Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/OzaQ_7kTZTHwoTTX2NN8mltJI-o.roa
File: OzaQ_7kTZTHwoTTX2NN8mltJI-o.roa (raw, json)
Hash identifier: 6dDv5MDRbhiqHG8v8VT7PwYWFlQ7ZjLoFXsl3qy3Gc8=
Subject key identifier: 3B:36:90:FF:B9:13:65:31:F0:A1:34:D7:D8:D3:7C:9A:5B:49:23:EA
Certificate issuer: /CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Certificate serial: 019424B32EFC6817AF93B2052C36C89C60C3
Authority key identifier: C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/OzaQ_7kTZTHwoTTX2NN8mltJI-o.roa
Signing time: Thu 02 Jan 2025 01:48:30 +0000
ROA not before: Thu 02 Jan 2025 01:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34594
IP address blocks: 5.39.128.0/19 maxlen: 19
5.43.160.0/19 maxlen: 19
37.60.128.0/21 maxlen: 21
37.205.96.0/20 maxlen: 20
80.80.48.0/20 maxlen: 24
85.114.32.0/19 maxlen: 19
85.114.32.0/20 maxlen: 20
85.114.33.0/24 maxlen: 24
89.17.0.0/19 maxlen: 19
89.201.128.0/17 maxlen: 17
89.201.175.0/24 maxlen: 24
95.178.128.0/17 maxlen: 17
151.252.208.0/21 maxlen: 21
151.252.224.0/19 maxlen: 19
151.252.224.0/20 maxlen: 20
176.222.32.0/20 maxlen: 20
185.10.40.0/22 maxlen: 22
185.18.60.0/22 maxlen: 22
2a02:ac8::/32 maxlen: 32
2a03:6100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:2e:fc:68:17:af:93:b2:05:2c:36:c8:9c:60:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Validity
Not Before: Jan 2 01:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b3690ffb9136531f0a134d7d8d37c9a5b4923ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c1:1b:d5:6f:e3:b9:11:47:5d:a4:81:b5:c5:
0e:b8:83:4e:f9:e0:67:20:84:b3:08:59:f8:74:18:
fb:79:d8:26:e2:9f:17:0e:d2:62:af:c7:3b:61:25:
25:56:d3:cc:ef:d4:43:6d:79:c9:7c:f4:b4:10:90:
f1:44:cf:16:75:35:ea:11:87:45:af:a9:a5:e6:fb:
90:5f:da:66:34:fc:00:a6:43:5d:39:2e:fd:6f:67:
76:c0:88:6f:8f:a4:7d:63:ad:07:95:11:f8:d7:74:
e8:12:f3:5e:02:62:84:08:17:5f:fb:5e:4e:fd:3d:
c9:61:19:a0:25:64:74:ba:05:e6:66:d3:45:40:20:
d5:56:c1:48:88:8d:0b:0e:0e:ac:eb:aa:a3:ee:3c:
e7:bc:3c:f0:bc:e7:9b:c1:d2:07:3f:ed:a7:0a:50:
db:0c:00:ea:84:16:d0:d9:9f:08:b9:2b:7d:e0:b1:
0e:96:59:d9:2d:9a:5e:fa:fe:81:e5:7f:e9:cc:3b:
24:6f:fd:34:dc:90:cf:ec:e5:75:e6:ab:2e:36:bf:
f3:01:15:b3:4f:4c:6f:43:28:0b:cb:83:65:b5:c6:
84:95:35:32:fe:97:32:28:80:4a:ca:3f:04:be:48:
ca:c5:cb:a6:b0:90:dd:68:e2:4d:2b:42:7f:07:fb:
fc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:36:90:FF:B9:13:65:31:F0:A1:34:D7:D8:D3:7C:9A:5B:49:23:EA
X509v3 Authority Key Identifier:
keyid:C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/OzaQ_7kTZTHwoTTX2NN8mltJI-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.128.0/19
5.43.160.0/19
37.60.128.0/21
37.205.96.0/20
80.80.48.0/20
85.114.32.0/19
