Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/984844-3eb4-4232-9385-2af3d62be7f2/1/OpJ_uz4hg9WS1uTnKXn75qGvb3w.roa
File: OpJ_uz4hg9WS1uTnKXn75qGvb3w.roa (raw, json)
Hash identifier: zJt7hWD6hoBRKS4g5AHeuYKclEqIASb0N8YkICHekl0=
Subject key identifier: 3A:92:7F:BB:3E:21:83:D5:92:D6:E4:E7:29:79:FB:E6:A1:AF:6F:7C
Certificate issuer: /CN=f6cb0c8f20843302034f63656ea29ebd6d1163aa
Certificate serial: 019420D61C16E09F765C6A22863992A18081
Authority key identifier: F6:CB:0C:8F:20:84:33:02:03:4F:63:65:6E:A2:9E:BD:6D:11:63:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ssMjyCEMwIDT2NlbqKevW0RY6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/984844-3eb4-4232-9385-2af3d62be7f2/1/OpJ_uz4hg9WS1uTnKXn75qGvb3w.roa
Signing time: Wed 01 Jan 2025 07:48:10 +0000
ROA not before: Wed 01 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39918
IP address blocks: 91.192.176.0/24 maxlen: 24
91.192.177.0/24 maxlen: 24
91.192.178.0/24 maxlen: 24
91.192.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1c:16:e0:9f:76:5c:6a:22:86:39:92:a1:80:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6cb0c8f20843302034f63656ea29ebd6d1163aa
Validity
Not Before: Jan 1 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a927fbb3e2183d592d6e4e72979fbe6a1af6f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:10:7a:54:78:ed:0f:39:3d:a4:61:ed:d0:b5:
20:5c:68:73:80:dc:bf:c0:0c:4b:aa:97:bd:c6:4f:
49:b1:23:2f:cc:2b:4d:ee:ad:f6:19:83:0f:a7:f9:
05:9b:3f:b6:a0:79:25:fb:ce:fe:7a:97:dc:a8:c6:
93:d6:3c:1e:50:9f:77:7c:63:2e:c3:bc:39:bc:4e:
02:e9:a8:aa:c4:48:a2:27:0c:06:65:05:31:05:12:
75:a2:b8:df:29:2f:d5:2c:73:8d:84:73:89:70:03:
18:38:96:74:eb:75:97:7c:b1:c6:47:d3:d6:49:fd:
c9:a9:bf:85:3b:e7:6c:36:2f:33:bc:46:a9:d3:e0:
80:23:c1:9a:34:70:66:65:b4:5c:db:7a:61:91:da:
76:8b:b6:87:f1:f0:b6:9e:90:28:9e:c4:41:a0:3f:
32:ae:72:c9:b9:b7:6f:9e:6f:d3:de:0f:ce:e5:5c:
37:d5:4f:8b:00:67:fd:30:8c:f1:bc:e9:fc:49:a6:
09:db:ca:27:97:91:32:7f:b2:ac:96:24:34:49:8d:
42:87:aa:2f:54:02:19:af:a1:b6:b2:30:98:0d:55:
74:32:be:ac:9c:85:d7:cb:69:af:92:fd:c4:35:56:
65:f4:7c:08:4d:aa:7f:a8:0f:4e:e3:97:f4:8e:7e:
c6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:92:7F:BB:3E:21:83:D5:92:D6:E4:E7:29:79:FB:E6:A1:AF:6F:7C
X509v3 Authority Key Identifier:
keyid:F6:CB:0C:8F:20:84:33:02:03:4F:63:65:6E:A2:9E:BD:6D:11:63:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ssMjyCEMwIDT2NlbqKevW0RY6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/984844-3eb4-4232-9385-2af3d62be7f2/1/OpJ_uz4hg9WS1uTnKXn75qGvb3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/984844-3eb4-4232-9385-2af3d62be7f2/1/9ssMjyCEMwIDT2NlbqKevW0RY6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.176.0/22
