Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d066a3-7122-4dfa-9644-fce7e936bebd/1/o_o-PfEQ6HNKhX9KkH8j36w99rI.roa
File: o_o-PfEQ6HNKhX9KkH8j36w99rI.roa (raw, json)
Hash identifier: sipqbmLypIuW6+AJhXLMymWfsUfPFNo3toWDFfinp0Y=
Subject key identifier: A3:FA:3E:3D:F1:10:E8:73:4A:85:7F:4A:90:7F:23:DF:AC:3D:F6:B2
Certificate issuer: /CN=40064dd8ac6ea56641836d4ed77facca4b22f7e0
Certificate serial: 019427B529CA41271DF738DAC9CF77530677
Authority key identifier: 40:06:4D:D8:AC:6E:A5:66:41:83:6D:4E:D7:7F:AC:CA:4B:22:F7:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QAZN2KxupWZBg21O13-syksi9-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d066a3-7122-4dfa-9644-fce7e936bebd/1/o_o-PfEQ6HNKhX9KkH8j36w99rI.roa
Signing time: Thu 02 Jan 2025 15:49:31 +0000
ROA not before: Thu 02 Jan 2025 15:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211594
IP address blocks: 185.254.123.0/24 maxlen: 24
2a0c:1880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:29:ca:41:27:1d:f7:38:da:c9:cf:77:53:06:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40064dd8ac6ea56641836d4ed77facca4b22f7e0
Validity
Not Before: Jan 2 15:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3fa3e3df110e8734a857f4a907f23dfac3df6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:63:6a:8b:aa:6a:e8:af:cf:d9:69:38:76:73:
8a:c4:b1:7f:c0:07:3c:51:e8:3c:b3:b7:f2:b0:a1:
d1:08:8b:e5:71:e3:34:1d:3b:11:d7:15:89:f8:7e:
41:39:0c:94:24:df:39:9d:2e:81:28:54:38:5c:0e:
a6:1c:15:e3:64:e8:6e:b8:1f:86:77:37:05:29:8f:
5f:18:1e:58:39:5e:fe:05:f1:ff:dc:5c:61:0a:a3:
6b:dc:6d:22:a8:55:b1:eb:fa:7c:81:62:4e:03:fe:
cb:92:fd:56:bf:d9:de:7a:3e:12:4b:60:1d:41:d5:
1f:ee:94:91:8c:bf:46:a7:a7:5d:5c:7b:d8:dd:e8:
69:da:69:8b:23:42:ad:f0:26:ca:31:f2:e3:27:69:
7c:fa:3e:d6:f0:73:51:9a:bc:75:23:28:bc:30:59:
c1:ea:63:43:7e:37:62:b9:e1:09:61:12:f0:a9:44:
97:4b:3a:72:a0:ca:ad:6c:38:d9:50:39:47:e2:99:
2f:00:ee:11:71:45:3c:6e:68:62:a6:9e:d2:12:51:
96:56:36:a8:b8:e9:f4:54:37:dd:e4:02:ef:2d:fe:
5c:fb:e0:f7:e7:d4:73:62:1a:cc:ee:f4:83:6f:9d:
ce:37:57:d6:b1:f7:98:17:e1:1f:03:5f:26:40:ae:
b4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FA:3E:3D:F1:10:E8:73:4A:85:7F:4A:90:7F:23:DF:AC:3D:F6:B2
X509v3 Authority Key Identifier:
keyid:40:06:4D:D8:AC:6E:A5:66:41:83:6D:4E:D7:7F:AC:CA:4B:22:F7:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAZN2KxupWZBg21O13-syksi9-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d066a3-7122-4dfa-9644-fce7e936bebd/1/o_o-PfEQ6HNKhX9KkH8j36w99rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d066a3-7122-4dfa-9644-fce7e936bebd/1/QAZN2KxupWZBg21O13-syksi9-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.123.0/24
