Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ofadfncBD8AOnuX3Biuj7DOLtDo.roa
File: ofadfncBD8AOnuX3Biuj7DOLtDo.roa (raw, json)
Hash identifier: +Wlo4UicSE1MqlN1/Ygs6PQpMiAu2IfvFuNuUGhXrMs=
Subject key identifier: A1:F6:9D:7E:77:01:0F:C0:0E:9E:E5:F7:06:2B:A3:EC:33:8B:B4:3A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01957AD208AEB60BDCB0C47CCB54FEA8059D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ofadfncBD8AOnuX3Biuj7DOLtDo.roa
Signing time: Sun 09 Mar 2025 12:12:19 +0000
ROA not before: Sun 09 Mar 2025 12:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 193.124.16.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7a:d2:08:ae:b6:0b:dc:b0:c4:7c:cb:54:fe:a8:05:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 9 12:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1f69d7e77010fc00e9ee5f7062ba3ec338bb43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:6e:81:41:40:db:9f:5f:de:99:41:aa:cb:
69:3f:40:25:a3:19:ca:72:df:cf:90:ae:20:41:05:
28:0b:0c:68:f2:ec:bf:7f:30:a7:27:d7:8c:49:37:
75:b3:15:c7:da:83:b1:57:54:36:dd:e9:b4:d3:a3:
99:30:9f:35:cf:cf:34:7a:cd:26:53:57:0d:d4:1c:
40:30:6d:d0:53:14:72:cb:c4:d7:56:87:f5:97:a1:
f3:cd:cd:03:e1:69:0f:99:f9:05:ea:9a:5b:46:50:
1c:9f:19:0b:84:47:ab:47:b5:bf:4c:34:e2:8b:1f:
f2:c3:dc:65:fb:3d:ed:87:c1:33:f3:2f:24:b7:16:
44:86:11:b9:88:92:80:43:bb:5b:45:50:ff:57:c8:
13:2a:20:e4:0b:84:91:42:00:7c:38:b4:b7:a5:ed:
89:c4:8b:99:31:33:8a:9a:1b:cf:57:4a:8d:bf:30:
67:81:6e:9a:45:7b:d7:fb:b6:9e:97:42:13:9a:c7:
dc:25:93:da:47:16:68:ea:37:92:12:5e:18:d3:f7:
d2:fd:41:fb:ab:25:85:2d:b8:86:5c:10:d8:49:48:
a7:ed:8e:cc:d1:d1:72:62:f3:95:45:04:14:d4:b0:
a7:35:c5:bb:dd:6f:fb:d8:0a:d7:9c:f8:5a:c8:93:
46:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F6:9D:7E:77:01:0F:C0:0E:9E:E5:F7:06:2B:A3:EC:33:8B:B4:3A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ofadfncBD8AOnuX3Biuj7DOLtDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.16.0/24
194.87.38.0/24
194.87.72.0/24
194.87.114.0/24
194.87.127.0/24
Signature Algorithm: sha256WithRSAEncryption
72:2c:d3:ab:94:1a:0f:ef:b3:81:2a:73:45:37:bd:5a:08:f8:
a5:6f:d6:2e:59:fd:b8:a9:ef:6c:4b:49:3d:e9:d5:66:5e:db:
c6:1f:68:63:bb:c5:23:a4:c3:89:a9:3c:5b:45:14:83:76:27:
51:06:cd:51:39:21:55:ef:3c:01:8b:b4:79:45:1d:77:27:ca:
53:5b:4c:4f:58:33:d8:c5:7e:46:ef:19:06:9c:12:b6:1d:28:
f7:19:48:fb:ee:06:99:4f:41:ab:6e:41:41:48:7b:9a:d0:66:
92:a9:ca:5b:34:f1:e1:4d:89:50:3d:d3:27:1d:c8:bf:c4:b9:
71:54:5a:8e:6a:df:c8:d6:54:a1:3a:eb:58:3b:bd:8c:64:d5:
4a:38:86:73:bf:41:a7:fc:da:b8:e8:dc:a2:c6:a7:1f:6d:70:
7d:c6:f8:c0:f7:82:51:f0:18:fb:87:fe:03:9b:99:f5:60:80:
72:21:4d:c6:e8:36:c5:e2:ae:75:75:8a:cb:ab:2d:75:d0:d4:
38:95:e6:32:38:4f:19:12:ee:d9:fc:83:65:f9:29:a6:47:7f:
6d:2d:5c:6d:54:63:74:59:f4:98:38:27:32:e8:37:e2:57:70:
40:a4:c6:3c:11:3b:96:77:11:3e:60:90:d0:81:dc:1e:92:42:
b8:47:15:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZV60giutgvcsMR8y1T+qAWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMzA5MTIxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWY2OWQ3ZTc3MDEwZmMwMGU5ZWU1ZjcwNjJiYTNlYzMzOGJiNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/1ugUFA259f3plBqstpP0AloxnK
ct/PkK4gQQUoCwxo8uy/fzCnJ9eMSTd1sxXH2oOxV1Q23em006OZMJ81z880es0m
U1cN1BxAMG3QUxRyy8TXVof1l6Hzzc0D4WkPmfkF6ppbRlAcnxkLhEerR7W/TDTi
ix/yw9xl+z3th8Ez8y8ktxZEhhG5iJKAQ7tbRVD/V8gTKiDkC4SRQgB8OLS3pe2J
xIuZMTOKmhvPV0qNvzBngW6aRXvX+7ael0ITmsfcJZPaRxZo6jeSEl4Y0/fS/UH7
qyWFLbiGXBDYSUin7Y7M0dFyYvOVRQQU1LCnNcW73W/72ArXnPhayJNGnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKH2nX53AQ/ADp7l9wYro+wzi7Q6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb2ZhZGZuY0JEOEFPbnVYM0JpdWo3RE9MdERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwQAwQA
wlcmAwQAwldIAwQAwldyAwQAwld/MA0GCSqGSIb3DQEBCwUAA4IBAQByLNOrlBoP
77OBKnNFN71aCPilb9YuWf24qe9sS0k96dVmXtvGH2hju8UjpMOJqTxbRRSDdidR
Bs1ROSFV7zwBi7R5RR13J8pTW0xPWDPYxX5G7xkGnBK2HSj3GUj77gaZT0GrbkFB
SHua0GaSqcpbNPHhTYlQPdMnHci/xLlxVFqOat/I1lShOutYO72MZNVKOIZzv0Gn
/Nq46NyixqcfbXB9xvjA94JR8Bj7h/4Dm5n1YIByIU3G6DbF4q51dYrLqy110NQ4
leYyOE8ZEu7Z/INl+SmmR39tLVxtVGN0WfSYOCcy6DfiV3BApMY8ETuWdxE+YJDQ
gdwekkK4RxWP
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:31:59 2025 by rpki-client