Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/OziayBrDeGWUdwbC1v4ioKqEXUE.roa
File: OziayBrDeGWUdwbC1v4ioKqEXUE.roa (raw, json)
Hash identifier: sdMj7SQqeh6lx/KCs9+nJuEWA4sxx9zFl43XaHKaZJk=
Subject key identifier: 3B:38:9A:C8:1A:C3:78:65:94:77:06:C2:D6:FE:22:A0:AA:84:5D:41
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 019428278AEB6EE06735CFAF0EB5F77A5788
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/OziayBrDeGWUdwbC1v4ioKqEXUE.roa
Signing time: Thu 02 Jan 2025 17:54:27 +0000
ROA not before: Thu 02 Jan 2025 17:54:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13068
IP address blocks: 213.164.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:8a:eb:6e:e0:67:35:cf:af:0e:b5:f7:7a:57:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 17:54:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b389ac81ac37865947706c2d6fe22a0aa845d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ec:a1:b2:4c:fc:be:73:90:4b:a5:c6:55:02:
e9:aa:b3:41:f5:ad:28:c7:a1:52:e0:b1:91:91:bb:
05:bb:2b:87:ce:4e:e7:d2:78:ce:fd:0c:78:fe:f4:
4e:36:48:9b:75:20:17:17:22:7e:a5:a6:b6:f0:83:
1e:f5:d9:e1:0d:08:4e:11:23:81:4f:f7:0a:5d:53:
3b:70:2e:bc:d4:bd:9c:d1:f4:e6:0e:76:69:39:80:
e1:99:d6:90:b3:e2:2c:c8:ba:0f:9d:f6:2c:e7:bf:
b5:6c:1a:1f:98:2e:1d:a6:2a:21:94:3a:30:e3:e3:
e2:1d:11:66:7a:c8:78:01:7e:c6:9e:15:1a:b0:32:
f8:55:25:61:a5:53:85:c5:76:b2:3a:73:be:e8:cf:
cb:57:12:69:04:a2:d9:ef:b9:94:4b:e2:8b:4c:fb:
c6:ba:19:e1:b0:c1:de:e5:79:6e:68:79:39:2b:dc:
8f:9b:6b:42:62:52:7a:ac:08:69:e3:fa:09:cf:68:
34:a2:e2:32:d1:d8:96:21:ba:a1:10:1e:f1:9f:ac:
35:18:6a:c6:d1:fc:01:09:f9:48:d6:da:70:e3:2f:
bc:b5:d9:21:80:d2:55:4d:7e:ad:a4:6f:b2:66:6c:
fd:57:6d:d2:ce:97:fb:62:86:03:be:8a:62:0f:ed:
d2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:38:9A:C8:1A:C3:78:65:94:77:06:C2:D6:FE:22:A0:AA:84:5D:41
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/OziayBrDeGWUdwbC1v4ioKqEXUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.164.9.0/24
Signature Algorithm: sha256WithRSAEncryption
10:dc:de:be:aa:7c:15:82:26:a9:46:12:57:24:c3:d7:c7:b1:
3b:31:04:86:e0:8c:91:33:b8:5a:b2:e4:f8:7e:47:c5:ac:19:
23:26:0c:9c:26:7f:2d:4d:83:44:95:4c:3c:b0:2b:24:56:05:
1a:91:01:70:c1:1e:2a:d2:ec:04:75:59:ab:b7:56:82:4d:37:
70:58:70:28:63:23:59:4c:e2:c5:17:bc:52:64:b7:ed:64:15:
a6:c7:b7:03:2a:3b:4c:f3:dc:7b:e6:cb:3f:bb:59:21:94:6d:
d4:88:91:d0:6b:69:98:19:db:5f:c0:7a:2c:25:71:21:23:8f:
d5:58:08:75:42:98:91:fd:32:66:f4:8b:7e:ba:94:97:55:0d:
4d:f4:77:10:a1:fe:45:28:2b:56:8b:45:ee:85:d8:7d:92:c2:
83:56:af:04:f9:12:09:15:f1:f5:bb:e1:3d:0e:1f:db:cd:5b:
6d:d6:a1:5b:c4:14:1a:fa:0c:c2:7c:0e:cd:ff:43:c4:e3:1e:
52:96:91:12:f1:c2:40:0f:f6:94:ed:e4:fe:9c:6c:1f:51:27:
74:db:f7:98:9b:90:6c:02:56:ce:0f:c3:8e:01:2c:41:b8:9e:
fb:85:b2:a2:56:03:b8:3f:45:64:c3:67:db:07:c0:c8:7d:2e:
a3:14:e0:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ4rrbuBnNc+vDrX3eleIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjUwMTAyMTc1NDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjM4OWFjODFhYzM3ODY1OTQ3NzA2YzJkNmZlMjJhMGFhODQ1ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeyhskz8vnOQS6XGVQLpqrNB9a0o
x6FS4LGRkbsFuyuHzk7n0njO/Qx4/vRONkibdSAXFyJ+paa28IMe9dnhDQhOESOB
T/cKXVM7cC681L2c0fTmDnZpOYDhmdaQs+IsyLoPnfYs57+1bBofmC4dpiohlDow
4+PiHRFmesh4AX7GnhUasDL4VSVhpVOFxXayOnO+6M/LVxJpBKLZ77mUS+KLTPvG
uhnhsMHe5XluaHk5K9yPm2tCYlJ6rAhp4/oJz2g0ouIy0diWIbqhEB7xn6w1GGrG
0fwBCflI1tpw4y+8tdkhgNJVTX6tpG+yZmz9V23Szpf7YoYDvopiD+3SwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDs4msgaw3hllHcGwtb+IqCqhF1BMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvT3ppYXlCckRlR1dVZHdiQzF2NGlvS3FFWFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aQJMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ3N6+qnwVgiapRhJXJMPXx7E7MQSG4IyRM7hasuT4
fkfFrBkjJgycJn8tTYNElUw8sCskVgUakQFwwR4q0uwEdVmrt1aCTTdwWHAoYyNZ
TOLFF7xSZLftZBWmx7cDKjtM89x75ss/u1khlG3UiJHQa2mYGdtfwHosJXEhI4/V
WAh1QpiR/TJm9It+upSXVQ1N9HcQof5FKCtWi0Xuhdh9ksKDVq8E+RIJFfH1u+E9
Dh/bzVtt1qFbxBQa+gzCfA7N/0PE4x5SlpES8cJAD/aU7eT+nGwfUSd02/eYm5Bs
AlbOD8OOASxBuJ77hbKiVgO4P0Vkw2fbB8DIfS6jFODE
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:08:47 2025 by rpki-client