Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/oNirTbl_RsP_eTP11aya_B4mS40.roa
File: oNirTbl_RsP_eTP11aya_B4mS40.roa (raw, json)
Hash identifier: N5CXUUAqA6jw0c0taGxdKy+QMTO9pKgJ8qRSiWlDU9Q=
Subject key identifier: A0:D8:AB:4D:B9:7F:46:C3:FF:79:33:F5:D5:AC:9A:FC:1E:26:4B:8D
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0183C64DFD01FF470EFF3380388BC1A96C0C
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/oNirTbl_RsP_eTP11aya_B4mS40.roa
Signing time: Tue 11 Oct 2022 09:09:03 +0000
ROA not before: Tue 11 Oct 2022 09:09:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47975
IP address blocks: 185.21.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:4d:fd:01:ff:47:0e:ff:33:80:38:8b:c1:a9:6c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 11 09:09:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0d8ab4db97f46c3ff7933f5d5ac9afc1e264b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:84:b9:12:94:be:d7:0e:cc:94:49:3d:6b:
e6:9f:bb:04:03:3e:a6:1e:52:f9:9f:aa:b4:f4:84:
55:d2:7c:5d:bf:aa:ed:02:39:0b:64:7a:a7:0c:69:
bc:ff:b7:0c:c4:8a:4d:b1:24:76:f9:92:9f:f2:18:
73:3b:18:8e:a9:48:34:db:be:26:ef:0c:29:3d:48:
81:35:ae:ec:cb:20:7c:83:85:29:c1:0d:5c:69:d9:
11:37:bf:70:16:85:c2:97:17:87:a1:67:dd:6a:74:
8b:51:47:6e:cd:ed:6c:76:cc:b8:92:20:04:a8:86:
ac:42:ab:50:f4:a4:78:87:65:4e:32:a0:f9:ad:db:
03:f2:da:c8:4d:b6:3e:3f:73:51:2b:0c:38:2a:70:
40:a2:63:7c:22:8a:57:ea:85:7c:24:a3:31:7b:f6:
67:8c:02:f4:7b:57:80:4f:24:29:69:8f:3f:ed:da:
6f:49:55:3c:48:ff:2e:ff:62:fa:5f:5e:3e:15:7b:
19:c5:ad:6f:ea:6d:fd:ec:78:e6:4b:17:9b:6c:39:
70:51:e8:0b:a0:c2:b7:dd:35:61:80:20:e4:84:10:
90:51:75:d4:9d:f5:99:33:11:1c:7c:d3:8c:60:01:
72:e2:9d:9a:96:b0:5f:71:9f:98:b7:27:d3:58:c2:
c9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D8:AB:4D:B9:7F:46:C3:FF:79:33:F5:D5:AC:9A:FC:1E:26:4B:8D
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/oNirTbl_RsP_eTP11aya_B4mS40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/22
Signature Algorithm: sha256WithRSAEncryption
46:40:f0:09:96:7a:f9:0b:82:50:1e:9e:5b:57:ea:55:a8:1b:
02:fc:0d:01:4b:0e:d4:c3:dd:e6:02:47:e1:5f:c6:e5:80:eb:
11:bd:38:53:b2:00:b4:1e:66:26:a8:d3:e8:19:50:ab:6a:cd:
dc:47:2e:45:b3:9f:89:20:a4:98:d5:1a:ec:0b:9f:7d:ae:29:
e6:70:91:b7:fc:b0:d2:d4:4e:59:af:21:5c:81:58:d8:ca:70:
1a:86:e3:5d:34:0e:e3:c3:1f:59:de:74:ea:7b:df:80:96:ba:
4a:94:0b:d6:1a:5e:77:da:7b:20:cf:61:d0:b0:99:5b:e2:ef:
3e:8c:70:85:75:f0:c6:e4:69:cf:f3:fa:61:a7:7d:59:ac:15:
2c:31:93:57:1f:54:3d:05:a6:39:e1:4f:ca:cd:5b:a6:7a:da:
53:89:ea:e2:a6:c3:96:16:58:41:39:1f:4f:d5:79:23:d8:5a:
ee:f9:9a:df:24:15:3f:11:71:89:61:aa:33:e5:e8:85:8e:06:
20:b7:86:aa:44:1f:13:b6:28:0b:72:c5:80:08:d5:b1:66:8a:
ac:12:3c:8f:50:83:cd:3f:74:2f:3d:00:69:f4:eb:4e:86:f8:
d8:2d:a7:87:66:18:b1:a0:dd:53:63:16:ed:db:b7:3b:d5:4b:
38:ca:c8:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPGTf0B/0cO/zOAOIvBqWwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjIxMDExMDkwOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQ4YWI0ZGI5N2Y0NmMzZmY3OTMzZjVkNWFjOWFmYzFlMjY0YjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXyEuRKUvtcOzJRJPWvmn7sEAz6m
HlL5n6q09IRV0nxdv6rtAjkLZHqnDGm8/7cMxIpNsSR2+ZKf8hhzOxiOqUg0274m
7wwpPUiBNa7syyB8g4UpwQ1cadkRN79wFoXClxeHoWfdanSLUUduze1sdsy4kiAE
qIasQqtQ9KR4h2VOMqD5rdsD8trITbY+P3NRKww4KnBAomN8IopX6oV8JKMxe/Zn
jAL0e1eATyQpaY8/7dpvSVU8SP8u/2L6X14+FXsZxa1v6m397HjmSxebbDlwUegL
oMK33TVhgCDkhBCQUXXUnfWZMxEcfNOMYAFy4p2alrBfcZ+YtyfTWMLJKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDYq025f0bD/3kz9dWsmvweJkuNMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvb05pclRibF9Sc1BfZVRQMTFheWFfQjRtUzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRX8MA0G
CSqGSIb3DQEBCwUAA4IBAQBGQPAJlnr5C4JQHp5bV+pVqBsC/A0BSw7Uw93mAkfh
X8blgOsRvThTsgC0HmYmqNPoGVCras3cRy5Fs5+JIKSY1RrsC599rinmcJG3/LDS
1E5ZryFcgVjYynAahuNdNA7jwx9Z3nTqe9+AlrpKlAvWGl532nsgz2HQsJlb4u8+
jHCFdfDG5GnP8/php31ZrBUsMZNXH1Q9BaY54U/KzVumetpTieripsOWFlhBOR9P
1Xkj2Fru+ZrfJBU/EXGJYaoz5eiFjgYgt4aqRB8TtigLcsWACNWxZoqsEjyPUIPN
P3QvPQBp9OtOhvjYLaeHZhixoN1TYxbt27c71Us4yshb
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:16 2025 by rpki-client