Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/o6ZBsBJmDidSJEQHGXWmeVRCms8.roa
File: o6ZBsBJmDidSJEQHGXWmeVRCms8.roa (raw, json)
Hash identifier: GwrZpgToKxBN/Z3vluAbzRPkv9FXCdnTNy9hbU0gr3E=
Subject key identifier: A3:A6:41:B0:12:66:0E:27:52:24:44:07:19:75:A6:79:54:42:9A:CF
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 019422FBD779A97852DA200CB1D855B5618D
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/o6ZBsBJmDidSJEQHGXWmeVRCms8.roa
Signing time: Wed 01 Jan 2025 17:48:37 +0000
ROA not before: Wed 01 Jan 2025 17:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 87.58.64.0/24 maxlen: 24
87.58.65.0/24 maxlen: 24
194.9.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d7:79:a9:78:52:da:20:0c:b1:d8:55:b5:61:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Jan 1 17:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3a641b012660e27522444071975a67954429acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:33:a9:18:68:c7:a2:25:43:c2:ab:06:12:
1a:7c:83:55:56:fe:3b:94:20:94:16:77:64:8d:66:
c7:56:43:d5:3a:20:c0:d2:ff:d1:46:4d:0f:58:db:
24:a9:c0:da:86:b7:29:3c:e2:bb:36:dc:97:2a:2c:
f3:24:95:c4:fa:bb:86:dc:d6:96:b2:ad:ef:d2:1b:
f5:35:d8:b7:03:b5:9d:11:c6:b1:82:07:a3:ac:4c:
e6:97:f9:5c:80:f5:5e:f7:30:7b:64:44:93:ae:95:
89:87:b2:c3:b7:35:63:2c:6f:8f:33:5e:40:95:c2:
31:34:1e:b3:f5:06:32:c9:e7:d3:8c:2b:1e:fb:e3:
69:95:94:a5:9d:f9:db:70:39:66:d4:8c:64:9b:f9:
f1:69:5e:5c:d7:0a:7b:48:ce:77:94:7c:b0:d6:d2:
f2:57:6b:77:d9:b7:87:70:f1:ce:b5:71:c7:39:f0:
fe:20:b5:48:0d:7f:3b:2a:23:bd:ee:04:42:e9:e8:
1d:72:d8:6c:a1:1a:09:67:da:98:59:cd:a8:4f:00:
c1:d8:5f:a7:3c:56:d1:f9:ac:3c:ad:25:fb:31:3b:
56:f4:0d:a9:94:e3:e8:ca:8d:f6:0a:d3:33:2d:67:
bf:fd:99:45:72:49:b3:2f:aa:fa:54:b4:f7:d7:17:
0c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A6:41:B0:12:66:0E:27:52:24:44:07:19:75:A6:79:54:42:9A:CF
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/o6ZBsBJmDidSJEQHGXWmeVRCms8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.64.0/23
194.9.116.0/24
Signature Algorithm: sha256WithRSAEncryption
02:02:cb:da:fa:39:98:3e:6a:41:ca:8b:a2:37:08:eb:c9:d6:
d5:5c:9e:cf:7a:e4:4d:11:13:4d:49:0e:ec:67:46:24:94:23:
cd:6f:33:7e:04:b5:8d:a9:b8:d4:da:15:74:09:8e:bf:5f:9b:
41:fe:c1:97:ef:8c:46:51:ac:98:3e:97:0a:a7:bd:46:65:94:
a7:6c:fc:f8:84:80:94:68:bf:77:c9:f5:28:54:5a:08:13:20:
51:00:ba:22:a8:a2:4a:44:34:2a:0d:59:03:62:ad:6d:22:5c:
22:13:4b:88:38:57:29:e5:0b:e3:f3:a0:ac:48:25:65:53:dc:
e3:9d:ce:e1:58:42:00:e4:c5:fa:69:42:67:d4:3a:97:a0:18:
ae:fe:d7:4d:fc:2d:3c:46:40:15:e9:e1:29:82:7e:d0:16:40:
8e:15:9e:50:55:94:17:9d:b7:dc:fd:2b:86:95:c7:ab:fd:43:
0c:f8:ab:04:99:ea:32:51:37:98:9a:26:9a:ba:db:99:0d:29:
9a:31:0a:93:8d:6d:0c:e6:c0:0b:e9:da:1c:40:62:61:32:e7:
2a:ae:49:e0:0d:2d:be:a8:95:3f:b1:9d:f7:9a:31:b9:07:1d:
db:bd:e1:16:2a:db:c5:f2:f6:20:b4:85:53:18:45:f4:95:1e:
69:1b:53:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+9d5qXhS2iAMsdhVtWGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwMTAxMTc0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2E2NDFiMDEyNjYwZTI3NTIyNDQ0MDcxOTc1YTY3OTU0NDI5YWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyczqRhox6IlQ8KrBhIafINVVv47
lCCUFndkjWbHVkPVOiDA0v/RRk0PWNskqcDahrcpPOK7NtyXKizzJJXE+ruG3NaW
sq3v0hv1Ndi3A7WdEcaxggejrEzml/lcgPVe9zB7ZESTrpWJh7LDtzVjLG+PM15A
lcIxNB6z9QYyyefTjCse++NplZSlnfnbcDlm1Ixkm/nxaV5c1wp7SM53lHyw1tLy
V2t32beHcPHOtXHHOfD+ILVIDX87KiO97gRC6egdcthsoRoJZ9qYWc2oTwDB2F+n
PFbR+aw8rSX7MTtW9A2plOPoyo32CtMzLWe//ZlFckmzL6r6VLT31xcMgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKOmQbASZg4nUiREBxl1pnlUQprPMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvbzZaQnNCSm1EaWRTSkVRSEdYV21lVlJDbXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVzpAAwQA
wgl0MA0GCSqGSIb3DQEBCwUAA4IBAQACAsva+jmYPmpByouiNwjrydbVXJ7PeuRN
ERNNSQ7sZ0YklCPNbzN+BLWNqbjU2hV0CY6/X5tB/sGX74xGUayYPpcKp71GZZSn
bPz4hICUaL93yfUoVFoIEyBRALoiqKJKRDQqDVkDYq1tIlwiE0uIOFcp5Qvj86Cs
SCVlU9zjnc7hWEIA5MX6aUJn1DqXoBiu/tdN/C08RkAV6eEpgn7QFkCOFZ5QVZQX
nbfc/SuGlcer/UMM+KsEmeoyUTeYmiaautuZDSmaMQqTjW0M5sAL6docQGJhMucq
rkngDS2+qJU/sZ33mjG5Bx3bveEWKtvF8vYgtIVTGEX0lR5pG1OZ
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:17:56 2025 by rpki-client