Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/_Op4bSAp0gWDx4UfTJUc97va5qw.roa
File: _Op4bSAp0gWDx4UfTJUc97va5qw.roa (raw, json)
Hash identifier: tJEKSC7Hrru5HEiTFvhI8vLaAa+FAs4tPlo2cnkUBAA=
Subject key identifier: FC:EA:78:6D:20:29:D2:05:83:C7:85:1F:4C:95:1C:F7:BB:DA:E6:AC
Certificate issuer: /CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Certificate serial: 019424B3DFEFD3F1763C1362890D7F71F764
Authority key identifier: 30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/_Op4bSAp0gWDx4UfTJUc97va5qw.roa
Signing time: Thu 02 Jan 2025 01:49:15 +0000
ROA not before: Thu 02 Jan 2025 01:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198906
IP address blocks: 5.182.140.0/22 maxlen: 22
194.28.188.0/24 maxlen: 24
194.28.189.0/24 maxlen: 24
194.28.190.0/24 maxlen: 24
194.28.191.0/24 maxlen: 24
194.28.221.0/24 maxlen: 24
194.28.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:df:ef:d3:f1:76:3c:13:62:89:0d:7f:71:f7:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Validity
Not Before: Jan 2 01:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcea786d2029d20583c7851f4c951cf7bbdae6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:d8:bf:99:38:b7:4b:17:eb:82:a7:a0:05:
5b:1c:0d:cf:43:f6:b0:4e:22:de:e7:8e:11:c3:1e:
cc:90:73:6f:a9:76:c6:b1:88:68:70:2c:f5:75:d4:
cd:9f:ea:09:29:7b:b8:34:63:35:04:17:56:51:f1:
0c:2d:80:ac:49:9c:e4:ea:22:5e:ca:d0:17:15:92:
0f:8c:b2:0f:be:a8:ea:64:4a:c4:6b:5d:19:c9:09:
f9:21:c2:ee:79:ac:15:52:8f:01:ce:71:ef:98:33:
6f:eb:8e:93:da:e2:16:9c:ae:3f:f0:59:31:f6:c7:
91:03:7a:54:ca:19:0a:28:cd:70:c4:e4:41:3b:d3:
9f:f2:61:b9:7f:21:ff:29:8b:9d:7b:96:b8:b5:76:
98:49:45:e9:16:58:4e:8d:a2:82:fb:50:2a:77:e4:
98:56:7d:34:69:77:4a:b7:8c:14:37:c0:45:1b:8c:
68:52:13:48:7a:85:7a:84:b3:d6:9f:a6:4b:ad:c5:
a8:3c:e6:b8:0c:4b:3f:da:20:ae:7a:4d:3b:5e:1c:
ed:9c:c1:9d:12:19:8a:a1:7e:5f:d5:a1:9f:29:bf:
24:6e:94:c2:3d:59:55:4c:b0:7b:f3:f8:fd:30:e7:
1e:fd:32:ad:46:59:81:e0:33:7a:fe:b7:f8:29:bf:
40:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:EA:78:6D:20:29:D2:05:83:C7:85:1F:4C:95:1C:F7:BB:DA:E6:AC
X509v3 Authority Key Identifier:
keyid:30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/_Op4bSAp0gWDx4UfTJUc97va5qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.140.0/22
194.28.188.0/22
194.28.221.0-194.28.222.255
Signature Algorithm: sha256WithRSAEncryption
ce:c2:63:b4:b4:53:33:f8:44:58:2c:ae:bb:8a:61:4f:c2:2a:
29:e0:1a:a9:93:c0:d7:62:82:2e:50:12:6c:19:23:45:3a:65:
7d:cd:2f:39:5b:42:98:4e:12:7e:fb:0d:01:57:5c:f7:bc:de:
3e:c3:5c:b0:e7:ae:b6:8d:89:14:5b:2b:d3:c1:d8:d1:f3:48:
b3:c6:72:e2:a9:d4:31:e9:01:72:b6:19:c2:e3:14:df:84:71:
62:44:31:e9:a1:7e:14:cf:a5:11:b1:15:93:93:8f:47:ec:19:
fe:67:08:14:b3:7e:71:ea:d2:d6:ec:73:34:42:ae:c0:f4:b4:
6a:89:02:c4:f7:c4:93:1b:2b:2d:99:c9:35:b5:32:aa:f3:66:
19:7d:ed:90:ac:86:28:65:3d:1f:b7:63:65:70:49:47:e5:79:
9a:5c:cd:fa:a9:80:97:01:b1:96:2e:10:7f:4d:6e:3c:77:39:
7e:01:c8:fa:02:67:31:f8:a8:9e:30:5d:f8:6b:c6:4e:f3:1a:
9b:dc:19:34:c4:4b:76:d3:4d:c7:21:f6:1b:60:26:d8:c8:07:
c6:6d:54:f9:a9:85:dd:7d:14:f2:2c:4f:1c:29:2c:23:c0:bc:
96:20:56:46:c9:74:a3:fc:fc:a3:0a:c4:db:39:9a:7c:db:a2:
2c:ce:62:14
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQks9/v0/F2PBNiiQ1/cfdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzVkODdjMTk3YTBmYTA0ZGE4ZjIyNTM1OGQzZmFmNzg2
ZjdkMGIwHhcNMjUwMTAyMDE0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2VhNzg2ZDIwMjlkMjA1ODNjNzg1MWY0Yzk1MWNmN2JiZGFlNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtynYv5k4t0sX64KnoAVbHA3PQ/aw
TiLe544Rwx7MkHNvqXbGsYhocCz1ddTNn+oJKXu4NGM1BBdWUfEMLYCsSZzk6iJe
ytAXFZIPjLIPvqjqZErEa10ZyQn5IcLueawVUo8BznHvmDNv646T2uIWnK4/8Fkx
9seRA3pUyhkKKM1wxORBO9Of8mG5fyH/KYude5a4tXaYSUXpFlhOjaKC+1Aqd+SY
Vn00aXdKt4wUN8BFG4xoUhNIeoV6hLPWn6ZLrcWoPOa4DEs/2iCuek07XhztnMGd
EhmKoX5f1aGfKb8kbpTCPVlVTLB78/j9MOce/TKtRlmB4DN6/rf4Kb9AgQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPzqeG0gKdIFg8eFH0yVHPe72uasMB8GA1UdIwQY
MBaAFDB12HwZeg+gTajyJTWNP694b30LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEt
ODk5ODFjOGY5ZTdiLzEvX09wNGJTQXAwZ1dEeDRVZlRKVWM5N3ZhNXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEtODk5ODFjOGY5ZTdi
LzEvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCBbaMAwQC
why8MAwDBADCHN0DBADCHN4wDQYJKoZIhvcNAQELBQADggEBAM7CY7S0UzP4RFgs
rruKYU/CKingGqmTwNdigi5QEmwZI0U6ZX3NLzlbQphOEn77DQFXXPe83j7DXLDn
rraNiRRbK9PB2NHzSLPGcuKp1DHpAXK2GcLjFN+EcWJEMemhfhTPpRGxFZOTj0fs
Gf5nCBSzfnHq0tbsczRCrsD0tGqJAsT3xJMbKy2ZyTW1MqrzZhl97ZCshihlPR+3
Y2VwSUfleZpczfqpgJcBsZYuEH9Nbjx3OX4ByPoCZzH4qJ4wXfhrxk7zGpvcGTTE
S3bTTcch9htgJtjIB8ZtVPmphd19FPIsTxwpLCPAvJYgVkbJdKP8/KMKxNs5mnzb
oizOYhQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:03 2025 by rpki-client on console.sobornost.net