Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/OqLUCxtgxChqlU1u5DSrV7o7hUE.roa
File: OqLUCxtgxChqlU1u5DSrV7o7hUE.roa (raw, json)
Hash identifier: 137N4QJ5LT3R5FaNUW+c79pvczICoEGACd1IGeCfKGY=
Subject key identifier: 3A:A2:D4:0B:1B:60:C4:28:6A:95:4D:6E:E4:34:AB:57:BA:3B:85:41
Certificate issuer: /CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0
Certificate serial: 019424B3B7DAE62DC234BC52AC53BC73BAE4
Authority key identifier: 1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/OqLUCxtgxChqlU1u5DSrV7o7hUE.roa
Signing time: Thu 02 Jan 2025 01:49:05 +0000
ROA not before: Thu 02 Jan 2025 01:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2202
IP address blocks: 193.56.108.0/24 maxlen: 24
193.56.109.0/24 maxlen: 24
193.56.110.0/24 maxlen: 24
193.56.111.0/24 maxlen: 24
193.56.228.0/24 maxlen: 24
193.56.229.0/24 maxlen: 24
193.56.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b7:da:e6:2d:c2:34:bc:52:ac:53:bc:73:ba:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0
Validity
Not Before: Jan 2 01:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aa2d40b1b60c4286a954d6ee434ab57ba3b8541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1e:98:c4:2e:5e:51:d3:7d:52:a0:e1:a2:00:
0a:78:0d:1f:3d:03:35:99:c6:48:68:f6:7f:6c:71:
de:48:f6:6f:22:0d:32:f4:88:be:f2:1e:09:90:b4:
ed:bf:4a:be:24:bf:59:a4:e9:70:49:a3:2d:b4:bf:
cf:90:f2:c2:7b:27:e1:e4:77:17:18:15:7e:0c:a4:
bf:14:42:94:fb:55:0f:ea:4b:73:5b:00:87:3e:be:
85:32:c2:f8:f4:54:26:d1:68:50:67:3d:b8:f6:38:
c1:8b:16:f8:db:8b:14:e1:ff:ed:95:88:62:0b:5c:
10:04:3c:6c:12:7b:8a:0a:96:8e:86:d5:a9:fd:31:
be:f1:68:6a:53:e3:ba:c1:6a:ad:cc:0a:ee:a3:bb:
1b:b2:e4:f8:a0:6c:2a:94:30:fe:c3:1b:80:94:62:
31:85:e7:2d:66:4b:d7:ad:a9:8b:0e:50:94:13:04:
2b:3b:4e:a4:6a:55:4e:3f:08:b8:b7:1a:63:26:e3:
bc:14:4a:6c:19:38:93:d2:9d:f1:03:6c:20:e0:55:
58:76:c7:c3:4a:f1:ba:cf:be:c1:5d:87:ea:68:c5:
c6:63:f1:a7:cb:cc:18:4f:23:d3:52:a7:c1:a1:c1:
fc:ca:d9:c4:ad:c4:75:4a:63:74:16:ec:d5:59:63:
d0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A2:D4:0B:1B:60:C4:28:6A:95:4D:6E:E4:34:AB:57:BA:3B:85:41
X509v3 Authority Key Identifier:
keyid:1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/OqLUCxtgxChqlU1u5DSrV7o7hUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.108.0/22
193.56.228.0-193.56.230.255
Signature Algorithm: sha256WithRSAEncryption
14:76:8a:2d:93:fd:ab:4c:1c:1a:04:bb:78:71:ec:60:90:17:
db:c2:c2:5a:e9:e0:db:37:ba:8b:fa:9e:03:0f:13:95:cf:5f:
8b:46:14:52:ed:5c:9d:ce:dd:fa:b6:4d:e2:95:dc:dc:c3:8f:
5e:23:2a:85:59:c9:09:8e:73:ee:e2:f3:c8:4a:11:1d:41:7e:
f3:88:3e:cc:e7:5f:d2:91:b4:99:46:92:25:6b:62:c4:14:58:
a9:38:9a:52:04:60:5f:b2:1f:6f:06:d0:13:51:09:96:47:47:
f6:4f:01:9e:ad:b9:82:f0:6c:7e:ab:b2:17:ca:ba:89:d5:ba:
8f:2d:3a:a0:96:8c:fb:6a:57:67:7b:44:41:21:05:a1:67:06:
08:17:5a:37:65:9f:a0:13:21:7b:24:7d:09:41:b2:50:dc:17:
46:75:e9:71:3c:77:04:51:74:6c:be:d7:b6:4e:34:21:1e:67:
16:ba:b1:b6:cb:eb:e6:cc:31:2f:c2:1c:6b:60:f8:54:af:a0:
30:42:ae:68:2d:12:94:5f:1b:72:e1:0f:5c:69:89:d4:d5:69:
4e:c5:84:9a:57:88:85:60:30:9c:e0:5e:1b:6b:63:03:0d:a8:
26:82:47:8d:90:00:79:c0:fe:e0:a5:9c:36:92:c6:8e:60:11:
2e:bc:9c:7a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQks7fa5i3CNLxSrFO8c7rkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWM1MmYxNTUyZjZlYTBmMDY0ZDdhM2I3OWRiNWMxY2Yx
NjZiZDAwHhcNMjUwMTAyMDE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWEyZDQwYjFiNjBjNDI4NmE5NTRkNmVlNDM0YWI1N2JhM2I4NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0B6YxC5eUdN9UqDhogAKeA0fPQM1
mcZIaPZ/bHHeSPZvIg0y9Ii+8h4JkLTtv0q+JL9ZpOlwSaMttL/PkPLCeyfh5HcX
GBV+DKS/FEKU+1UP6ktzWwCHPr6FMsL49FQm0WhQZz249jjBixb424sU4f/tlYhi
C1wQBDxsEnuKCpaOhtWp/TG+8WhqU+O6wWqtzAruo7sbsuT4oGwqlDD+wxuAlGIx
hectZkvXramLDlCUEwQrO06kalVOPwi4txpjJuO8FEpsGTiT0p3xA2wg4FVYdsfD
SvG6z77BXYfqaMXGY/Gny8wYTyPTUqfBocH8ytnErcR1SmN0FuzVWWPQBQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDqi1AsbYMQoapVNbuQ0q1e6O4VBMB8GA1UdIwQY
MBaAFB0cUvFVL26g8GTXo7edtcHPFmvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjIt
MjAxZDVhOWJiOGFhLzEvT3FMVUN4dGd4Q2hxbFUxdTVEU3JWN283aFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjItMjAxZDVhOWJiOGFh
LzEvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCwThsMAwD
BALBOOQDBADBOOYwDQYJKoZIhvcNAQELBQADggEBABR2ii2T/atMHBoEu3hx7GCQ
F9vCwlrp4Ns3uov6ngMPE5XPX4tGFFLtXJ3O3fq2TeKV3NzDj14jKoVZyQmOc+7i
88hKER1BfvOIPsznX9KRtJlGkiVrYsQUWKk4mlIEYF+yH28G0BNRCZZHR/ZPAZ6t
uYLwbH6rshfKuonVuo8tOqCWjPtqV2d7REEhBaFnBggXWjdln6ATIXskfQlBslDc
F0Z16XE8dwRRdGy+17ZONCEeZxa6sbbL6+bMMS/CHGtg+FSvoDBCrmgtEpRfG3Lh
D1xpidTVaU7FhJpXiIVgMJzgXhtrYwMNqCaCR42QAHnA/uClnDaSxo5gES68nHo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:19 2025 by rpki-client