Signature Algorithm: sha256WithRSAEncryption
87:71:02:ec:8d:10:69:fb:83:1f:9c:63:53:7b:36:59:28:52:
3d:89:9c:48:38:e8:bc:76:c2:68:8e:de:27:0f:25:5e:3a:00:
2c:09:49:69:6d:75:56:f8:e3:7e:86:ca:e7:9a:eb:8e:58:e2:
1e:9d:92:58:c2:32:1e:0b:13:0d:8d:52:70:d0:87:84:86:8f:
be:61:26:96:fc:04:44:2c:33:e3:75:a7:04:80:06:1b:ab:cc:
97:d0:e1:cb:b3:de:ca:24:7d:33:e2:15:00:eb:96:91:0a:78:
99:fe:3d:8d:d4:91:9b:9a:99:43:c9:da:53:53:6b:ac:42:bd:
72:46:0b:e6:15:b4:45:e8:ea:3e:44:49:ec:ed:3d:2f:a6:ce:
e0:14:86:0e:71:bf:eb:62:98:87:23:0d:16:e3:f2:d7:e6:5b:
7b:1e:39:89:2f:5e:70:c9:f6:c4:56:41:01:7e:5d:bf:45:e2:
ce:7e:7d:b3:67:16:63:f2:00:9d:9e:ff:99:fb:bd:3b:ad:3b:
b8:16:53:9b:ed:71:55:e6:5a:84:5b:89:09:78:1e:3f:28:02:
38:44:ea:b5:a4:f9:c0:56:0e:8f:23:0f:94:34:0a:84:ad:25:
d6:39:69:4d:40:d2:9f:01:7c:e1:17:3c:a9:dc:cb:10:38:00:
9e:01:09:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hwW4J92XGoihjmSoYCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2Y2IwYzhmMjA4NDMzMDIwMzRmNjM2NTZlYTI5ZWJkNmQx
MTYzYWEwHhcNMjUwMTAxMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTkyN2ZiYjNlMjE4M2Q1OTJkNmU0ZTcyOTc5ZmJlNmExYWY2ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxB6VHjtDzk9pGHt0LUgXGhzgNy/
wAxLqpe9xk9JsSMvzCtN7q32GYMPp/kFmz+2oHkl+87+epfcqMaT1jweUJ93fGMu
w7w5vE4C6aiqxEiiJwwGZQUxBRJ1orjfKS/VLHONhHOJcAMYOJZ063WXfLHGR9PW
Sf3Jqb+FO+dsNi8zvEap0+CAI8GaNHBmZbRc23phkdp2i7aH8fC2npAonsRBoD8y
rnLJubdvnm/T3g/O5Vw31U+LAGf9MIzxvOn8SaYJ28onl5Eyf7KsliQ0SY1Ch6ov
VAIZr6G2sjCYDVV0Mr6snIXXy2mvkv3ENVZl9HwITap/qA9O45f0jn7G/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqSf7s+IYPVktbk5yl5++ahr298MB8GA1UdIwQY
MBaAFPbLDI8ghDMCA09jZW6inr1tEWOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXNzTWp5Q0VNd0lEVDJObGJxS2V2VzBSWTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS85ODQ4NDQtM2ViNC00MjMyLTkzODUt
MmFmM2Q2MmJlN2YyLzEvT3BKX3V6NGhnOVdTMXVUbktYbjc1cUd2YjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS85ODQ4NDQtM2ViNC00MjMyLTkzODUtMmFmM2Q2MmJlN2Yy
LzEvOXNzTWp5Q0VNd0lEVDJObGJxS2V2VzBSWTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8CwMA0G
CSqGSIb3DQEBCwUAA4IBAQCHcQLsjRBp+4MfnGNTezZZKFI9iZxIOOi8dsJojt4n
DyVeOgAsCUlpbXVW+ON+hsrnmuuOWOIenZJYwjIeCxMNjVJw0IeEho++YSaW/ARE
LDPjdacEgAYbq8yX0OHLs97KJH0z4hUA65aRCniZ/j2N1JGbmplDydpTU2usQr1y
RgvmFbRF6Oo+REns7T0vps7gFIYOcb/rYpiHIw0W4/LX5lt7HjmJL15wyfbEVkEB
fl2/ReLOfn2zZxZj8gCdnv+Z+707rTu4FlOb7XFV5lqEW4kJeB4/KAI4ROq1pPnA
Vg6PIw+UNAqErSXWOWlNQNKfAXzhFzyp3MsQOACeAQnP
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:38 2025 by rpki-client