Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/oDKhHV25asaAZwnOhgVY2UWIJ6I.roa
File: oDKhHV25asaAZwnOhgVY2UWIJ6I.roa (raw, json)
Hash identifier: TBtdjF9kT0kXckzBss688u22tMu+NiF4J0DL0v5u2x0=
Subject key identifier: A0:32:A1:1D:5D:B9:6A:C6:80:67:09:CE:86:05:58:D9:45:88:27:A2
Certificate issuer: /CN=71071c85a3482958f87f032b6463198c7fd9eb07
Certificate serial: 0194CAF031D8AF3055FBF0EEC1429CBB78F7
Authority key identifier: 71:07:1C:85:A3:48:29:58:F8:7F:03:2B:64:63:19:8C:7F:D9:EB:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQcchaNIKVj4fwMrZGMZjH_Z6wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/oDKhHV25asaAZwnOhgVY2UWIJ6I.roa
Signing time: Mon 03 Feb 2025 08:32:06 +0000
ROA not before: Mon 03 Feb 2025 08:32:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212285
IP address blocks: 91.243.116.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ca:f0:31:d8:af:30:55:fb:f0:ee:c1:42:9c:bb:78:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71071c85a3482958f87f032b6463198c7fd9eb07
Validity
Not Before: Feb 3 08:32:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a032a11d5db96ac6806709ce860558d9458827a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dc:ea:2a:da:d8:51:ff:e7:27:f2:6a:6c:1a:
2d:24:cd:f0:e6:47:05:e9:7d:29:a2:76:39:ad:61:
5f:18:55:99:b6:16:82:aa:60:5b:45:a0:1b:b1:96:
ea:e7:91:54:08:e0:59:4e:e3:24:0f:94:e1:59:ed:
cd:03:89:be:8c:bf:b1:fa:a4:5c:1d:9f:df:1b:81:
1e:60:c6:dd:b3:83:3e:c8:80:a3:41:ef:cd:45:f1:
94:c2:46:06:a0:56:b0:fe:79:d0:78:41:50:0e:39:
ef:03:7e:63:ce:56:e1:d1:76:8a:9a:17:1a:06:16:
4f:1d:b2:aa:3b:aa:96:18:5e:43:d2:73:de:00:b2:
33:3f:03:22:e4:b6:a0:f9:1b:67:16:d2:80:56:cd:
17:da:b1:26:9b:32:bb:58:63:d6:32:90:20:97:81:
f5:1b:0b:03:05:cc:b8:b4:21:e3:5e:3c:da:dd:3c:
76:d7:62:97:b2:28:57:56:9e:ab:5b:82:16:37:9c:
61:92:6c:2f:a9:1d:64:a7:4a:39:87:45:65:a6:d0:
96:ae:da:bc:f4:e9:64:76:0f:08:ca:2f:fd:59:5c:
5a:e2:f1:f9:6d:af:20:1c:fa:8b:61:0c:46:77:d7:
b3:2d:d2:31:40:21:27:67:ca:cf:fe:7e:99:00:7b:
99:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:32:A1:1D:5D:B9:6A:C6:80:67:09:CE:86:05:58:D9:45:88:27:A2
X509v3 Authority Key Identifier:
keyid:71:07:1C:85:A3:48:29:58:F8:7F:03:2B:64:63:19:8C:7F:D9:EB:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQcchaNIKVj4fwMrZGMZjH_Z6wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/oDKhHV25asaAZwnOhgVY2UWIJ6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/f861f2-bf83-4241-bb6a-aefd80872532/1/cQcchaNIKVj4fwMrZGMZjH_Z6wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.116.0/24
