Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/OST4PzA3ppU9tim3_KfBBcrqcgQ.roa
File: OST4PzA3ppU9tim3_KfBBcrqcgQ.roa (raw, json)
Hash identifier: 7aAkIwPTKpTiRriNWV3feZU6/0BHu+h2F1+5PEi7g88=
Subject key identifier: 39:24:F8:3F:30:37:A6:95:3D:B6:29:B7:FC:A7:C1:05:CA:EA:72:04
Certificate issuer: /CN=391c5d3331145ec8e271876f8042207b9d00cb64
Certificate serial: 019428237FA65E0D2AA64B7B7AD3F071E2AA
Authority key identifier: 39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/OST4PzA3ppU9tim3_KfBBcrqcgQ.roa
Signing time: Thu 02 Jan 2025 17:50:02 +0000
ROA not before: Thu 02 Jan 2025 17:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204352
IP address blocks: 185.249.104.0/24 maxlen: 24
185.249.105.0/24 maxlen: 24
185.249.106.0/24 maxlen: 24
185.249.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:7f:a6:5e:0d:2a:a6:4b:7b:7a:d3:f0:71:e2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391c5d3331145ec8e271876f8042207b9d00cb64
Validity
Not Before: Jan 2 17:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3924f83f3037a6953db629b7fca7c105caea7204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d7:7a:40:c0:2b:04:04:a0:e4:2a:2e:25:28:
71:06:af:27:72:ad:1d:3d:00:56:d8:93:ce:c1:66:
aa:a2:8a:cf:a3:39:73:79:95:18:53:5d:ff:c9:9f:
97:58:88:e0:8c:76:c1:ff:41:67:23:98:96:49:9a:
62:3d:93:a6:52:92:ca:40:91:2f:68:51:5b:89:fe:
14:34:8d:06:85:e6:c7:0d:91:ed:ac:a4:83:13:35:
e7:2d:64:6d:92:01:31:09:07:5a:28:a0:a5:17:7f:
bb:73:3a:76:5b:e8:39:d4:df:56:51:e6:14:dd:fa:
1b:c6:0c:25:bd:d3:99:a8:42:52:93:65:47:28:d9:
3a:0a:de:08:bf:55:39:c0:6c:ac:ef:20:35:5a:6b:
dd:0c:a5:ff:14:07:a1:33:09:40:ad:c6:8d:d2:ea:
40:31:ed:65:21:8e:05:6b:50:f9:d1:e3:3c:fd:1d:
9c:0a:3a:49:6a:fe:50:31:30:2a:ce:a6:21:3d:1a:
f2:94:66:13:2d:7e:a6:d0:35:9c:b6:e6:f7:f1:9c:
80:f0:f9:99:24:c7:2e:b8:41:c6:a2:25:76:43:26:
b3:35:48:7e:ac:fb:e4:05:e1:e4:60:85:33:aa:a6:
4a:ad:00:9d:4e:3c:7b:d0:c2:32:ab:f7:b5:c3:49:
5c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:24:F8:3F:30:37:A6:95:3D:B6:29:B7:FC:A7:C1:05:CA:EA:72:04
X509v3 Authority Key Identifier:
keyid:39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/OST4PzA3ppU9tim3_KfBBcrqcgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.104.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:85:2e:51:90:23:f3:e3:91:43:35:f3:2d:fe:13:f3:3a:31:
57:80:d9:a7:0a:ef:79:2f:8e:28:a1:83:a4:f7:7f:46:63:0e:
4c:bc:76:de:32:54:76:9f:2f:e2:15:77:62:a5:4a:b5:f5:d9:
5f:cb:4f:04:93:ab:c0:a9:4e:05:3f:6b:8a:c5:d7:92:66:94:
c9:16:66:09:12:e3:20:40:c8:43:43:76:5d:fb:6f:4a:1d:67:
e2:dc:2d:40:15:50:67:bf:fa:33:c7:74:4d:ad:3a:ac:4f:46:
a2:67:09:99:62:05:19:29:35:a5:fb:6d:9a:0d:38:28:57:61:
f7:77:2f:5f:9c:4b:8a:ef:10:0d:9b:01:da:a0:17:74:55:8b:
25:db:ad:fa:b6:4d:47:1b:0d:38:43:bc:1f:bf:ba:94:0b:87:
c8:5c:5e:83:1d:41:3c:27:92:e5:39:58:00:c3:34:9d:9f:20:
e1:68:fc:9b:de:83:45:7a:0c:6f:a5:89:fe:ba:ac:cd:5e:98:
ca:e8:3a:f7:16:a3:38:ea:26:51:e7:f4:93:a6:0b:46:c2:83:
b8:44:24:5a:d0:39:42:45:13:6a:48:fe:fc:34:09:3f:4a:5c:
6c:8b:4c:28:c4:ca:f0:b6:7f:eb:1d:42:76:d4:25:ab:79:cf:
18:c4:6f:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI3+mXg0qpkt7etPwceKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWM1ZDMzMzExNDVlYzhlMjcxODc2ZjgwNDIyMDdiOWQw
MGNiNjQwHhcNMjUwMTAyMTc1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTI0ZjgzZjMwMzdhNjk1M2RiNjI5YjdmY2E3YzEwNWNhZWE3MjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29d6QMArBASg5CouJShxBq8ncq0d
PQBW2JPOwWaqoorPozlzeZUYU13/yZ+XWIjgjHbB/0FnI5iWSZpiPZOmUpLKQJEv
aFFbif4UNI0GhebHDZHtrKSDEzXnLWRtkgExCQdaKKClF3+7czp2W+g51N9WUeYU
3fobxgwlvdOZqEJSk2VHKNk6Ct4Iv1U5wGys7yA1WmvdDKX/FAehMwlArcaN0upA
Me1lIY4Fa1D50eM8/R2cCjpJav5QMTAqzqYhPRrylGYTLX6m0DWctub38ZyA8PmZ
JMcuuEHGoiV2QyazNUh+rPvkBeHkYIUzqqZKrQCdTjx70MIyq/e1w0lcrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkk+D8wN6aVPbYpt/ynwQXK6nIEMB8GA1UdIwQY
MBaAFDkcXTMxFF7I4nGHb4BCIHudAMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAt
Y2EzMzUwZTc2MGNiLzEvT1NUNFB6QTNwcFU5dGltM19LZkJCY3JxY2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAtY2EzMzUwZTc2MGNi
LzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufloMA0G
CSqGSIb3DQEBCwUAA4IBAQCdhS5RkCPz45FDNfMt/hPzOjFXgNmnCu95L44ooYOk
939GYw5MvHbeMlR2ny/iFXdipUq19dlfy08Ek6vAqU4FP2uKxdeSZpTJFmYJEuMg
QMhDQ3Zd+29KHWfi3C1AFVBnv/ozx3RNrTqsT0aiZwmZYgUZKTWl+22aDTgoV2H3
dy9fnEuK7xANmwHaoBd0VYsl2636tk1HGw04Q7wfv7qUC4fIXF6DHUE8J5LlOVgA
wzSdnyDhaPyb3oNFegxvpYn+uqzNXpjK6Dr3FqM46iZR5/STpgtGwoO4RCRa0DlC
RRNqSP78NAk/Slxsi0woxMrwtn/rHUJ21CWrec8YxG+3
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:07:18 2025 by rpki-client