Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/A-NOF7ohtTs1o9WlPoOPsTVZ7Bw.roa
File: A-NOF7ohtTs1o9WlPoOPsTVZ7Bw.roa (raw, json)
Hash identifier: bAV/oPbKXx/XbZWBMSjE+ura/jfib94IELlpZdTWAK0=
Subject key identifier: 03:E3:4E:17:BA:21:B5:3B:35:A3:D5:A5:3E:83:8F:B1:35:59:EC:1C
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 019423D77C6B99C67CED9C027A502F6637E9
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/A-NOF7ohtTs1o9WlPoOPsTVZ7Bw.roa
Signing time: Wed 01 Jan 2025 21:48:31 +0000
ROA not before: Wed 01 Jan 2025 21:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24921
IP address blocks: 81.198.189.0/24 maxlen: 24
87.246.168.0/24 maxlen: 24
87.246.169.0/24 maxlen: 24
87.246.170.0/24 maxlen: 24
87.246.171.0/24 maxlen: 24
194.8.22.0/24 maxlen: 24
213.175.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:7c:6b:99:c6:7c:ed:9c:02:7a:50:2f:66:37:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Jan 1 21:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03e34e17ba21b53b35a3d5a53e838fb13559ec1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:12:9c:86:6c:6a:a0:6a:1c:0d:ab:7d:a6:d3:
c8:2b:0b:43:15:b0:79:91:29:26:bc:c1:b5:1c:b1:
75:6f:e3:60:c1:6f:d5:34:99:be:15:15:97:8f:af:
3c:f5:8a:09:ec:8f:97:36:37:3f:8e:de:31:4d:02:
fc:11:92:03:ca:0d:01:fd:70:e7:7e:da:26:88:54:
c5:4e:1a:cd:35:fd:09:cf:db:34:52:9f:1f:b8:74:
3e:c9:92:6e:ac:f8:03:8d:19:75:c0:31:93:5f:bb:
e3:bb:76:e1:ed:0f:6d:a0:1b:75:f4:a2:a8:90:ec:
5f:74:b9:bf:27:f8:09:f7:d8:8e:80:1b:b6:f6:cd:
7c:f7:34:ee:a5:34:37:ef:49:e9:af:e8:32:de:d5:
75:a8:43:4e:3c:43:db:dc:00:12:41:ba:47:cc:6c:
c1:bc:62:2a:fb:d0:df:55:88:3e:55:8b:b3:c9:fc:
84:f2:4f:a8:aa:66:2c:20:06:9a:63:ca:f1:92:38:
e6:5f:a2:1b:f5:59:f6:29:6f:e6:07:39:99:b4:60:
bd:ed:1d:14:ff:6b:b2:46:a8:61:8b:36:a0:2a:bd:
77:bd:7d:55:df:a2:15:7a:50:e7:d3:2d:b0:0c:9b:
72:da:a6:7a:b5:5b:2e:50:b0:ad:13:01:d9:ee:8f:
b6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E3:4E:17:BA:21:B5:3B:35:A3:D5:A5:3E:83:8F:B1:35:59:EC:1C
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/A-NOF7ohtTs1o9WlPoOPsTVZ7Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.198.189.0/24
87.246.168.0/22
194.8.22.0/24
213.175.79.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:65:b7:a8:25:eb:4a:8c:b4:4f:0f:64:e2:d6:c8:19:2f:0b:
84:16:98:5b:aa:ec:71:16:5e:df:e6:8a:87:b7:76:33:2b:4d:
9b:6d:26:41:8b:b6:eb:a8:f5:fe:d0:03:46:11:33:33:6e:04:
d0:51:1c:ec:29:de:73:a9:7a:c1:25:2e:54:d6:53:c5:64:04:
34:51:c8:50:52:9f:56:f4:70:20:d0:2f:a5:40:b6:28:a0:83:
b3:4a:7b:a6:51:62:fc:f4:4b:6c:57:3e:2f:4c:27:bb:18:a1:
a8:81:19:63:48:ce:24:2f:58:e3:0a:98:22:de:8e:82:d3:0b:
76:60:ad:2d:3e:70:fb:84:54:31:fc:36:d6:b5:a1:6e:1e:d0:
81:a0:bd:2c:3a:29:5d:6e:26:78:7b:d7:70:ea:34:42:3b:f5:
23:9f:a7:e9:99:b1:82:79:49:40:cd:f0:5c:04:41:4d:13:94:
5e:86:6e:8f:3f:e9:5e:11:33:81:f9:32:38:89:9c:c7:30:5d:
86:49:48:e6:b8:93:d3:bf:18:4d:5e:bd:05:3c:ba:57:b9:62:
85:8f:fe:ba:59:40:61:ac:5f:18:02:d4:cb:c7:b4:74:3a:b0:
98:9f:12:4e:45:44:5e:45:c3:6d:13:bf:91:bc:1c:fe:8d:4b:
33:29:1d:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj13xrmcZ87ZwCelAvZjfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjUwMTAxMjE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2UzNGUxN2JhMjFiNTNiMzVhM2Q1YTUzZTgzOGZiMTM1NTllYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRKchmxqoGocDat9ptPIKwtDFbB5
kSkmvMG1HLF1b+NgwW/VNJm+FRWXj6889YoJ7I+XNjc/jt4xTQL8EZIDyg0B/XDn
ftomiFTFThrNNf0Jz9s0Up8fuHQ+yZJurPgDjRl1wDGTX7vju3bh7Q9toBt19KKo
kOxfdLm/J/gJ99iOgBu29s189zTupTQ370npr+gy3tV1qENOPEPb3AASQbpHzGzB
vGIq+9DfVYg+VYuzyfyE8k+oqmYsIAaaY8rxkjjmX6Ib9Vn2KW/mBzmZtGC97R0U
/2uyRqhhizagKr13vX1V36IVelDn0y2wDJty2qZ6tVsuULCtEwHZ7o+2SQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAPjThe6IbU7NaPVpT6Dj7E1WewcMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvQS1OT0Y3b2h0VHMxbzlXbFBvT1BzVFZaN0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUca9AwQC
V/aoAwQAwggWAwQA1a9PMA0GCSqGSIb3DQEBCwUAA4IBAQA8ZbeoJetKjLRPD2Ti
1sgZLwuEFphbquxxFl7f5oqHt3YzK02bbSZBi7brqPX+0ANGETMzbgTQURzsKd5z
qXrBJS5U1lPFZAQ0UchQUp9W9HAg0C+lQLYooIOzSnumUWL89EtsVz4vTCe7GKGo
gRljSM4kL1jjCpgi3o6C0wt2YK0tPnD7hFQx/DbWtaFuHtCBoL0sOildbiZ4e9dw
6jRCO/Ujn6fpmbGCeUlAzfBcBEFNE5Rehm6PP+leETOB+TI4iZzHMF2GSUjmuJPT
vxhNXr0FPLpXuWKFj/66WUBhrF8YAtTLx7R0OrCYnxJORUReRcNtE7+RvBz+jUsz
KR0x
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:00 2025 by rpki-client