Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/O3TIZ65So9PKprUoLV6I3IcfSsU.roa
File: O3TIZ65So9PKprUoLV6I3IcfSsU.roa (raw, json)
Hash identifier: 0PwoWXtENnWLzrFGbgfPC2HnlP7k5I8HP8R0CKk8UD4=
Subject key identifier: 3B:74:C8:67:AE:52:A3:D3:CA:A6:B5:28:2D:5E:88:DC:87:1F:4A:C5
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01942144014FE5D0EC26E37D62CAC125913D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/O3TIZ65So9PKprUoLV6I3IcfSsU.roa
Signing time: Wed 01 Jan 2025 09:48:12 +0000
ROA not before: Wed 01 Jan 2025 09:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47125
IP address blocks: 212.46.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:01:4f:e5:d0:ec:26:e3:7d:62:ca:c1:25:91:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b74c867ae52a3d3caa6b5282d5e88dc871f4ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9c:28:aa:69:47:47:c0:15:b9:7c:57:33:37:
f1:85:98:0d:45:23:c9:87:fe:3d:b4:3b:38:3b:b2:
dc:21:e8:d5:58:bd:83:29:da:7a:b9:8b:da:d2:cf:
92:3e:07:2d:47:5e:aa:65:77:de:1c:2d:d1:d8:0b:
0e:d9:ae:fe:50:16:c9:ad:c3:bd:fe:c8:5f:ac:cc:
9d:f9:1b:2c:1c:b7:75:a5:33:a0:11:c8:bc:68:d9:
d1:bd:1b:7a:8a:ab:f7:be:9c:a1:6b:d2:4d:d8:69:
58:38:9e:13:93:49:d5:97:c8:8b:98:48:f9:2f:44:
03:3f:e3:a8:53:1e:f8:dc:d8:83:1e:0c:5f:c5:fb:
b5:8d:78:f3:d3:37:85:d8:9b:83:f3:33:e7:24:1e:
5b:2a:80:b0:fe:98:c6:09:f6:65:4d:c1:f9:a6:59:
51:64:f7:31:5e:80:9c:00:b7:50:3d:25:8f:79:4e:
39:cd:e2:16:25:27:81:71:5f:da:57:47:54:44:ff:
de:cc:0e:2f:d2:2f:61:ee:79:9d:72:70:e9:e3:61:
1a:b9:04:84:e4:a4:93:74:e4:73:cd:a1:5d:c3:0d:
d7:a0:41:57:1f:2c:6c:9c:e2:78:d7:47:30:28:d8:
1d:38:54:3e:35:f3:fa:a7:3d:e9:58:4d:70:97:e8:
42:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:74:C8:67:AE:52:A3:D3:CA:A6:B5:28:2D:5E:88:DC:87:1F:4A:C5
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/O3TIZ65So9PKprUoLV6I3IcfSsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.32.0/24
Signature Algorithm: sha256WithRSAEncryption
32:dc:d5:75:b8:d4:05:d1:21:f8:19:e0:d0:89:0a:a9:61:2b:
04:24:4e:2a:5a:6e:9c:b5:f6:31:d9:15:47:68:bf:93:62:ea:
9a:31:dc:f9:02:64:55:4f:be:c4:71:39:32:58:84:12:17:44:
91:1c:ea:f8:63:a7:25:0d:ca:eb:7c:47:f3:10:a6:0c:8b:7f:
2e:4d:db:ce:99:bd:af:e2:b7:80:78:f3:80:46:c5:b9:ae:8d:
e7:a3:69:47:f3:5c:53:bb:9e:7e:a5:a3:3c:8c:cc:1d:99:84:
d5:f3:09:c5:15:65:9c:e4:b1:dc:a8:b4:96:48:95:cd:72:90:
ea:4a:24:67:03:9b:9d:1e:2d:1b:6e:6d:a2:07:24:eb:c8:51:
f4:36:a9:c5:10:e1:61:18:d9:f6:3c:7f:dd:45:6a:e3:a4:b7:
dc:8e:0f:16:a7:55:33:eb:f4:50:da:d9:5d:58:b5:d0:07:fa:
be:f6:d1:08:c8:ef:cf:4c:57:a5:31:1b:7a:55:d0:df:b9:ac:
fa:d7:ef:b5:cc:82:71:2d:75:20:45:35:34:08:45:ae:bb:19:
be:47:3d:be:1f:56:e1:29:1e:f9:ca:f2:a7:38:6c:62:eb:03:
a3:ab:cf:eb:fa:8e:d5:23:63:1f:01:10:5a:a6:d2:c0:2a:ee:
37:9a:a8:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRAFP5dDsJuN9YsrBJZE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjc0Yzg2N2FlNTJhM2QzY2FhNmI1MjgyZDVlODhkYzg3MWY0YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JwoqmlHR8AVuXxXMzfxhZgNRSPJ
h/49tDs4O7LcIejVWL2DKdp6uYva0s+SPgctR16qZXfeHC3R2AsO2a7+UBbJrcO9
/shfrMyd+RssHLd1pTOgEci8aNnRvRt6iqv3vpyha9JN2GlYOJ4Tk0nVl8iLmEj5
L0QDP+OoUx743NiDHgxfxfu1jXjz0zeF2JuD8zPnJB5bKoCw/pjGCfZlTcH5pllR
ZPcxXoCcALdQPSWPeU45zeIWJSeBcV/aV0dURP/ezA4v0i9h7nmdcnDp42EauQSE
5KSTdORzzaFdww3XoEFXHyxsnOJ410cwKNgdOFQ+NfP6pz3pWE1wl+hCZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDt0yGeuUqPTyqa1KC1eiNyHH0rFMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvTzNUSVo2NVNvOVBLcHJVb0xWNkkzSWNmU3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1C4gMA0G
CSqGSIb3DQEBCwUAA4IBAQAy3NV1uNQF0SH4GeDQiQqpYSsEJE4qWm6ctfYx2RVH
aL+TYuqaMdz5AmRVT77EcTkyWIQSF0SRHOr4Y6clDcrrfEfzEKYMi38uTdvOmb2v
4reAePOARsW5ro3no2lH81xTu55+paM8jMwdmYTV8wnFFWWc5LHcqLSWSJXNcpDq
SiRnA5udHi0bbm2iByTryFH0NqnFEOFhGNn2PH/dRWrjpLfcjg8Wp1Uz6/RQ2tld
WLXQB/q+9tEIyO/PTFelMRt6VdDfuaz61++1zIJxLXUgRTU0CEWuuxm+Rz2+H1bh
KR75yvKnOGxi6wOjq8/r+o7VI2MfARBaptLAKu43mqj/
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:26:14 2025 by rpki-client