IPv6:
2a0c:1880::/29
Signature Algorithm: sha256WithRSAEncryption
3b:cf:8a:1e:84:3f:b2:92:62:59:1f:47:c1:8a:2a:de:27:c4:
06:4d:43:15:2d:1e:79:c6:26:ba:60:7a:90:fe:f6:78:43:88:
be:42:64:cb:4a:e7:ce:ab:5f:1c:96:c5:ee:99:13:21:ca:9e:
da:76:73:8b:54:a3:90:2d:bf:61:11:63:49:04:f9:30:a5:ba:
69:5a:a6:ee:f6:67:90:aa:5e:77:ac:6d:89:5f:99:ee:31:fe:
89:ee:77:73:c3:5f:21:be:77:2a:3f:70:05:fa:fb:79:c0:9c:
b5:2d:84:43:37:6f:72:90:56:56:ac:db:3f:3b:96:94:8b:12:
9c:fa:cd:5f:90:5e:4a:b2:41:7d:9d:86:97:2e:6f:51:d4:b4:
5d:3c:2b:01:a7:29:ab:42:d4:b6:37:9e:a9:d1:60:80:75:6f:
07:8a:9f:b7:4f:ce:a2:18:43:18:8d:8e:b9:ac:e4:76:b4:f9:
77:6d:79:90:cf:20:5e:d2:07:b5:54:04:63:1f:d2:66:a1:47:
6b:01:f0:20:73:07:b0:c6:c2:51:6f:e1:e1:93:41:28:90:c5:
16:27:fb:d7:79:13:e9:ff:38:91:26:03:75:ce:9b:87:b0:b0:
42:04:9b:9e:13:b0:61:02:07:d0:3a:e6:91:78:ec:f5:d6:cc:
6a:2d:eb:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntSnKQScd9zjayc93UwZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDY0ZGQ4YWM2ZWE1NjY0MTgzNmQ0ZWQ3N2ZhY2NhNGIy
MmY3ZTAwHhcNMjUwMTAyMTU0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2ZhM2UzZGYxMTBlODczNGE4NTdmNGE5MDdmMjNkZmFjM2RmNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mNqi6pq6K/P2Wk4dnOKxLF/wAc8
Ueg8s7fysKHRCIvlceM0HTsR1xWJ+H5BOQyUJN85nS6BKFQ4XA6mHBXjZOhuuB+G
dzcFKY9fGB5YOV7+BfH/3FxhCqNr3G0iqFWx6/p8gWJOA/7Lkv1Wv9neej4SS2Ad
QdUf7pSRjL9Gp6ddXHvY3ehp2mmLI0Kt8CbKMfLjJ2l8+j7W8HNRmrx1Iyi8MFnB
6mNDfjdiueEJYRLwqUSXSzpyoMqtbDjZUDlH4pkvAO4RcUU8bmhipp7SElGWVjao
uOn0VDfd5ALvLf5c++D359RzYhrM7vSDb53ON1fWsfeYF+EfA18mQK60VwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKP6Pj3xEOhzSoV/SpB/I9+sPfayMB8GA1UdIwQY
MBaAFEAGTdisbqVmQYNtTtd/rMpLIvfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFaTjJLeHVwV1pCZzIxTzEzLXN5a3NpOS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMDY2YTMtNzEyMi00ZGZhLTk2NDQt
ZmNlN2U5MzZiZWJkLzEvb19vLVBmRVE2SE5LaFg5S2tIOGozNnc5OXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMDY2YTMtNzEyMi00ZGZhLTk2NDQtZmNlN2U5MzZiZWJk
LzEvUUFaTjJLeHVwV1pCZzIxTzEzLXN5a3NpOS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuf57MA0E
AgACMAcDBQMqDBiAMA0GCSqGSIb3DQEBCwUAA4IBAQA7z4oehD+ykmJZH0fBiire
J8QGTUMVLR55xia6YHqQ/vZ4Q4i+QmTLSufOq18clsXumRMhyp7adnOLVKOQLb9h
EWNJBPkwpbppWqbu9meQql53rG2JX5nuMf6J7ndzw18hvncqP3AF+vt5wJy1LYRD
N29ykFZWrNs/O5aUixKc+s1fkF5KskF9nYaXLm9R1LRdPCsBpymrQtS2N56p0WCA
dW8Hip+3T86iGEMYjY65rOR2tPl3bXmQzyBe0ge1VARjH9JmoUdrAfAgcwewxsJR
b+Hhk0EokMUWJ/vXeRPp/ziRJgN1zpuHsLBCBJueE7BhAgfQOuaReOz11sxqLevO
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:02:11 2025 by rpki-client