Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0omONzsVM3idGNGGf_8Rx8K-LTQ.roa
File: 0omONzsVM3idGNGGf_8Rx8K-LTQ.roa (raw, json)
Hash identifier: F4mL2CuKHLLg2B31Qtaa462+Stgao0zu2BQ3qHITeQw=
Subject key identifier: D2:89:8E:37:3B:15:33:78:9D:18:D1:86:7F:FF:11:C7:C2:BE:2D:34
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019424452F4A856AA0D049F380C048C27E5D
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0omONzsVM3idGNGGf_8Rx8K-LTQ.roa
Signing time: Wed 01 Jan 2025 23:48:21 +0000
ROA not before: Wed 01 Jan 2025 23:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207027
IP address blocks: 2.59.176.0/22 maxlen: 22
193.36.228.0/24 maxlen: 24
193.37.34.0/24 maxlen: 24
193.176.220.0/24 maxlen: 24
193.193.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:2f:4a:85:6a:a0:d0:49:f3:80:c0:48:c2:7e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2898e373b1533789d18d1867fff11c7c2be2d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e2:f3:be:33:d2:de:8f:5a:bc:9b:0e:05:e7:
8e:d4:cf:68:de:28:ac:7b:d2:73:f7:04:8a:ec:d0:
88:ce:db:e3:14:9e:e6:30:01:4a:9d:2f:15:d2:3a:
70:09:e6:f1:37:44:ab:1d:16:64:2f:72:99:26:27:
2c:d1:83:d3:05:8d:e9:1f:e3:f3:79:55:da:df:b1:
74:c0:bf:62:71:d9:97:2b:41:86:e3:f7:75:6f:cc:
4f:fb:e8:8a:68:16:f5:35:35:9e:72:1b:60:4f:6b:
2e:d3:30:65:6c:45:bb:1d:7b:b3:83:f2:bf:95:3e:
d0:4e:24:54:70:d4:77:8d:f3:b6:d8:ad:cf:d4:7f:
85:ad:27:4e:e1:36:7e:49:16:c9:06:9c:d4:b5:a1:
ba:64:76:d2:d3:94:da:0d:d8:7b:f1:3f:92:74:7c:
9d:28:d0:f4:a2:40:89:ca:ee:2c:91:3d:9c:69:16:
54:4d:a9:d8:9b:53:99:37:06:4d:84:b5:ce:14:d4:
53:c2:c5:5a:b1:1c:34:dc:8b:8f:e0:e8:e4:b7:e6:
7a:53:87:4d:b7:b6:2e:7a:f8:05:62:3e:2f:11:ea:
00:e5:f0:0d:1d:ed:9c:a7:31:7d:6f:f5:1f:87:e3:
f2:b7:8b:1c:c4:e5:62:0b:f5:2f:9f:f8:a1:b8:7b:
ac:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:89:8E:37:3B:15:33:78:9D:18:D1:86:7F:FF:11:C7:C2:BE:2D:34
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0omONzsVM3idGNGGf_8Rx8K-LTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.176.0/22
193.36.228.0/24
193.37.34.0/24
193.176.220.0/24
193.193.160.0/24
Signature Algorithm: sha256WithRSAEncryption
41:eb:6e:c8:8a:75:5e:7e:8d:f9:21:f2:1c:da:d1:dd:f2:4b:
48:95:35:80:61:a4:70:3c:b0:18:1e:8d:ca:d5:2b:0b:58:fd:
94:39:a5:92:83:62:d2:0a:39:2a:dd:ff:13:da:fc:40:3a:20:
4f:46:9e:74:da:b6:07:b4:4d:c2:41:db:1d:e3:af:f1:90:dc:
24:c9:9c:8b:0e:a0:20:ff:79:dc:83:ba:87:66:eb:a9:fe:4e:
f8:0b:df:9a:40:b0:db:90:c9:4f:ff:d3:7d:0e:d0:8b:ca:10:
50:ef:f3:fc:bc:da:34:4b:84:1f:1f:1e:32:f2:5b:6c:08:46:
50:6d:a5:9f:c0:ab:c5:31:8d:6f:44:5b:fc:30:9d:b3:e8:aa:
1a:6e:69:10:6a:de:d8:25:6e:75:de:95:c4:73:f1:7c:16:7e:
b5:8c:f8:7b:c3:b5:d8:3e:b0:05:f6:9f:c0:91:1c:25:41:31:
28:2a:07:ad:57:b1:10:69:03:c7:36:50:ac:f1:00:77:5c:69:
92:c1:84:d6:60:a1:a3:b7:ca:92:0e:79:b2:ea:c5:23:37:72:
7a:e2:44:18:de:2e:27:8c:41:94:ed:bf:9d:6d:54:95:7f:b9:
1e:28:55:da:8d:43:1e:76:ec:7e:b8:83:11:b5:6a:5a:24:95:
b4:d6:46:f4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQkRS9KhWqg0EnzgMBIwn5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjg5OGUzNzNiMTUzMzc4OWQxOGQxODY3ZmZmMTFjN2MyYmUyZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOLzvjPS3o9avJsOBeeO1M9o3iis
e9Jz9wSK7NCIztvjFJ7mMAFKnS8V0jpwCebxN0SrHRZkL3KZJics0YPTBY3pH+Pz
eVXa37F0wL9icdmXK0GG4/d1b8xP++iKaBb1NTWechtgT2su0zBlbEW7HXuzg/K/
lT7QTiRUcNR3jfO22K3P1H+FrSdO4TZ+SRbJBpzUtaG6ZHbS05TaDdh78T+SdHyd
KND0okCJyu4skT2caRZUTanYm1OZNwZNhLXOFNRTwsVasRw03IuP4Ojkt+Z6U4dN
t7YuevgFYj4vEeoA5fANHe2cpzF9b/Ufh+Pyt4scxOViC/Uvn/ihuHusAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNKJjjc7FTN4nRjRhn//EcfCvi00MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMG9tT056c1ZNM2lkR05HR2ZfOFJ4OEstTFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjuwAwQA
wSTkAwQAwSUiAwQAwbDcAwQAwcGgMA0GCSqGSIb3DQEBCwUAA4IBAQBB627IinVe
fo35IfIc2tHd8ktIlTWAYaRwPLAYHo3K1SsLWP2UOaWSg2LSCjkq3f8T2vxAOiBP
Rp502rYHtE3CQdsd46/xkNwkyZyLDqAg/3ncg7qHZuup/k74C9+aQLDbkMlP/9N9
DtCLyhBQ7/P8vNo0S4QfHx4y8ltsCEZQbaWfwKvFMY1vRFv8MJ2z6KoabmkQat7Y
JW513pXEc/F8Fn61jPh7w7XYPrAF9p/AkRwlQTEoKgetV7EQaQPHNlCs8QB3XGmS
wYTWYKGjt8qSDnmy6sUjN3J64kQY3i4njEGU7b+dbVSVf7keKFXajUMedux+uIMR
tWpaJJW01kb0
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:37:56 2025 by rpki-client