Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2f7a6e-e8c1-4f62-95f9-64bfb79900d6/1/oaLZxtKD66NwRygInPYpaycKqOc.roa
File: oaLZxtKD66NwRygInPYpaycKqOc.roa (raw, json)
Hash identifier: Ja3SjwoX4eh5IRVh7jPL7K8MqCmfJQ9Q/LWhTt+xawU=
Subject key identifier: A1:A2:D9:C6:D2:83:EB:A3:70:47:28:08:9C:F6:29:6B:27:0A:A8:E7
Certificate issuer: /CN=4020f4d4c7528d8a827ec724918fe2df534bd905
Certificate serial: 019460FF9A8CE7A6153950B41033EBB7A0F4
Authority key identifier: 40:20:F4:D4:C7:52:8D:8A:82:7E:C7:24:91:8F:E2:DF:53:4B:D9:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCD01MdSjYqCfsckkY_i31NL2QU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2f7a6e-e8c1-4f62-95f9-64bfb79900d6/1/oaLZxtKD66NwRygInPYpaycKqOc.roa
Signing time: Mon 13 Jan 2025 18:49:11 +0000
ROA not before: Mon 13 Jan 2025 18:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212150
IP address blocks: 185.115.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:ff:9a:8c:e7:a6:15:39:50:b4:10:33:eb:b7:a0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4020f4d4c7528d8a827ec724918fe2df534bd905
Validity
Not Before: Jan 13 18:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1a2d9c6d283eba3704728089cf6296b270aa8e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9e:b7:45:27:4f:ba:90:3b:c0:5d:fb:3a:4f:
46:77:f6:7c:f3:a4:5d:f5:e5:6a:77:02:82:98:e0:
9c:7a:f2:47:1b:05:57:46:fb:8a:bf:0f:71:8c:81:
a8:07:d9:46:f0:ab:1c:d5:14:c0:17:8a:4c:45:5a:
44:8e:3e:e9:72:a6:34:80:b2:37:df:83:3b:1d:54:
1c:de:e9:54:2d:19:73:64:ed:e1:ad:72:1b:4b:cf:
8d:e7:a2:3a:17:5e:f3:78:5c:a0:e6:c5:ae:1e:51:
47:5d:b3:e0:50:3e:91:98:ed:3a:5a:20:a1:9d:cb:
69:92:48:7c:5f:0a:39:99:23:63:19:a3:63:f2:9e:
7d:a3:1c:8a:95:20:c4:9b:6c:47:f8:24:18:8a:58:
db:41:7f:59:73:7b:20:38:dd:6f:c4:2c:a5:2e:dd:
dc:c7:ca:6b:02:36:8f:d7:88:c2:4e:17:ec:ee:56:
1f:ff:12:cb:87:80:51:ad:23:e4:2d:96:e1:ba:ea:
da:69:16:1b:1a:c3:9d:1e:94:56:c0:8c:e6:ab:64:
d1:ef:71:1c:2a:a9:bf:77:77:44:79:0f:93:41:0c:
83:64:4a:6b:15:33:5b:37:eb:2e:f7:ba:58:a3:69:
a6:ca:e5:05:dc:98:ce:fa:ae:91:9e:69:df:f5:9a:
f4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A2:D9:C6:D2:83:EB:A3:70:47:28:08:9C:F6:29:6B:27:0A:A8:E7
X509v3 Authority Key Identifier:
keyid:40:20:F4:D4:C7:52:8D:8A:82:7E:C7:24:91:8F:E2:DF:53:4B:D9:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCD01MdSjYqCfsckkY_i31NL2QU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2f7a6e-e8c1-4f62-95f9-64bfb79900d6/1/oaLZxtKD66NwRygInPYpaycKqOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2f7a6e-e8c1-4f62-95f9-64bfb79900d6/1/QCD01MdSjYqCfsckkY_i31NL2QU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.160.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:f6:b9:28:a0:58:32:5d:88:05:7a:0a:82:8d:36:8d:57:45:
