Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/O_3sjFQLU8LSk5AiF4s2qKZfXBc.roa
File: O_3sjFQLU8LSk5AiF4s2qKZfXBc.roa (raw, json)
Hash identifier: ejuYtetnOewL1sJBmaMYLDQ65Hla2peOL6OXuWr4CIE=
Subject key identifier: 3B:FD:EC:8C:54:0B:53:C2:D2:93:90:22:17:8B:36:A8:A6:5F:5C:17
Certificate issuer: /CN=5534e9bb0ee4d30c31e76afa691adc9279b3f356
Certificate serial: 0195CCD64716D55E27AB410E2204192DEAF1
Authority key identifier: 55:34:E9:BB:0E:E4:D3:0C:31:E7:6A:FA:69:1A:DC:92:79:B3:F3:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VTTpuw7k0wwx52r6aRrcknmz81Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/O_3sjFQLU8LSk5AiF4s2qKZfXBc.roa
Signing time: Tue 25 Mar 2025 10:25:49 +0000
ROA not before: Tue 25 Mar 2025 10:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20878
IP address blocks: 176.74.0.0/21 maxlen: 21
176.74.1.0/24 maxlen: 24
176.74.2.0/24 maxlen: 24
176.74.3.0/24 maxlen: 24
176.74.4.0/24 maxlen: 24
176.74.5.0/24 maxlen: 24
176.74.6.0/24 maxlen: 24
176.74.7.0/24 maxlen: 24
185.66.32.0/22 maxlen: 22
185.66.32.0/24 maxlen: 24
185.66.33.0/24 maxlen: 24
185.66.34.0/24 maxlen: 24
185.66.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:d6:47:16:d5:5e:27:ab:41:0e:22:04:19:2d:ea:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5534e9bb0ee4d30c31e76afa691adc9279b3f356
Validity
Not Before: Mar 25 10:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bfdec8c540b53c2d2939022178b36a8a65f5c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2e:6c:80:5f:04:e6:43:95:cc:d6:95:1e:af:
df:a1:57:96:da:78:2d:bb:5d:30:b6:92:45:e5:79:
bb:b2:1d:15:e3:af:b6:bc:9f:69:c9:2d:54:07:e3:
73:6d:7b:6e:3b:13:b4:87:e6:b0:5a:2d:b5:39:49:
50:73:6b:fd:a9:32:47:88:2a:7d:56:54:5e:6c:47:
dd:f9:ca:ee:48:e2:37:2e:75:1d:bb:16:41:c0:10:
03:c3:dc:7b:ef:63:c6:ef:e9:df:b3:66:4c:b2:51:
82:aa:d8:4a:7d:0c:75:97:c2:6b:f2:3b:6e:19:7f:
6d:6e:4f:8b:6f:49:8e:9d:95:7d:06:c4:6b:48:27:
5d:a8:63:3d:c1:cb:55:75:ad:ff:99:d2:6a:d5:66:
ae:0a:bc:07:9a:08:de:1b:60:f1:0b:14:bf:ae:75:
15:b1:9c:1f:3f:dd:a2:ab:12:c3:57:d6:13:e0:6f:
d4:6b:b8:d7:48:dc:d2:7e:ce:82:8f:ea:a1:01:a7:
77:83:0b:86:df:a1:b5:62:29:2e:78:6c:04:42:6b:
c2:bd:f2:ed:09:24:60:b6:87:72:1f:d0:d4:6f:53:
44:d9:6a:08:30:9f:f1:03:76:8d:8e:94:b8:37:83:
20:8d:8d:9c:a6:0c:41:b9:ba:86:6a:b9:d5:85:37:
f7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FD:EC:8C:54:0B:53:C2:D2:93:90:22:17:8B:36:A8:A6:5F:5C:17
X509v3 Authority Key Identifier:
keyid:55:34:E9:BB:0E:E4:D3:0C:31:E7:6A:FA:69:1A:DC:92:79:B3:F3:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VTTpuw7k0wwx52r6aRrcknmz81Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/O_3sjFQLU8LSk5AiF4s2qKZfXBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/VTTpuw7k0wwx52r6aRrcknmz81Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.0.0/21
