Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/1-oPnzeRnS2wes3eHWFhju7Aog-g.roa
File: 1-oPnzeRnS2wes3eHWFhju7Aog-g.roa (raw, json)
Hash identifier: 0Z/IUXs4OK8CJd/fYdgboQWjbgJJCz+sIFSEwO7NpmA=
Subject key identifier: FA:83:E7:CD:E4:67:4B:6C:1E:B3:77:87:58:58:63:BB:B0:28:83:E8
Certificate issuer: /CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Certificate serial: 0194266BFD83914CBED22B406AE8F96C6374
Authority key identifier: A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/1-oPnzeRnS2wes3eHWFhju7Aog-g.roa
Signing time: Thu 02 Jan 2025 09:49:58 +0000
ROA not before: Thu 02 Jan 2025 09:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5466
IP address blocks: 51.171.0.0/16 maxlen: 16
62.77.160.0/19 maxlen: 19
82.141.192.0/18 maxlen: 18
83.70.0.0/15 maxlen: 15
83.174.160.0/19 maxlen: 19
86.40.0.0/13 maxlen: 24
95.44.0.0/15 maxlen: 15
159.134.0.0/16 maxlen: 24
185.57.112.0/22 maxlen: 22
194.106.128.0/19 maxlen: 19
194.125.128.0/18 maxlen: 18
194.125.192.0/19 maxlen: 19
195.7.32.0/19 maxlen: 19
213.94.128.0/17 maxlen: 17
213.190.128.0/19 maxlen: 19
217.183.0.0/16 maxlen: 16
2001:bb0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:fd:83:91:4c:be:d2:2b:40:6a:e8:f9:6c:63:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Validity
Not Before: Jan 2 09:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa83e7cde4674b6c1eb37787585863bbb02883e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:04:c3:5e:59:3e:99:4f:a3:48:81:a7:48:e3:
54:4d:24:63:24:fc:70:3b:ae:ab:25:82:f2:bd:4b:
3f:5a:d6:f8:4c:7c:c8:d7:e3:db:54:b8:bd:2c:10:
4a:cf:a5:dc:3e:f6:44:51:a3:0c:81:06:e8:69:44:
80:e1:06:89:4f:35:ca:4f:c8:1a:54:99:ec:ad:04:
4b:3a:71:35:69:a7:6b:ab:7c:ea:80:d2:f0:16:40:
38:34:2f:6c:57:b1:93:5d:a3:d4:b8:07:43:79:fc:
dd:e5:b4:44:10:21:2f:e9:86:49:68:24:28:3c:17:
8e:41:19:3b:64:51:64:68:10:ab:a8:ab:02:d4:7d:
ed:90:54:77:21:ea:83:b7:cb:6e:41:c0:00:3e:d5:
f6:0e:88:39:d7:f3:e4:4d:61:26:08:86:c1:09:d3:
7f:72:63:b7:07:33:ed:18:c1:9f:2d:93:11:e0:93:
0d:7e:e4:c5:8b:9b:59:b4:8b:60:0c:e2:d3:98:1b:
9e:91:60:4d:d8:c7:63:f8:6c:18:00:4b:49:3f:f8:
88:4c:81:c6:f0:a0:a2:05:26:00:02:55:3e:2c:a1:
c8:47:1a:7a:52:f7:c2:6c:da:ae:f9:d5:21:c7:eb:
0a:d1:38:c5:20:a2:e7:c3:f1:db:cc:30:8c:8d:73:
02:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:83:E7:CD:E4:67:4B:6C:1E:B3:77:87:58:58:63:BB:B0:28:83:E8
X509v3 Authority Key Identifier:
keyid:A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/1-oPnzeRnS2wes3eHWFhju7Aog-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.171.0.0/16
62.77.160.0/19
82.141.192.0/18
83.70.0.0/15
83.174.160.0/19
86.40.0.0/13
95.44.0.0/15
159.134.0.0/16
185.57.112.0/22
194.106.128.0/19
194.125.128.0-194.125.223.255
195.7.32.0/19
213.94.128.0/17
213.190.128.0/19
217.183.0.0/16
IPv6:
