Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/OdGF_e17lYBOCmXmsk6hkXdf7b4.roa
File: OdGF_e17lYBOCmXmsk6hkXdf7b4.roa (raw, json)
Hash identifier: mFKHbPekFFY75D3Eu+1fU9mzEnOZ9+rJaeHup24zW3Q=
Subject key identifier: 39:D1:85:FD:ED:7B:95:80:4E:0A:65:E6:B2:4E:A1:91:77:5F:ED:BE
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 019424457F1B33F089958A17C175E1C352D7
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/OdGF_e17lYBOCmXmsk6hkXdf7b4.roa
Signing time: Wed 01 Jan 2025 23:48:41 +0000
ROA not before: Wed 01 Jan 2025 23:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42296
IP address blocks: 185.240.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7f:1b:33:f0:89:95:8a:17:c1:75:e1:c3:52:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 1 23:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39d185fded7b95804e0a65e6b24ea191775fedbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:74:a5:82:76:23:de:4b:6f:a6:0b:2f:a0:c3:
9d:35:4b:00:ba:a1:b7:fc:a8:1c:dc:c6:75:36:04:
ac:79:5b:83:e0:d2:f0:54:0e:19:62:f0:30:f0:f5:
64:00:24:4e:e2:c5:5f:da:ee:d4:a2:3f:a8:93:52:
c5:a0:0c:df:8b:a8:7f:37:4f:80:97:2a:15:51:f8:
f6:12:de:c3:a8:fc:d9:c6:f9:7f:b1:e4:6c:68:c0:
80:fb:5c:ad:e4:c4:af:4f:d3:e0:00:43:5d:b8:bd:
e1:95:8b:d6:9a:3b:62:ee:55:c0:f3:0b:82:73:90:
be:4a:dd:1f:e9:0d:9e:8f:85:58:c1:8e:cb:41:92:
10:16:fc:42:e7:a0:dd:d4:41:41:12:3b:e5:1b:0e:
f6:d5:d5:4a:cc:7f:3c:c1:54:c4:3b:17:28:80:71:
af:01:9f:00:58:ae:cb:fd:6e:76:f5:24:d4:12:bc:
37:87:25:de:e8:15:65:eb:f4:3b:86:33:93:fb:dd:
b9:8f:58:7c:22:e2:11:67:ac:a5:74:58:be:40:fe:
bb:5e:9a:ae:bc:44:92:0d:36:b0:f6:82:53:b6:2c:
9b:b1:a7:58:9d:ce:ef:54:c7:28:2e:a7:68:63:58:
51:0d:02:50:e3:78:3d:ee:6f:e2:72:66:6f:39:ed:
60:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D1:85:FD:ED:7B:95:80:4E:0A:65:E6:B2:4E:A1:91:77:5F:ED:BE
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/OdGF_e17lYBOCmXmsk6hkXdf7b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.253.0/24
Signature Algorithm: sha256WithRSAEncryption
81:83:98:74:d0:3b:78:32:e3:68:18:ef:08:a7:9a:18:4e:93:
40:32:d0:30:bb:05:e2:67:a5:ea:03:31:af:0c:8e:47:52:89:
39:f9:3f:71:38:27:c5:26:7a:7a:46:dc:a6:8a:76:4b:86:41:
2d:06:b5:95:29:66:16:46:aa:6b:9d:31:02:cc:d3:f4:83:0e:
a6:4a:31:e7:60:35:35:7f:29:22:59:84:af:48:ce:d3:74:a2:
70:7f:a4:04:34:1c:56:b2:89:66:94:de:ea:68:19:66:95:42:
02:ca:3e:f1:7c:f1:38:3c:bf:2f:85:2d:f1:4c:a6:f2:5c:ef:
d5:b3:ab:c9:fb:9c:65:f7:70:90:32:98:94:83:b6:6e:e5:a7:
5f:a3:5d:89:0b:66:f1:88:7e:cd:4f:c4:be:50:85:78:55:bb:
4d:01:1a:ed:17:ee:19:cc:be:1c:76:cf:8f:1b:d7:ff:b6:df:
dc:ba:fc:bb:08:00:8b:01:7d:05:30:c7:36:4e:b9:0c:ca:1e:
75:e9:0d:c0:4c:82:3d:fc:f6:64:11:7e:74:cb:c9:08:0c:f1:
ed:4c:43:8c:61:bc:ab:2f:4f:3a:57:77:4e:d1:fd:a0:09:39:
5f:75:5e:8d:db:91:1e:86:4b:90:12:a1:71:e7:b7:ad:8d:21:
fb:ef:95:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRX8bM/CJlYoXwXXhw1LXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjUwMTAxMjM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQxODVmZGVkN2I5NTgwNGUwYTY1ZTZiMjRlYTE5MTc3NWZlZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/HSlgnYj3ktvpgsvoMOdNUsAuqG3
/Kgc3MZ1NgSseVuD4NLwVA4ZYvAw8PVkACRO4sVf2u7Uoj+ok1LFoAzfi6h/N0+A
lyoVUfj2Et7DqPzZxvl/seRsaMCA+1yt5MSvT9PgAENduL3hlYvWmjti7lXA8wuC
c5C+St0f6Q2ej4VYwY7LQZIQFvxC56Dd1EFBEjvlGw721dVKzH88wVTEOxcogHGv
AZ8AWK7L/W529STUErw3hyXe6BVl6/Q7hjOT+925j1h8IuIRZ6yldFi+QP67Xpqu
vESSDTaw9oJTtiybsadYnc7vVMcoLqdoY1hRDQJQ43g97m/icmZvOe1gOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnRhf3te5WATgpl5rJOoZF3X+2+MB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvT2RHRl9lMTdsWUJPQ21YbXNrNmhrWGRmN2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufD9MA0G
CSqGSIb3DQEBCwUAA4IBAQCBg5h00Dt4MuNoGO8Ip5oYTpNAMtAwuwXiZ6XqAzGv
DI5HUok5+T9xOCfFJnp6RtyminZLhkEtBrWVKWYWRqprnTECzNP0gw6mSjHnYDU1
fykiWYSvSM7TdKJwf6QENBxWsolmlN7qaBlmlUICyj7xfPE4PL8vhS3xTKbyXO/V
s6vJ+5xl93CQMpiUg7Zu5adfo12JC2bxiH7NT8S+UIV4VbtNARrtF+4ZzL4cds+P
G9f/tt/cuvy7CACLAX0FMMc2TrkMyh516Q3ATII9/PZkEX50y8kIDPHtTEOMYbyr
L086V3dO0f2gCTlfdV6N25EehkuQEqFx57etjSH775Vp
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:31:11 2025 by rpki-client