Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ONvCFUby9FQsaJnAxo4Axtdte3w.roa
File: ONvCFUby9FQsaJnAxo4Axtdte3w.roa (raw, json)
Hash identifier: Ifw+sRLVQyRVbH8IoOOspPffjTFu/L5Tp5Iujz6vsEg=
Subject key identifier: 38:DB:C2:15:46:F2:F4:54:2C:68:99:C0:C6:8E:00:C6:D7:6D:7B:7C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01942747A61E9FD22F7DF018B9BBB4A95F73
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ONvCFUby9FQsaJnAxo4Axtdte3w.roa
Signing time: Thu 02 Jan 2025 13:49:54 +0000
ROA not before: Thu 02 Jan 2025 13:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12695
IP address blocks: 77.90.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a6:1e:9f:d2:2f:7d:f0:18:b9:bb:b4:a9:5f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 13:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38dbc21546f2f4542c6899c0c68e00c6d76d7b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6e:a6:29:c5:b5:51:00:46:fd:cf:7f:07:64:
c0:63:b6:e8:3b:de:14:14:1d:b1:25:57:2f:ca:07:
05:e6:35:e3:76:b9:75:f8:e6:dd:26:61:f6:f7:1f:
19:67:b4:ed:54:e2:7e:8b:0a:dd:78:ea:14:b4:38:
62:9c:82:e3:a1:fe:d5:15:fa:bb:a5:d6:58:ea:a9:
6e:05:02:78:07:ff:8a:13:98:c2:34:cc:02:43:49:
2e:93:17:9b:46:f7:53:59:e2:f5:23:e8:08:1e:30:
f0:d9:cc:55:d6:c1:fb:97:88:36:c3:c0:9b:47:36:
20:b3:5c:47:3f:dc:45:f4:e0:2f:d5:e1:14:f9:d6:
c9:61:a9:67:4b:17:08:42:1c:47:7e:e6:60:82:d1:
c8:6c:ad:a1:c7:c6:93:22:9b:8f:54:bd:85:92:f4:
a8:fe:2c:46:f8:d4:52:f2:38:bb:13:2b:b3:a0:d6:
07:e0:d8:29:7b:a0:9f:82:af:82:be:76:42:f1:4f:
a3:91:2d:c0:3d:c4:14:5b:c5:73:b3:55:ef:99:85:
ec:85:28:33:13:d4:f1:7d:69:e6:1f:c7:11:a2:ef:
ba:09:5d:a4:e4:95:63:eb:09:9f:8d:9a:f4:e7:de:
15:a1:6f:63:49:3f:b5:0f:3f:b4:70:f0:e2:98:d5:
f3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DB:C2:15:46:F2:F4:54:2C:68:99:C0:C6:8E:00:C6:D7:6D:7B:7C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ONvCFUby9FQsaJnAxo4Axtdte3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.189.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:b0:e5:6a:24:a8:df:a0:6a:c6:82:61:0f:35:b3:26:a0:05:
33:12:eb:2d:2c:3e:6d:fe:63:7c:5d:87:d0:ba:1d:21:29:9f:
c8:a8:89:7d:eb:ad:c8:01:d9:fe:69:e4:00:08:99:7f:6e:3b:
e6:27:02:62:15:46:9c:79:89:58:26:11:30:c2:4d:f6:6e:15:
43:b9:9f:25:78:46:27:a9:64:4a:2d:2d:7f:45:44:6d:08:0a:
ee:f6:55:48:5c:86:72:d2:ed:cf:03:66:2f:09:eb:9c:7c:f7:
6c:5d:fa:99:1b:61:85:2d:33:1e:b2:e1:5a:1b:35:92:13:3b:
6b:41:4e:b8:0e:68:29:34:b5:86:a5:d5:13:ce:1a:3c:d5:f9:
7e:a4:30:ee:8a:b7:55:cd:c3:f6:e0:c6:09:df:1d:bc:0c:81:
aa:96:34:f4:ce:ee:85:fa:35:db:c6:2e:a2:46:d0:f9:eb:ac:
93:b1:c4:be:74:1a:fa:26:dd:69:45:a4:e4:c3:79:23:f9:a5:
9c:3f:17:4a:15:86:fb:39:c7:6c:b5:32:d5:5f:61:74:56:2a:
9c:c3:36:c9:6e:52:c6:9a:3e:c1:67:12:5a:56:bb:7a:e8:1b:
2f:5b:ad:71:40:9a:0b:b0:0b:b1:c9:6b:b0:24:9d:fc:f4:6d:
db:10:ed:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR6Yen9IvffAYubu0qV9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMTAyMTM0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGRiYzIxNTQ2ZjJmNDU0MmM2ODk5YzBjNjhlMDBjNmQ3NmQ3YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG6mKcW1UQBG/c9/B2TAY7boO94U
FB2xJVcvygcF5jXjdrl1+ObdJmH29x8ZZ7TtVOJ+iwrdeOoUtDhinILjof7VFfq7
pdZY6qluBQJ4B/+KE5jCNMwCQ0kukxebRvdTWeL1I+gIHjDw2cxV1sH7l4g2w8Cb
RzYgs1xHP9xF9OAv1eEU+dbJYalnSxcIQhxHfuZggtHIbK2hx8aTIpuPVL2FkvSo
/ixG+NRS8ji7EyuzoNYH4Ngpe6Cfgq+CvnZC8U+jkS3APcQUW8Vzs1XvmYXshSgz
E9TxfWnmH8cRou+6CV2k5JVj6wmfjZr0594VoW9jST+1Dz+0cPDimNXzFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjbwhVG8vRULGiZwMaOAMbXbXt8MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvT052Q0ZVYnk5RlFzYUpuQXhvNEF4dGR0ZTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVq9MA0G
CSqGSIb3DQEBCwUAA4IBAQBcsOVqJKjfoGrGgmEPNbMmoAUzEustLD5t/mN8XYfQ
uh0hKZ/IqIl9663IAdn+aeQACJl/bjvmJwJiFUaceYlYJhEwwk32bhVDuZ8leEYn
qWRKLS1/RURtCAru9lVIXIZy0u3PA2YvCeucfPdsXfqZG2GFLTMesuFaGzWSEztr
QU64DmgpNLWGpdUTzho81fl+pDDuirdVzcP24MYJ3x28DIGqljT0zu6F+jXbxi6i
RtD566yTscS+dBr6Jt1pRaTkw3kj+aWcPxdKFYb7OcdstTLVX2F0ViqcwzbJblLG
mj7BZxJaVrt66BsvW61xQJoLsAuxyWuwJJ389G3bEO2i
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:08:47 2025 by rpki-client