2001:bb0::/29
Signature Algorithm: sha256WithRSAEncryption
27:fa:7b:fa:a0:07:b3:61:f0:3a:1a:f2:02:61:ba:43:47:e9:
0f:28:ad:13:77:90:fe:1d:c7:61:2e:fd:8b:25:eb:88:76:fd:
d6:7f:25:7c:1e:bc:6d:82:5d:a6:02:46:08:20:14:9f:30:49:
a6:7c:6b:3e:dd:e6:2e:ea:ae:10:66:14:84:ae:f4:24:83:2d:
00:6f:42:55:bb:46:5d:91:9e:48:f6:a2:38:da:1a:f9:8e:9f:
ce:63:9e:ff:9a:e2:b5:9c:27:73:2a:b5:73:d4:10:d5:0d:b3:
a2:94:18:ee:4e:4d:0e:ed:28:2a:71:84:79:6e:16:d6:de:6d:
6a:b0:0a:34:ab:82:7d:01:2b:d2:0b:d7:28:18:95:e4:83:0f:
2f:ef:09:e6:c0:a7:ec:7a:cf:3c:7c:fb:5c:e8:07:69:64:df:
1f:2a:eb:c0:5d:01:13:f2:d8:fd:15:2c:a3:a2:ed:ec:b0:4e:
15:7f:df:3f:5c:48:16:1d:ae:48:2c:3c:71:b7:60:4f:49:04:
6d:05:57:d8:e6:7d:ce:d6:ea:ef:37:58:7e:1e:19:90:7b:36:
4a:99:7a:22:ee:51:90:fb:12:4e:3a:69:8c:e6:8f:1d:7b:64:
66:5a:ac:59:84:90:2d:cf:20:9d:53:51:c1:26:5a:cb:78:5c:
02:bf:18:fa
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZQma/2DkUy+0itAauj5bGN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZWQwYmE4YjQ2ZWYyNTFlNWEwNThhNjRhMjFiMzA3ZDM2
NTBkZGMwHhcNMjUwMTAyMDk0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTgzZTdjZGU0Njc0YjZjMWViMzc3ODc1ODU4NjNiYmIwMjg4M2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQTDXlk+mU+jSIGnSONUTSRjJPxw
O66rJYLyvUs/Wtb4THzI1+PbVLi9LBBKz6XcPvZEUaMMgQboaUSA4QaJTzXKT8ga
VJnsrQRLOnE1aadrq3zqgNLwFkA4NC9sV7GTXaPUuAdDefzd5bREECEv6YZJaCQo
PBeOQRk7ZFFkaBCrqKsC1H3tkFR3IeqDt8tuQcAAPtX2Dog51/PkTWEmCIbBCdN/
cmO3BzPtGMGfLZMR4JMNfuTFi5tZtItgDOLTmBuekWBN2Mdj+GwYAEtJP/iITIHG
8KCiBSYAAlU+LKHIRxp6UvfCbNqu+dUhx+sK0TjFIKLnw/HbzDCMjXMC4wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFPqD583kZ0tsHrN3h1hYY7uwKIPoMB8GA1UdIwQY
MBaAFKLtC6i0bvJR5aBYpkohswfTZQ3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3UwTHFMUnU4bEhsb0ZpbVNpR3pCOU5sRGR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81YmU4ZjctMWFkMC00NGJmLThiM2Ut
NzkxYzVhODUzOTBkLzEvMS1vUG56ZVJuUzJ3ZXMzZUhXRmhqdTdBb2ctZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTAvNWJlOGY3LTFhZDAtNDRiZi04YjNlLTc5MWM1YTg1Mzkw
ZC8xL291MExxTFJ1OGxIbG9GaW1TaUd6QjlObERkdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBhAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDAwAzqwME
BT5NoAMEBlKNwAMDAVNGAwQFU66gAwMDVigDAwFfLAMDAJ+GAwQCuTlwAwQFwmqA
MAwDBAfCfYADBAXCfcADBAXDByADBAfVXoADBAXVvoADAwDZtzANBAIAAjAHAwUD
IAELsDANBgkqhkiG9w0BAQsFAAOCAQEAJ/p7+qAHs2HwOhryAmG6Q0fpDyitE3eQ
/h3HYS79iyXriHb91n8lfB68bYJdpgJGCCAUnzBJpnxrPt3mLuquEGYUhK70JIMt
AG9CVbtGXZGeSPaiONoa+Y6fzmOe/5ritZwncyq1c9QQ1Q2zopQY7k5NDu0oKnGE
eW4W1t5tarAKNKuCfQEr0gvXKBiV5IMPL+8J5sCn7HrPPHz7XOgHaWTfHyrrwF0B
E/LY/RUso6Lt7LBOFX/fP1xIFh2uSCw8cbdgT0kEbQVX2OZ9ztbq7zdYfh4ZkHs2
Spl6Iu5RkPsSTjppjOaPHXtkZlqsWYSQLc8gnVNRwSZay3hcAr8Y+g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:05:04 2025 by rpki-client