22:d8:11:f7:b7:3d:d7:28:c3:ee:ca:dd:52:bd:97:6a:8e:4a:
bd:ab:3a:d3:77:31:1e:e1:4e:0d:e9:df:62:92:c0:1e:75:68:
92:12:63:76:7f:e3:54:bb:01:d3:b2:2f:27:4e:6d:d5:b0:dc:
7e:d0:ff:b9:68:e0:a9:21:cf:77:88:fa:22:b2:0b:b3:e0:e6:
e7:20:58:45:6b:cf:02:a4:23:09:40:d6:ab:60:12:15:46:bb:
96:32:9a:14:4d:1b:dd:fa:21:d9:e5:3e:29:e2:5e:b6:cc:40:
c1:e6:47:1e:8a:fd:9f:b4:b5:59:88:be:f1:64:c0:10:eb:6f:
3b:60:d2:4e:5d:93:4a:b4:ad:43:5f:55:6f:76:38:e6:21:63:
97:f1:7d:8b:80:0c:95:3f:db:f0:26:e7:e2:f1:9c:80:b7:67:
6c:7b:c8:ed:4d:48:59:3d:ba:d3:01:cb:31:20:9f:b8:e7:4b:
3e:f3:19:60:60:49:99:19:97:24:b5:96:0d:58:c5:53:0d:7b:
0a:cd:fa:97:35:a8:8d:a7:4e:9a:c8:0b:ce:b8:75:32:5b:73:
d2:1b:07:6a:7b:14:a5:96:01:99:71:e8:c0:8a:8f:7a:33:81:
7d:21:07:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRg/5qM56YVOVC0EDPrt6D0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjBmNGQ0Yzc1MjhkOGE4MjdlYzcyNDkxOGZlMmRmNTM0
YmQ5MDUwHhcNMjUwMTEzMTg0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWEyZDljNmQyODNlYmEzNzA0NzI4MDg5Y2Y2Mjk2YjI3MGFhOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl563RSdPupA7wF37Ok9Gd/Z886Rd
9eVqdwKCmOCcevJHGwVXRvuKvw9xjIGoB9lG8Ksc1RTAF4pMRVpEjj7pcqY0gLI3
34M7HVQc3ulULRlzZO3hrXIbS8+N56I6F17zeFyg5sWuHlFHXbPgUD6RmO06WiCh
nctpkkh8Xwo5mSNjGaNj8p59oxyKlSDEm2xH+CQYiljbQX9Zc3sgON1vxCylLt3c
x8prAjaP14jCThfs7lYf/xLLh4BRrSPkLZbhuuraaRYbGsOdHpRWwIzmq2TR73Ec
Kqm/d3dEeQ+TQQyDZEprFTNbN+su97pYo2mmyuUF3JjO+q6Rnmnf9Zr0rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGi2cbSg+ujcEcoCJz2KWsnCqjnMB8GA1UdIwQY
MBaAFEAg9NTHUo2Kgn7HJJGP4t9TS9kFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNEMDFNZFNqWXFDZnNja2tZX2kzMU5MMlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZjdhNmUtZThjMS00ZjYyLTk1Zjkt
NjRiZmI3OTkwMGQ2LzEvb2FMWnh0S0Q2Nk53UnlnSW5QWXBheWNLcU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZjdhNmUtZThjMS00ZjYyLTk1ZjktNjRiZmI3OTkwMGQ2
LzEvUUNEMDFNZFNqWXFDZnNja2tZX2kzMU5MMlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXOgMA0G
CSqGSIb3DQEBCwUAA4IBAQBd9rkooFgyXYgFegqCjTaNV0Ui2BH3tz3XKMPuyt1S
vZdqjkq9qzrTdzEe4U4N6d9iksAedWiSEmN2f+NUuwHTsi8nTm3VsNx+0P+5aOCp
Ic93iPoisguz4ObnIFhFa88CpCMJQNarYBIVRruWMpoUTRvd+iHZ5T4p4l62zEDB
5kceiv2ftLVZiL7xZMAQ6287YNJOXZNKtK1DX1VvdjjmIWOX8X2LgAyVP9vwJufi
8ZyAt2dse8jtTUhZPbrTAcsxIJ+450s+8xlgYEmZGZcktZYNWMVTDXsKzfqXNaiN
p06ayAvOuHUyW3PSGwdqexSllgGZcejAio96M4F9IQfK
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:38:36 2025 by rpki-client