Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Om5WJgLTwTSkkBCE67jL8xGcfpU.roa
File: Om5WJgLTwTSkkBCE67jL8xGcfpU.roa (raw, json)
Hash identifier: gv5PnzTC6EKfls/ZGPRJcNEs0tDW1w+z0+8YCAL06ik=
Subject key identifier: 3A:6E:56:26:02:D3:C1:34:A4:90:10:84:EB:B8:CB:F3:11:9C:7E:95
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 0197CAD32B264632946C1C8D1E04385F8221
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Om5WJgLTwTSkkBCE67jL8xGcfpU.roa
Signing time: Wed 02 Jul 2025 11:08:46 +0000
ROA not before: Wed 02 Jul 2025 11:08:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 87.248.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:d3:2b:26:46:32:94:6c:1c:8d:1e:04:38:5f:82:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jul 2 11:08:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a6e562602d3c134a4901084ebb8cbf3119c7e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:c7:ae:d3:dd:1e:10:f6:eb:99:e7:fa:dc:
10:6c:32:c7:7a:73:c3:33:b0:3f:b4:7c:89:17:76:
09:f7:8d:52:b9:1a:6b:70:29:4d:f7:03:07:6a:9b:
e7:94:3b:6a:88:6f:df:66:cb:e5:76:8f:fb:aa:bd:
e9:7f:be:1d:13:1d:e7:22:23:ea:a9:ab:8f:05:5a:
41:6a:05:1d:33:5c:e1:da:7d:55:b3:e3:db:fa:ea:
81:7b:d6:4d:21:de:46:48:26:ca:70:8f:b3:d6:58:
b1:0f:bc:62:d4:e4:8f:87:63:c2:99:0f:68:7e:7b:
95:9e:bb:ef:e8:dd:2b:ca:54:20:44:c9:8e:e0:bb:
8b:73:3c:ba:25:44:f6:45:9a:86:e9:66:dc:ce:cc:
6a:52:bc:31:84:bd:9f:81:09:fb:55:45:18:55:1e:
72:cf:e9:2c:d0:94:a5:dd:32:13:4c:22:d2:5d:12:
ee:2e:15:c8:9a:9d:24:69:a5:da:f2:f7:9a:4b:fe:
e6:e1:3c:62:18:9e:9c:55:58:3a:dc:22:51:0e:3e:
7d:dc:dd:0a:46:48:f1:19:93:6b:bc:78:1e:9d:4d:
f2:fe:08:29:de:f8:b5:87:0a:c3:ec:8c:f9:5f:31:
c4:99:22:34:d0:20:5e:97:15:9a:35:88:0f:30:7b:
15:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6E:56:26:02:D3:C1:34:A4:90:10:84:EB:B8:CB:F3:11:9C:7E:95
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Om5WJgLTwTSkkBCE67jL8xGcfpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.143.0/24
Signature Algorithm: sha256WithRSAEncryption
67:ae:42:bf:45:9b:64:ad:24:35:3a:50:49:0d:48:f2:6e:17:
87:8d:97:d3:a5:48:b7:8e:27:83:12:94:87:9e:bc:27:90:98:
11:6e:c6:ab:83:64:e5:8b:d1:c1:4e:a1:20:f1:a7:9f:fd:c3:
70:92:61:01:d9:2c:4f:b6:13:1d:bd:b6:1c:f9:f9:d4:59:82:
f2:0c:85:9c:96:8c:36:1b:b4:b1:59:27:f3:f1:8a:db:fc:3d:
37:2e:ab:41:a6:ae:6f:39:78:cd:5d:3f:c1:a3:af:b1:cb:1e:
3a:6d:de:b9:f5:89:a9:d5:b8:d2:cc:8c:13:d5:bd:8e:5d:04:
d4:41:cc:c8:35:c0:83:66:66:67:8d:ca:45:1f:bf:65:ab:88:
4a:8a:94:f3:b4:d4:da:0b:d0:01:e5:01:0a:8a:48:7b:1b:00:
f4:4f:b8:0b:57:61:86:14:6f:02:f6:c2:26:f5:15:d7:27:15:
5f:31:fe:58:16:f4:9f:51:9f:ed:49:c5:0f:05:cd:63:06:c1:
ce:e4:1e:9b:4c:8f:0d:7d:73:85:ec:0c:5c:8b:3d:c2:19:6f:
45:35:19:d9:e0:67:3a:28:c6:21:82:c3:80:98:88:e7:17:31:
b5:95:21:14:6f:17:38:f4:64:96:ed:df:88:cd:65:ad:f3:e8:
5f:f3:d3:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfK0ysmRjKUbByNHgQ4X4IhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjUwNzAyMTEwODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZlNTYyNjAyZDNjMTM0YTQ5MDEwODRlYmI4Y2JmMzExOWM3ZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo7HrtPdHhD265nn+twQbDLHenPD
M7A/tHyJF3YJ941SuRprcClN9wMHapvnlDtqiG/fZsvldo/7qr3pf74dEx3nIiPq
qauPBVpBagUdM1zh2n1Vs+Pb+uqBe9ZNId5GSCbKcI+z1lixD7xi1OSPh2PCmQ9o
fnuVnrvv6N0rylQgRMmO4LuLczy6JUT2RZqG6WbczsxqUrwxhL2fgQn7VUUYVR5y
z+ks0JSl3TITTCLSXRLuLhXImp0kaaXa8veaS/7m4TxiGJ6cVVg63CJRDj593N0K
RkjxGZNrvHgenU3y/ggp3vi1hwrD7Iz5XzHEmSI00CBelxWaNYgPMHsVgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpuViYC08E0pJAQhOu4y/MRnH6VMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvT201V0pnTFR3VFNra0JDRTY3akw4eEdjZnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iPMA0G
CSqGSIb3DQEBCwUAA4IBAQBnrkK/RZtkrSQ1OlBJDUjybheHjZfTpUi3jieDEpSH
nrwnkJgRbsarg2Tli9HBTqEg8aef/cNwkmEB2SxPthMdvbYc+fnUWYLyDIWclow2
G7SxWSfz8Yrb/D03LqtBpq5vOXjNXT/Bo6+xyx46bd659Ymp1bjSzIwT1b2OXQTU
QczINcCDZmZnjcpFH79lq4hKipTztNTaC9AB5QEKikh7GwD0T7gLV2GGFG8C9sIm
9RXXJxVfMf5YFvSfUZ/tScUPBc1jBsHO5B6bTI8NfXOF7Axciz3CGW9FNRnZ4Gc6
KMYhgsOAmIjnFzG1lSEUbxc49GSW7d+IzWWt8+hf89MB
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:39:30 2025 by rpki-client