Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/oq_o50CXIOceJaVppQqbwnm5tKc.roa
File: oq_o50CXIOceJaVppQqbwnm5tKc.roa (raw, json)
Hash identifier: 9CCMeMnj8R7zjUi35ospamY/ld/F0tESksjBlq+bLH8=
Subject key identifier: A2:AF:E8:E7:40:97:20:E7:1E:25:A5:69:A5:0A:9B:C2:79:B9:B4:A7
Certificate issuer: /CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Certificate serial: 01891B73F18B136C194705AA62914D89946D
Authority key identifier: 75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/oq_o50CXIOceJaVppQqbwnm5tKc.roa
Signing time: Mon 03 Jul 2023 11:12:10 +0000
ROA not before: Mon 03 Jul 2023 11:12:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 185.177.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:73:f1:8b:13:6c:19:47:05:aa:62:91:4d:89:94:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Validity
Not Before: Jul 3 11:12:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2afe8e7409720e71e25a569a50a9bc279b9b4a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3f:5d:b6:a8:06:34:5f:bb:91:f0:3f:1d:58:
57:64:ed:48:e8:ed:ad:f1:5c:15:93:9d:30:b5:8c:
a5:44:f1:bb:62:3c:a6:ab:09:77:0c:d6:09:59:72:
7d:f8:35:f3:b0:50:27:ed:24:d0:fd:02:29:ba:35:
90:3a:4d:3a:0f:3a:08:19:b4:8d:70:02:a8:0f:9c:
b8:a1:d8:b9:1b:18:70:32:76:1c:b3:86:56:57:c4:
11:db:a7:2c:e0:24:02:21:07:bb:ac:bc:f9:28:02:
f6:cd:c4:38:98:07:7b:90:8c:ad:1b:3a:1e:a0:d2:
4f:6b:02:7a:c3:d7:73:7a:77:28:7f:bb:c6:d8:a9:
ee:e3:d5:60:e8:36:80:5f:98:30:fb:35:6f:a2:e6:
ac:0a:5e:23:e5:10:54:49:03:7c:90:9d:ac:6e:bf:
b5:09:cb:e0:36:96:4b:d8:99:78:7f:6d:05:9e:60:
d2:d0:bb:ad:8b:cd:85:05:84:ff:9d:66:02:aa:08:
4f:81:74:25:1a:f9:9f:f3:10:21:6d:a8:cf:58:71:
a2:91:a9:fd:9c:72:90:e0:90:1d:35:6d:ed:dc:28:
4f:82:e3:57:69:f6:85:1e:dc:d6:f5:6e:0a:b9:81:
00:01:7f:1f:3c:fc:e7:97:eb:00:7f:e6:e6:ae:85:
56:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AF:E8:E7:40:97:20:E7:1E:25:A5:69:A5:0A:9B:C2:79:B9:B4:A7
X509v3 Authority Key Identifier:
keyid:75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/oq_o50CXIOceJaVppQqbwnm5tKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.231.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:90:6f:e4:99:cb:63:c3:fb:69:31:80:13:7c:ee:2c:7d:7a:
bc:a7:09:5b:e7:ea:5d:bd:35:cb:17:fa:ed:ca:e1:be:77:59:
f1:3d:30:f0:e2:c6:e6:9f:f0:67:10:a8:c8:4c:1b:48:97:0a:
41:5c:d4:7e:9a:aa:a9:24:0b:1d:2b:aa:86:72:47:1c:d3:aa:
1e:4e:a6:2a:f0:4b:27:bc:73:9a:6b:7e:c0:a7:90:8a:51:f3:
fd:4c:ce:7e:5b:c5:61:52:70:36:82:57:28:60:5a:0d:3b:10:
05:3c:83:85:9a:2a:cc:16:93:da:59:84:13:dc:6c:b6:0b:45:
f0:65:f0:ff:7c:23:32:03:7c:f4:46:a9:a9:df:4c:1b:7f:77:
cd:67:1c:4d:0c:64:a9:5a:31:ba:38:87:f9:d6:25:26:d7:c4:
a0:5d:d0:f9:2c:25:fa:68:51:ee:f7:55:53:9b:ee:9e:98:74:
e0:74:0d:e1:f0:7e:0d:a5:c8:73:66:fa:52:9d:c2:db:71:85:
e4:3c:be:3e:6f:9f:54:d9:18:92:47:cc:f3:a4:f8:3e:a8:f9:
b2:87:2b:32:9d:15:44:be:5e:08:a5:9f:11:32:8f:04:e8:96:
55:1c:97:a4:f9:ee:31:32:2d:78:e1:84:82:38:7c:82:01:81:
7d:34:cb:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkbc/GLE2wZRwWqYpFNiZRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NTRhYzRjN2Y0NTFjNWJiOTM4MmZiY2Q0NmQ3MGM0YzBm
OWRlNTYwHhcNMjMwNzAzMTExMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFmZThlNzQwOTcyMGU3MWUyNWE1NjlhNTBhOWJjMjc5YjliNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhz9dtqgGNF+7kfA/HVhXZO1I6O2t
8VwVk50wtYylRPG7Yjymqwl3DNYJWXJ9+DXzsFAn7STQ/QIpujWQOk06DzoIGbSN
cAKoD5y4odi5GxhwMnYcs4ZWV8QR26cs4CQCIQe7rLz5KAL2zcQ4mAd7kIytGzoe
oNJPawJ6w9dzencof7vG2Knu49Vg6DaAX5gw+zVvouasCl4j5RBUSQN8kJ2sbr+1
CcvgNpZL2Jl4f20FnmDS0Luti82FBYT/nWYCqghPgXQlGvmf8xAhbajPWHGikan9
nHKQ4JAdNW3t3ChPguNXafaFHtzW9W4KuYEAAX8fPPznl+sAf+bmroVWqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKv6OdAlyDnHiWlaaUKm8J5ubSnMB8GA1UdIwQY
MBaAFHVUrEx/RRxbuTgvvNRtcMTA+d5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4Mjgt
ZDkzMzdkYjM5ZDFmLzEvb3FfbzUwQ1hJT2NlSmFWcHBRcWJ3bm01dEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4MjgtZDkzMzdkYjM5ZDFm
LzEvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubHnMA0G
CSqGSIb3DQEBCwUAA4IBAQCbkG/kmctjw/tpMYATfO4sfXq8pwlb5+pdvTXLF/rt
yuG+d1nxPTDw4sbmn/BnEKjITBtIlwpBXNR+mqqpJAsdK6qGckcc06oeTqYq8Esn
vHOaa37Ap5CKUfP9TM5+W8VhUnA2glcoYFoNOxAFPIOFmirMFpPaWYQT3Gy2C0Xw
ZfD/fCMyA3z0Rqmp30wbf3fNZxxNDGSpWjG6OIf51iUm18SgXdD5LCX6aFHu91VT
m+6emHTgdA3h8H4NpchzZvpSncLbcYXkPL4+b59U2RiSR8zzpPg+qPmyhysynRVE
vl4IpZ8RMo8E6JZVHJek+e4xMi144YSCOHyCAYF9NMuV
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:07:57 2025 by rpki-client