5cqmwn4lBLnVZgHGogbMH0uYcL87VUdX
Vay50gbQp/BY6jpImBjaxhyFg6NF8UhnUvn0rMvWCNjU9pIb9QEfrmD9l4QTfPI3
Hn7ofVF148jbvaP3CnsBs6UkZBU3uP2n
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:33:35 2025 by rpki-client