Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/OfjlVTzlbiebKcGfg4O35GZHDIw.roa
File: OfjlVTzlbiebKcGfg4O35GZHDIw.roa (raw, json)
Hash identifier: u7GpmWblaPl+6DO2TlMYyB781AN6WvBVZiKkFR1d8Gg=
Subject key identifier: 39:F8:E5:55:3C:E5:6E:27:9B:29:C1:9F:83:83:B7:E4:66:47:0C:8C
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019422FBCB6F91D38005BD755A8B729D772B
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/OfjlVTzlbiebKcGfg4O35GZHDIw.roa
Signing time: Wed 01 Jan 2025 17:48:34 +0000
ROA not before: Wed 01 Jan 2025 17:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206150
IP address blocks: 193.32.184.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:cb:6f:91:d3:80:05:bd:75:5a:8b:72:9d:77:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 17:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39f8e5553ce56e279b29c19f8383b7e466470c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d9:bb:94:f5:82:01:c1:e8:36:7b:7d:cf:66:
4c:da:58:32:4d:c0:14:b4:9e:3f:e8:3e:87:6e:27:
72:24:cc:32:64:b7:59:bf:60:32:10:8f:ca:8e:9e:
d0:86:c8:30:7f:4b:00:40:0c:5a:c7:7d:4e:df:c5:
8b:fc:17:98:b0:88:60:72:16:15:1f:a1:33:0f:5f:
1a:b2:6b:54:dc:b4:84:43:dd:e5:d8:bc:bd:43:43:
08:3d:90:00:82:8d:c5:be:32:a3:5b:42:61:e0:01:
f1:55:dd:53:fd:7d:49:a6:b8:f9:35:9e:5b:6d:eb:
2c:ec:cd:7c:c8:e3:5d:ed:c9:d0:af:f3:59:e9:70:
23:b0:e7:da:1b:2f:24:5c:54:0b:f8:a1:7e:70:f3:
36:20:60:ae:d3:7d:dc:9b:a2:ee:40:1c:f0:88:9b:
ca:a0:19:bf:67:6c:06:b7:57:df:a9:ac:f0:5b:8f:
bb:c4:a1:1a:f0:73:a9:ee:14:fa:21:2a:2c:62:ae:
17:10:9f:86:ea:27:48:34:5e:5d:00:65:23:00:20:
c6:ba:10:c2:56:81:f9:cc:3d:39:2e:96:0b:e8:62:
81:dd:f8:71:80:44:e2:0f:fd:5c:cf:f5:1b:cb:02:
b9:8d:9f:30:e0:62:8f:5c:17:1b:4f:70:ae:9c:95:
14:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F8:E5:55:3C:E5:6E:27:9B:29:C1:9F:83:83:B7:E4:66:47:0C:8C
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/OfjlVTzlbiebKcGfg4O35GZHDIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.184.0/23
Signature Algorithm: sha256WithRSAEncryption
61:26:5c:12:4a:cf:34:8a:c6:08:1b:68:23:74:48:bc:44:ae:
c5:16:d4:71:a9:c1:53:34:e0:a6:c7:31:bc:3f:97:3d:5b:1f:
02:3d:46:f5:9b:3c:8b:03:fa:3c:e8:90:83:3f:47:06:52:bc:
b3:82:f1:4d:ee:8f:d2:7c:47:5d:49:fa:d5:23:c8:42:85:ac:
01:01:5b:7c:99:17:2d:46:90:b8:59:f5:71:ce:2d:8e:5d:6f:
d2:94:08:d4:42:e3:dd:15:6b:18:68:25:13:0c:b5:fd:cb:2f:
7e:e4:08:a3:09:16:ef:75:82:9e:42:dd:6a:7e:e1:41:59:1f:
ac:30:25:9c:3b:33:75:15:e1:6a:a0:cb:76:99:fa:c3:15:66:
53:d3:e0:0c:5c:12:1b:07:2d:5b:28:00:b6:35:36:a1:88:5c:
e1:78:c4:8a:48:e4:61:b3:05:a8:4f:6f:75:dc:11:b1:16:a8:
62:09:f3:c5:14:38:8e:a9:63:b4:0d:08:91:b1:5e:5d:c8:79:
85:67:99:f1:d7:08:1a:26:e7:2d:61:65:5d:d9:47:4c:6d:e9:
90:52:84:c6:5f:e9:80:af:a6:7d:93:bf:ad:31:0e:df:af:91:
f2:09:62:e5:36:9b:35:c7:5b:fe:67:b2:07:39:1b:5f:9e:ec:
bc:55:b6:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+8tvkdOABb11WotynXcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWY4ZTU1NTNjZTU2ZTI3OWIyOWMxOWY4MzgzYjdlNDY2NDcwYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtm7lPWCAcHoNnt9z2ZM2lgyTcAU
tJ4/6D6HbidyJMwyZLdZv2AyEI/Kjp7Qhsgwf0sAQAxax31O38WL/BeYsIhgchYV
H6EzD18asmtU3LSEQ93l2Ly9Q0MIPZAAgo3FvjKjW0Jh4AHxVd1T/X1Jprj5NZ5b
bess7M18yONd7cnQr/NZ6XAjsOfaGy8kXFQL+KF+cPM2IGCu033cm6LuQBzwiJvK
oBm/Z2wGt1ffqazwW4+7xKEa8HOp7hT6ISosYq4XEJ+G6idINF5dAGUjACDGuhDC
VoH5zD05LpYL6GKB3fhxgETiD/1cz/UbywK5jZ8w4GKPXBcbT3CunJUUIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDn45VU85W4nmynBn4ODt+RmRwyMMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvT2ZqbFZUemxiaWViS2NHZmc0TzM1R1pIREl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSC4MA0G
CSqGSIb3DQEBCwUAA4IBAQBhJlwSSs80isYIG2gjdEi8RK7FFtRxqcFTNOCmxzG8
P5c9Wx8CPUb1mzyLA/o86JCDP0cGUryzgvFN7o/SfEddSfrVI8hChawBAVt8mRct
RpC4WfVxzi2OXW/SlAjUQuPdFWsYaCUTDLX9yy9+5AijCRbvdYKeQt1qfuFBWR+s
MCWcOzN1FeFqoMt2mfrDFWZT0+AMXBIbBy1bKAC2NTahiFzheMSKSORhswWoT291
3BGxFqhiCfPFFDiOqWO0DQiRsV5dyHmFZ5nx1wgaJuctYWVd2UdMbemQUoTGX+mA
r6Z9k7+tMQ7fr5HyCWLlNps1x1v+Z7IHORtfnuy8VbZb
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:36:24 2025 by rpki-client