185.66.32.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:c7:6e:5d:c6:bb:ea:d5:54:41:a6:d0:77:f5:b4:93:00:c4:
1d:67:b5:fc:1b:d2:69:06:e8:07:71:62:bd:2f:44:5d:ad:86:
7e:6e:f6:d2:9f:fe:d1:94:ae:93:83:56:60:be:56:27:1d:44:
e5:f4:ef:2a:e3:0c:2d:e1:49:82:32:3f:5f:40:21:a5:0e:74:
cd:3a:e9:b5:27:a5:1f:21:5e:f2:9e:66:72:0b:8e:a5:b4:a6:
18:30:d9:1d:b7:70:a3:56:56:fb:69:45:2f:0d:0e:de:7e:16:
b1:98:5b:8c:d8:57:5c:5b:09:94:99:8d:05:56:6f:27:86:e9:
0f:b1:31:3e:b7:77:8c:2a:5e:0e:ab:e7:da:62:eb:8d:a5:95:
a8:31:a3:59:0d:50:ba:e4:19:e9:3f:07:b0:7e:f6:67:79:f6:
cd:b3:0b:3c:c2:2e:14:6d:e3:01:e6:7e:fd:be:19:22:89:2f:
e6:53:bc:7a:d2:6c:4d:75:0e:c7:21:a9:40:a5:76:c0:7f:96:
03:ac:4c:97:58:f2:4f:66:f8:16:dc:3c:b8:31:fb:fa:4c:4c:
e5:b8:f8:88:ba:89:db:1a:f5:5a:35:a6:c4:42:71:8d:76:28:
f4:5a:e2:86:d2:66:2b:96:c4:28:69:ed:ab:00:c2:73:5c:70:
8a:a7:50:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXM1kcW1V4nq0EOIgQZLerxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MzRlOWJiMGVlNGQzMGMzMWU3NmFmYTY5MWFkYzkyNzli
M2YzNTYwHhcNMjUwMzI1MTAyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmZkZWM4YzU0MGI1M2MyZDI5MzkwMjIxNzhiMzZhOGE2NWY1YzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy5sgF8E5kOVzNaVHq/foVeW2ngt
u10wtpJF5Xm7sh0V46+2vJ9pyS1UB+NzbXtuOxO0h+awWi21OUlQc2v9qTJHiCp9
VlRebEfd+cruSOI3LnUduxZBwBADw9x772PG7+nfs2ZMslGCqthKfQx1l8Jr8jtu
GX9tbk+Lb0mOnZV9BsRrSCddqGM9wctVda3/mdJq1WauCrwHmgjeG2DxCxS/rnUV
sZwfP92iqxLDV9YT4G/Ua7jXSNzSfs6Cj+qhAad3gwuG36G1YikueGwEQmvCvfLt
CSRgtodyH9DUb1NE2WoIMJ/xA3aNjpS4N4MgjY2cpgxBubqGarnVhTf3OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDv97IxUC1PC0pOQIheLNqimX1wXMB8GA1UdIwQY
MBaAFFU06bsO5NMMMedq+mka3JJ5s/NWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlRUcHV3N2swd3d4NTJyNmFScmNrbm16ODFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mNGJhNjMtY2Q5YS00MzExLWI0MTYt
NjRmMjMxZGQ0MDQyLzEvT18zc2pGUUxVOExTazVBaUY0czJxS1pmWEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mNGJhNjMtY2Q5YS00MzExLWI0MTYtNjRmMjMxZGQ0MDQy
LzEvVlRUcHV3N2swd3d4NTJyNmFScmNrbm16ODFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsEoAAwQC
uUIgMA0GCSqGSIb3DQEBCwUAA4IBAQDOx25dxrvq1VRBptB39bSTAMQdZ7X8G9Jp
BugHcWK9L0RdrYZ+bvbSn/7RlK6Tg1ZgvlYnHUTl9O8q4wwt4UmCMj9fQCGlDnTN
Oum1J6UfIV7ynmZyC46ltKYYMNkdt3CjVlb7aUUvDQ7efhaxmFuM2FdcWwmUmY0F
Vm8nhukPsTE+t3eMKl4Oq+faYuuNpZWoMaNZDVC65BnpPwewfvZnefbNsws8wi4U
beMB5n79vhkiiS/mU7x60mxNdQ7HIalApXbAf5YDrEyXWPJPZvgW3Dy4Mfv6TEzl
uPiIuonbGvVaNabEQnGNdij0WuKG0mYrlsQoae2rAMJzXHCKp1AM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:49 2025 by rpki-client on console.sobornost.net