188.125.164.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d9:e7:93:ec:28:c3:56:e4:66:42:b5:96:fe:47:3b:cf:2a:
86:25:4f:45:5b:e6:d2:e8:c3:08:d0:50:35:33:51:dd:10:69:
9a:e2:af:6f:24:43:2b:d4:a2:25:a1:dc:8c:95:5b:0c:fd:35:
b8:8e:dd:1f:71:08:59:a7:84:4f:fd:11:7e:12:2d:e9:0a:0d:
36:bb:b5:54:76:e8:8e:b2:70:5e:5a:08:79:d3:74:a5:1b:23:
4c:c1:fa:35:c3:46:0f:08:e6:d4:a0:64:a0:95:7e:75:2f:e4:
6e:b6:f4:c9:93:9a:49:1d:bb:2b:9e:5c:d8:e3:61:13:74:3e:
9f:aa:5d:7d:85:44:88:b0:07:bb:a2:8d:72:db:74:a1:30:5d:
27:e7:0c:27:cb:f9:fa:d3:50:b0:7e:b3:e6:5d:56:f0:67:bf:
9f:df:71:94:54:42:f9:44:29:98:fc:f3:c6:48:94:a2:79:4e:
9b:3d:f4:42:3d:0d:38:c3:0b:3f:cd:87:36:68:56:be:a7:84:
92:aa:ef:cb:0c:36:27:25:40:e3:e3:e0:72:c7:d6:58:2d:d9:
e3:c8:8a:83:23:7f:9b:bb:a3:a1:51:ff:fa:6c:48:38:e2:b7:
db:8c:76:79:5e:68:f1:ed:29:7f:39:24:37:dc:1a:32:38:65:
83:95:8f:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTK8DHYrzBV+/DuwUKcu3j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDcxYzg1YTM0ODI5NThmODdmMDMyYjY0NjMxOThjN2Zk
OWViMDcwHhcNMjUwMjAzMDgzMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDMyYTExZDVkYjk2YWM2ODA2NzA5Y2U4NjA1NThkOTQ1ODgyN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9zqKtrYUf/nJ/JqbBotJM3w5kcF
6X0ponY5rWFfGFWZthaCqmBbRaAbsZbq55FUCOBZTuMkD5ThWe3NA4m+jL+x+qRc
HZ/fG4EeYMbds4M+yICjQe/NRfGUwkYGoFaw/nnQeEFQDjnvA35jzlbh0XaKmhca
BhZPHbKqO6qWGF5D0nPeALIzPwMi5Lag+RtnFtKAVs0X2rEmmzK7WGPWMpAgl4H1
GwsDBcy4tCHjXjza3Tx212KXsihXVp6rW4IWN5xhkmwvqR1kp0o5h0VlptCWrtq8
9Olkdg8Iyi/9WVxa4vH5ba8gHPqLYQxGd9ezLdIxQCEnZ8rP/n6ZAHuZQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKAyoR1duWrGgGcJzoYFWNlFiCeiMB8GA1UdIwQY
MBaAFHEHHIWjSClY+H8DK2RjGYx/2esHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FjY2hhTklLVmo0ZndNclpHTVpqSF9aNndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9mODYxZjItYmY4My00MjQxLWJiNmEt
YWVmZDgwODcyNTMyLzEvb0RLaEhWMjVhc2FBWnduT2hnVlkyVVdJSjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9mODYxZjItYmY4My00MjQxLWJiNmEtYWVmZDgwODcyNTMy
LzEvY1FjY2hhTklLVmo0ZndNclpHTVpqSF9aNndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/N0AwQA
vH2kMA0GCSqGSIb3DQEBCwUAA4IBAQBq2eeT7CjDVuRmQrWW/kc7zyqGJU9FW+bS
6MMI0FA1M1HdEGma4q9vJEMr1KIlodyMlVsM/TW4jt0fcQhZp4RP/RF+Ei3pCg02
u7VUduiOsnBeWgh503SlGyNMwfo1w0YPCObUoGSglX51L+RutvTJk5pJHbsrnlzY
42ETdD6fql19hUSIsAe7oo1y23ShMF0n5wwny/n601CwfrPmXVbwZ7+f33GUVEL5
RCmY/PPGSJSieU6bPfRCPQ04wws/zYc2aFa+p4SSqu/LDDYnJUDj4+Byx9ZYLdnj
yIqDI3+bu6OhUf/6bEg44rfbjHZ5Xmjx7Sl/OSQ33BoyOGWDlY/J
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:37 2025 by rpki-client