Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/Os6xDD1H4LsrEU2Pwmq0YT-o8IM.roa
File: Os6xDD1H4LsrEU2Pwmq0YT-o8IM.roa (raw, json)
Hash identifier: 9WTAK5WFdauUxfw4Aw74xq8JjOOgRjy/Qe/px+Cijao=
Subject key identifier: 3A:CE:B1:0C:3D:47:E0:BB:2B:11:4D:8F:C2:6A:B4:61:3F:A8:F0:83
Certificate issuer: /CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Certificate serial: 019420D5F382E3F4A29069F72E50118220A7
Authority key identifier: 48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/Os6xDD1H4LsrEU2Pwmq0YT-o8IM.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203596
IP address blocks: 193.108.216.0/24 maxlen: 24
193.109.0.0/24 maxlen: 24
193.109.1.0/24 maxlen: 24
193.109.2.0/24 maxlen: 24
193.109.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f3:82:e3:f4:a2:90:69:f7:2e:50:11:82:20:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aceb10c3d47e0bb2b114d8fc26ab4613fa8f083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1f:2e:f9:7c:13:82:46:3e:20:b3:cd:7f:e7:
65:4d:12:ec:bc:96:8a:97:05:69:fc:84:ea:05:45:
e9:c2:03:cf:11:49:40:6e:4a:92:84:7a:e4:7b:c2:
cc:ee:ee:38:75:f3:61:7c:21:da:ab:6e:4d:d4:a9:
84:50:8f:22:f3:ed:ee:34:f4:93:03:72:71:ee:e9:
df:60:76:eb:4d:2b:46:56:b2:53:6b:52:50:3b:2f:
a2:99:cf:da:a9:48:a3:e0:06:d4:3f:04:6f:b6:34:
a9:00:23:22:d6:40:55:92:9a:bb:bc:f6:7f:5d:1b:
32:20:23:cd:f6:d5:85:1f:14:aa:c9:78:a5:27:78:
96:6b:fc:20:5a:6c:23:c0:10:e6:47:5b:ce:8e:38:
54:95:47:da:0b:44:1c:33:54:61:c8:98:1b:52:35:
fe:c0:ba:f2:5c:dd:d9:62:22:82:25:ae:c7:e3:25:
8d:6e:a2:c9:69:ee:f6:41:7d:55:6d:a9:22:26:f9:
69:72:b8:ad:4e:15:93:50:c1:f0:24:3e:ca:0b:5d:
c9:f9:9a:b8:4b:42:4c:03:59:78:c9:d7:e6:f8:ad:
ff:f8:01:a6:0c:09:87:3c:36:f5:1f:34:c0:4f:a8:
65:5f:eb:3e:dd:69:1d:e4:f9:cf:b8:ea:15:53:93:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CE:B1:0C:3D:47:E0:BB:2B:11:4D:8F:C2:6A:B4:61:3F:A8:F0:83
X509v3 Authority Key Identifier:
keyid:48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/Os6xDD1H4LsrEU2Pwmq0YT-o8IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.216.0/24
193.109.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:96:9d:61:c9:23:03:32:08:a0:10:e3:f0:76:db:e2:d4:66:
ea:49:43:02:eb:ce:d0:5e:5a:6c:71:82:9d:1f:e1:7f:72:90:
72:e3:c8:66:2e:82:7c:6f:de:90:51:91:4c:76:64:56:da:a8:
f6:b4:80:6f:27:c7:85:24:48:70:16:bb:28:d5:22:13:6a:f7:
01:17:d0:cd:b6:14:46:f7:37:f8:57:65:91:64:b2:5f:e6:24:
0b:d4:61:56:9b:12:1f:26:f0:0b:14:cf:8f:f7:10:aa:ff:5f:
5a:d8:a4:d3:2c:bc:0d:5a:6b:7f:21:97:65:7e:5b:81:50:27:
8e:d7:9e:c5:b4:36:2d:fd:20:d1:d5:3d:a9:64:3e:c5:40:f4:
93:e1:3c:71:3e:39:46:8a:63:92:a6:c9:08:15:01:9c:41:15:
4c:64:ea:e6:c6:54:2f:51:84:82:b3:4a:1f:fa:2e:e7:49:e6:
77:a7:25:d0:90:03:86:d0:97:39:45:bd:fd:00:ed:9f:21:30:
d8:03:6a:1a:30:b3:a3:1b:20:b6:ec:5f:9a:f0:ae:35:26:31:
bb:e5:5a:79:0d:c5:36:01:c8:fc:21:d2:fc:47:3c:8d:5d:8f:
0b:04:01:0f:cc:eb:5e:75:07:6e:80:9b:27:ea:92:0c:ff:43:
74:f3:9c:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1fOC4/SikGn3LlARgiCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Y2YzN2IzNjQ2ZmRhOTNjYmRkMGI4YWFjY2ZmZjMxM2E2
ZjcxOGYwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNlYjEwYzNkNDdlMGJiMmIxMTRkOGZjMjZhYjQ2MTNmYThmMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR8u+XwTgkY+ILPNf+dlTRLsvJaK
lwVp/ITqBUXpwgPPEUlAbkqShHrke8LM7u44dfNhfCHaq25N1KmEUI8i8+3uNPST
A3Jx7unfYHbrTStGVrJTa1JQOy+imc/aqUij4AbUPwRvtjSpACMi1kBVkpq7vPZ/
XRsyICPN9tWFHxSqyXilJ3iWa/wgWmwjwBDmR1vOjjhUlUfaC0QcM1RhyJgbUjX+
wLryXN3ZYiKCJa7H4yWNbqLJae72QX1VbakiJvlpcritThWTUMHwJD7KC13J+Zq4
S0JMA1l4ydfm+K3/+AGmDAmHPDb1HzTAT6hlX+s+3Wkd5PnPuOoVU5PGzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDrOsQw9R+C7KxFNj8JqtGE/qPCDMB8GA1UdIwQY
MBaAFEjPN7Nkb9qTy90LiqzP/zE6b3GPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQt
MTdlMzE1ODk1NGRhLzEvT3M2eEREMUg0THNyRVUyUHdtcTBZVC1vOElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQtMTdlMzE1ODk1NGRh
LzEvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWzYAwQC
wW0AMA0GCSqGSIb3DQEBCwUAA4IBAQColp1hySMDMgigEOPwdtvi1GbqSUMC687Q
XlpscYKdH+F/cpBy48hmLoJ8b96QUZFMdmRW2qj2tIBvJ8eFJEhwFrso1SITavcB
F9DNthRG9zf4V2WRZLJf5iQL1GFWmxIfJvALFM+P9xCq/19a2KTTLLwNWmt/IZdl
fluBUCeO157FtDYt/SDR1T2pZD7FQPST4TxxPjlGimOSpskIFQGcQRVMZOrmxlQv
UYSCs0of+i7nSeZ3pyXQkAOG0Jc5Rb39AO2fITDYA2oaMLOjGyC27F+a8K41JjG7
5Vp5DcU2Acj8IdL8RzyNXY8LBAEPzOtedQdugJsn6pIM/0N085yl
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:47:55 2025 by rpki-client