Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/OxmjI_oqFouA5-XjvFfD1EZj9Bo.roa
File: OxmjI_oqFouA5-XjvFfD1EZj9Bo.roa (raw, json)
Hash identifier: gQaYaUA4e6NHLd5RCfahZ8d3gdE1xQx99xV++eRXM2M=
Subject key identifier: 3B:19:A3:23:FA:2A:16:8B:80:E7:E5:E3:BC:57:C3:D4:46:63:F4:1A
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 3D591A5E
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/OxmjI_oqFouA5-XjvFfD1EZj9Bo.roa
Signing time: Sat 01 Jan 2022 06:55:18 +0000
ROA not before: Sat 01 Jan 2022 06:55:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398108
IP address blocks: 92.204.128.0/20 maxlen: 20
92.204.144.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1029249630 (0x3d591a5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 06:55:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b19a323fa2a168b80e7e5e3bc57c3d44663f41a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f7:5a:32:de:e6:d1:58:bd:23:09:9d:3a:55:
98:72:70:87:d5:3a:eb:09:8f:ae:a2:74:b6:3a:c1:
84:02:18:c5:bf:2c:19:ae:a4:75:db:4d:c6:e5:38:
77:e7:96:6f:46:16:e6:87:e2:cc:20:1b:3f:02:2c:
73:10:4f:78:91:a7:43:f4:32:5e:1a:d4:20:98:96:
fd:85:fc:59:04:0d:28:e5:ba:34:23:b7:d2:ad:dc:
c4:63:2d:48:ff:2d:86:ed:63:fc:7d:4d:da:24:62:
43:ed:ab:e7:43:1c:42:fd:d1:69:0c:8a:c9:75:8d:
bc:53:fd:2f:82:06:48:43:68:f7:33:b3:18:12:65:
e7:e0:2e:4e:b6:b2:fe:d7:59:8c:e1:b7:a9:f3:7b:
aa:36:c1:22:77:ff:e2:b0:a3:e5:1e:0f:c4:98:4b:
ba:b4:c7:50:7e:3f:fc:46:b1:62:32:95:8d:e6:cc:
6a:64:44:df:40:2e:54:5f:09:da:25:61:ad:ea:0a:
75:f8:a6:4d:ea:26:e8:c6:f5:21:0c:18:79:d1:4c:
80:da:11:2a:18:98:ba:46:b0:8d:5b:2e:39:d2:43:
05:62:8c:cc:f0:8c:e4:91:09:76:53:42:3c:82:e8:
8c:bc:7c:43:4d:c8:40:0b:76:fe:a8:9a:29:47:44:
89:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:19:A3:23:FA:2A:16:8B:80:E7:E5:E3:BC:57:C3:D4:46:63:F4:1A
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/OxmjI_oqFouA5-XjvFfD1EZj9Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.204.128.0-92.204.151.255
Signature Algorithm: sha256WithRSAEncryption
4e:29:3a:a6:b3:cc:eb:07:70:66:a6:3b:e5:37:a6:fd:f6:2a:
51:e8:dd:71:ea:07:62:20:a3:45:53:27:c3:62:18:c5:7c:42:
24:1d:25:d9:3a:cf:bf:c4:ae:3d:a0:a8:fc:45:0a:30:bb:3c:
07:69:ef:eb:bc:78:27:3b:6a:61:0f:b5:55:57:9b:90:5b:02:
66:75:a5:af:7e:97:6e:cc:80:8b:32:b3:20:bd:ca:b7:55:eb:
28:ec:4d:58:20:13:b8:04:69:6f:b8:c7:45:b1:b5:22:4f:49:
8e:5c:04:8e:c4:b7:44:be:c5:ff:1f:7e:c6:a5:12:57:03:ea:
38:55:e2:6f:18:1a:64:5f:38:e3:e9:bb:8e:ef:c2:f9:87:1a:
d0:56:54:3e:70:e0:74:a8:06:65:55:43:91:e5:ac:9c:81:bd:
fc:3b:27:5c:99:84:d2:79:dd:e2:a4:c1:59:0f:65:ce:c5:86:
e9:00:e9:40:22:c7:2d:5e:5e:2f:3d:25:cf:97:3a:e0:d2:f1:
c1:7b:6d:d2:52:bf:6b:e4:45:9a:b3:82:83:60:d5:1b:dd:55:
e6:e6:e6:99:e6:cc:00:23:60:2a:a1:c3:b9:bd:24:ac:ad:6c:
c2:83:ca:a3:b8:3f:dd:90:dc:4e:da:72:61:24:75:2d:4b:01:
fa:98:0b:8f
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEPVkaXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDEw
MTA2NTUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2IxOWEzMjNmYTJh
MTY4YjgwZTdlNWUzYmM1N2MzZDQ0NjYzZjQxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKr3WjLe5tFYvSMJnTpVmHJwh9U66wmPrqJ0tjrBhAIYxb8s
Ga6kddtNxuU4d+eWb0YW5ofizCAbPwIscxBPeJGnQ/QyXhrUIJiW/YX8WQQNKOW6
NCO30q3cxGMtSP8thu1j/H1N2iRiQ+2r50McQv3RaQyKyXWNvFP9L4IGSENo9zOz
GBJl5+AuTray/tdZjOG3qfN7qjbBInf/4rCj5R4PxJhLurTHUH4//EaxYjKVjebM
amRE30AuVF8J2iVhreoKdfimTeom6Mb1IQwYedFMgNoRKhiYukawjVsuOdJDBWKM
zPCM5JEJdlNCPILojLx8Q03IQAt2/qiaKUdEiSECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQ7GaMj+ioWi4Dn5eO8V8PURmP0GjAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L094bWpJX29xRm91QTUtWGp2RmZEMUVaajlCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQHXMyAAwQDXMyQMA0GCSqGSIb3
DQEBCwUAA4IBAQBOKTqms8zrB3BmpjvlN6b99ipR6N1x6gdiIKNFUyfDYhjFfEIk
HSXZOs+/xK49oKj8RQowuzwHae/rvHgnO2phD7VVV5uQWwJmdaWvfpduzICLMrMg
vcq3Veso7E1YIBO4BGlvuMdFsbUiT0mOXASOxLdEvsX/H37GpRJXA+o4VeJvGBpk
Xzjj6buO78L5hxrQVlQ+cOB0qAZlVUOR5aycgb38OydcmYTSed3ipMFZD2XOxYbp
AOlAIsctXl4vPSXPlzrg0vHBe23SUr9r5EWas4KDYNUb3VXm5uaZ5swAI2AqocO5
vSSsrWzCg8qjuD/dkNxO2nJhJHUtSwH6mAuP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:42 2025 by rpki-client