Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OAqxF3O43IYIQpxquWKCePco-PA.roa
File: OAqxF3O43IYIQpxquWKCePco-PA.roa (raw, json)
Hash identifier: tyR142cYWuPaX2JucubyUikFKIPSla1u33sJOw9lYQs=
Subject key identifier: 38:0A:B1:17:73:B8:DC:86:08:42:9C:6A:B9:62:82:78:F7:28:F8:F0
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0194F9118746D772205E1F6F69E5D50B2584
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OAqxF3O43IYIQpxquWKCePco-PA.roa
Signing time: Wed 12 Feb 2025 07:31:02 +0000
ROA not before: Wed 12 Feb 2025 07:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395374
IP address blocks: 176.97.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:11:87:46:d7:72:20:5e:1f:6f:69:e5:d5:0b:25:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 12 07:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=380ab11773b8dc8608429c6ab9628278f728f8f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7c:6c:6c:c4:04:33:b9:91:29:1a:2c:3e:36:
22:d5:bd:6c:ff:49:a3:49:6c:7a:d8:b6:74:ed:98:
56:6a:3c:d7:fd:3e:aa:14:e0:a2:ce:78:d5:01:7a:
3c:d1:01:85:d3:4c:81:c3:80:e7:ec:dd:45:8f:f7:
70:aa:07:a7:9e:00:fd:b8:ac:f2:82:2b:32:45:c7:
1e:30:3e:f4:2c:28:75:fe:a6:4b:b9:f8:71:ac:71:
13:3f:b0:49:2d:c3:05:8f:25:22:b8:0b:35:02:b6:
28:04:84:52:ae:11:2b:1e:11:f4:88:4d:be:2f:d7:
fc:5c:b6:dc:7f:93:9a:4a:5a:4c:b4:a5:0b:b5:e9:
32:dd:05:44:a9:5a:ec:02:ce:4f:ba:db:a8:70:bf:
ca:cf:a6:d5:d6:53:6e:b7:b8:a0:f1:5f:93:e2:43:
21:c0:d7:3d:9d:28:12:78:7a:e9:8e:cf:3e:ef:fa:
30:61:6f:c9:23:5b:56:d0:54:03:5f:92:18:41:21:
0b:58:1e:eb:6e:e2:dd:ca:e1:24:66:5b:03:7d:25:
f8:9e:75:66:1e:f0:2d:44:a1:d7:79:8c:e2:a6:8b:
08:9a:c7:11:43:00:2f:52:ff:8d:36:63:32:18:2f:
dc:30:02:ba:79:53:a2:f4:4b:a8:87:b7:48:b4:0e:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0A:B1:17:73:B8:DC:86:08:42:9C:6A:B9:62:82:78:F7:28:F8:F0
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/OAqxF3O43IYIQpxquWKCePco-PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.205.0/24
Signature Algorithm: sha256WithRSAEncryption
92:11:86:a0:93:59:3a:54:8a:1c:04:55:3f:f7:af:4a:bf:93:
70:ac:31:0b:c0:05:9a:c0:79:eb:a7:32:0b:d9:81:1e:78:6a:
2f:ce:f1:49:5d:46:de:ec:b7:d4:ad:7c:60:ac:b7:7a:f8:4f:
ca:79:31:ee:12:d0:f8:8d:56:10:cc:99:dd:d4:5c:8f:5e:ba:
1d:47:d2:4b:9e:16:c3:31:7d:35:2b:43:a1:9c:0f:91:9e:b5:
32:a8:ce:f4:a6:29:1e:fe:44:7a:01:0f:52:69:f8:76:57:bf:
1e:da:f9:29:55:14:2c:7b:08:27:89:fb:68:11:13:c1:03:68:
16:1f:3a:a9:29:1e:6d:d9:95:dd:f4:e1:9d:8c:35:5d:c4:0d:
d6:84:41:52:f7:53:ae:0e:06:c4:fe:08:d7:34:ac:dc:1f:6f:
3f:82:7a:19:c1:c8:5a:9f:c0:32:64:02:bf:29:82:41:30:7a:
1c:65:46:0d:4f:ae:b4:29:cb:33:ed:be:3a:5d:a4:0f:78:94:
6a:cc:e4:46:0f:60:8d:1e:0e:c1:27:47:a6:d6:09:ff:61:b2:
5e:2d:0b:95:01:79:9c:81:90:3d:48:62:f8:e8:11:52:51:c5:
e1:e0:29:c3:61:fb:31:ec:34:2a:56:d8:18:f5:98:81:ea:ce:
48:5e:33:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT5EYdG13IgXh9vaeXVCyWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMjEyMDczMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBhYjExNzczYjhkYzg2MDg0MjljNmFiOTYyODI3OGY3MjhmOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3xsbMQEM7mRKRosPjYi1b1s/0mj
SWx62LZ07ZhWajzX/T6qFOCiznjVAXo80QGF00yBw4Dn7N1Fj/dwqgenngD9uKzy
gisyRcceMD70LCh1/qZLufhxrHETP7BJLcMFjyUiuAs1ArYoBIRSrhErHhH0iE2+
L9f8XLbcf5OaSlpMtKULteky3QVEqVrsAs5PutuocL/Kz6bV1lNut7ig8V+T4kMh
wNc9nSgSeHrpjs8+7/owYW/JI1tW0FQDX5IYQSELWB7rbuLdyuEkZlsDfSX4nnVm
HvAtRKHXeYziposImscRQwAvUv+NNmMyGC/cMAK6eVOi9Euoh7dItA63YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgKsRdzuNyGCEKcarlignj3KPjwMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvT0FxeEYzTzQzSVlJUXB4cXVXS0NlUGNvLVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHNMA0G
CSqGSIb3DQEBCwUAA4IBAQCSEYagk1k6VIocBFU/969Kv5NwrDELwAWawHnrpzIL
2YEeeGovzvFJXUbe7LfUrXxgrLd6+E/KeTHuEtD4jVYQzJnd1FyPXrodR9JLnhbD
MX01K0OhnA+RnrUyqM70pike/kR6AQ9Safh2V78e2vkpVRQsewgniftoERPBA2gW
HzqpKR5t2ZXd9OGdjDVdxA3WhEFS91OuDgbE/gjXNKzcH28/gnoZwchan8AyZAK/
KYJBMHocZUYNT660Kcsz7b46XaQPeJRqzORGD2CNHg7BJ0em1gn/YbJeLQuVAXmc
gZA9SGL46BFSUcXh4CnDYfsx7DQqVtgY9ZiB6s5IXjOK
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:30 2025 by rpki-client