89.17.0.0/19
89.201.128.0/17
95.178.128.0/17
151.252.208.0/21
151.252.224.0/19
176.222.32.0/20
185.10.40.0/22
185.18.60.0/22
IPv6:
2a02:ac8::/32
2a03:6100::/32
Signature Algorithm: sha256WithRSAEncryption
a2:de:1f:07:ad:08:1b:40:37:8f:ed:21:cf:a3:26:ef:2d:26:
da:6e:3b:89:9e:7a:03:4c:cf:ca:13:46:29:50:d6:b9:7c:bf:
2b:b3:cd:fc:7b:31:e2:af:7a:93:cf:ac:43:f2:a2:3f:6e:57:
43:e3:3f:64:e5:64:51:e9:40:c1:e5:8b:44:d5:a4:0e:1e:0c:
e2:b4:be:99:8b:a4:b3:05:47:26:37:a2:38:18:02:e7:75:8f:
10:59:7d:99:a8:52:be:98:50:a1:94:d4:f3:14:99:df:e0:94:
eb:92:aa:d1:60:09:89:b5:1e:33:f6:27:61:d8:5b:aa:e5:eb:
b7:5c:9e:d9:c6:92:25:c5:24:b6:d7:ee:2e:7c:b7:12:66:5b:
2e:f7:6f:c9:a8:22:39:c7:f0:47:e4:6c:3d:81:e1:4e:c3:5f:
b4:5a:0c:c9:8d:2f:6e:93:82:25:33:22:de:f5:5a:b9:b4:a5:
ee:41:33:75:49:9b:dc:1d:47:6d:89:4a:2b:7a:77:e8:16:d4:
4c:f2:1c:f2:01:70:ae:4c:7a:f7:a2:a7:7a:af:0a:1d:36:38:
2d:cf:0a:b3:f5:d8:d1:01:a7:a2:1a:c9:80:57:ef:b4:8e:82:
99:b0:c2:3e:dd:83:6d:27:1f:3f:0d:1b:5a:a2:75:bc:cb:e5:
7b:a1:57:c6
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZQksy78aBevk7IFLDbInGDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNGQ1YmQzY2VlYWFiMDc4NmNlMTUxYTMxNzhkYWRjMTA3
YmYyODAwHhcNMjUwMTAyMDE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjM2OTBmZmI5MTM2NTMxZjBhMTM0ZDdkOGQzN2M5YTViNDkyM2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcEb1W/juRFHXaSBtcUOuINO+eBn
IISzCFn4dBj7edgm4p8XDtJir8c7YSUlVtPM79RDbXnJfPS0EJDxRM8WdTXqEYdF
r6ml5vuQX9pmNPwApkNdOS79b2d2wIhvj6R9Y60HlRH413ToEvNeAmKECBdf+15O
/T3JYRmgJWR0ugXmZtNFQCDVVsFIiI0LDg6s66qj7jznvDzwvOebwdIHP+2nClDb
DADqhBbQ2Z8IuSt94LEOllnZLZpe+v6B5X/pzDskb/003JDP7OV15qsuNr/zARWz
T0xvQygLy4NltcaElTUy/pcyKIBKyj8EvkjKxcumsJDdaOJNK0J/B/v8rwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFDs2kP+5E2Ux8KE019jTfJpbSSPqMB8GA1UdIwQY
MBaAFMJNW9PO6qsHhs4VGjF42twQe/KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEt
NDFkODIzMjlmMjZkLzEvT3phUV83a1RaVEh3b1RUWDJOTjhtbHRKSS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEtNDFkODIzMjlmMjZk
LzEvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEBQUngAME
BQUroAMEAyU8gAMEBCXNYAMEBFBQMAMEBVVyIAMEBVkRAAMEB1nJgAMEB1+ygAME
A5f80AMEBZf84AMEBLDeIAMEArkKKAMEArkSPDAUBAIAAjAOAwUAKgIKyAMFACoD
YQAwDQYJKoZIhvcNAQELBQADggEBAKLeHwetCBtAN4/tIc+jJu8tJtpuO4meegNM
z8oTRilQ1rl8vyuzzfx7MeKvepPPrEPyoj9uV0PjP2TlZFHpQMHli0TVpA4eDOK0
vpmLpLMFRyY3ojgYAud1jxBZfZmoUr6YUKGU1PMUmd/glOuSqtFgCYm1HjP2J2HY
W6rl67dcntnGkiXFJLbX7i58txJmWy73b8moIjnH8EfkbD2B4U7DX7RaDMmNL26T
giUzIt71Wrm0pe5BM3VJm9wdR22JSit6d+gW1EzyHPIBcK5Meveip3qvCh02OC3P
CrP12NEBp6IayYBX77SOgpmwwj7dg20nHz8NG1qidbzL5XuhV8Y=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:59:39 2025 by rpki-client