Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/323ec7-582d-4c12-b723-297c4b33d541/1/Ol0O0oRqODYOj9ph8ml5n6odUeA.roa
File: Ol0O0oRqODYOj9ph8ml5n6odUeA.roa (raw, json)
Hash identifier: 1tqT7hXqTpvgreMeW3w+v2XxDa2v9KMg9/qNQibzJlg=
Subject key identifier: 3A:5D:0E:D2:84:6A:38:36:0E:8F:DA:61:F2:69:79:9F:AA:1D:51:E0
Certificate issuer: /CN=d305f8c033cc4c096c3953585c2689c9a75d3f18
Certificate serial: 018CC4922B0813541F047B5B2FAAEE532B2C
Authority key identifier: D3:05:F8:C0:33:CC:4C:09:6C:39:53:58:5C:26:89:C9:A7:5D:3F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0wX4wDPMTAlsOVNYXCaJyaddPxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/323ec7-582d-4c12-b723-297c4b33d541/1/Ol0O0oRqODYOj9ph8ml5n6odUeA.roa
Signing time: Mon 01 Jan 2024 10:29:22 +0000
ROA not before: Mon 01 Jan 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201094
IP address blocks: 194.9.70.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2b:08:13:54:1f:04:7b:5b:2f:aa:ee:53:2b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d305f8c033cc4c096c3953585c2689c9a75d3f18
Validity
Not Before: Jan 1 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a5d0ed2846a38360e8fda61f269799faa1d51e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:08:62:60:c8:db:77:d8:c5:2d:47:97:83:
63:8b:03:d8:c5:04:1f:d1:32:e1:22:ba:24:31:fd:
a7:22:b7:b9:99:7b:22:3e:90:34:33:a5:d9:cd:e3:
6b:5c:4c:32:6c:4d:25:83:ab:d2:e3:ff:cf:64:08:
79:03:9b:03:51:d0:9d:1f:01:8a:40:b0:f7:36:1d:
15:2d:6b:21:38:df:08:fd:45:e4:f3:21:92:02:84:
95:64:e7:3f:36:73:d2:36:02:cc:03:fa:8f:7b:68:
9a:15:b2:fd:32:ee:3d:1e:c4:cd:f1:e4:c5:7a:58:
b9:be:ce:66:94:d8:63:1b:54:4d:32:35:5a:78:24:
1f:99:20:66:08:49:70:fe:59:41:4d:1d:a0:e8:80:
88:8a:f0:66:32:95:e5:43:06:f4:92:ed:40:25:29:
2d:e0:83:20:1b:a9:e4:0a:40:45:42:f2:7a:9c:1b:
85:2c:12:f4:5c:eb:10:d7:68:33:2d:4c:10:18:dc:
0c:ae:68:45:e5:7d:a1:83:0f:ec:5c:19:94:a6:cc:
9c:67:7b:2c:7a:05:23:21:3a:46:5f:01:92:68:bd:
68:05:fd:51:96:ed:31:ef:b1:a7:4a:b2:2c:1b:8c:
8f:46:0d:41:46:5c:f8:bc:f1:53:5e:c6:b2:98:d0:
b8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5D:0E:D2:84:6A:38:36:0E:8F:DA:61:F2:69:79:9F:AA:1D:51:E0
X509v3 Authority Key Identifier:
keyid:D3:05:F8:C0:33:CC:4C:09:6C:39:53:58:5C:26:89:C9:A7:5D:3F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wX4wDPMTAlsOVNYXCaJyaddPxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/323ec7-582d-4c12-b723-297c4b33d541/1/Ol0O0oRqODYOj9ph8ml5n6odUeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/323ec7-582d-4c12-b723-297c4b33d541/1/0wX4wDPMTAlsOVNYXCaJyaddPxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.70.0/23
Signature Algorithm: sha256WithRSAEncryption
94:af:5b:9e:1e:dc:b4:52:28:48:e0:16:45:e3:46:12:15:51:
9b:a5:80:3f:98:88:be:b0:31:13:32:74:8b:ed:79:c9:57:08:
53:ae:a0:a1:91:0a:36:31:d5:8d:1a:9f:3c:de:38:90:c2:69:
86:3e:a4:6a:53:4c:bb:46:7b:d3:1d:cd:3b:b8:c7:8d:28:73:
0f:b4:3f:d6:50:9d:70:25:f3:48:6d:04:9c:7f:d8:f1:a9:d4:
2a:61:f2:7b:19:75:3a:c2:d3:75:34:79:4a:87:15:23:78:1d:
5b:dc:91:46:c0:42:d1:b3:0e:85:7b:0a:96:ed:df:a8:12:42:
93:c4:8c:11:c5:53:60:50:25:a3:41:4e:e2:b7:3a:e4:35:5d:
30:23:f5:df:0e:d5:ea:8a:fc:03:d2:e6:51:ab:90:e7:8a:c6:
97:46:24:ce:2a:1e:0a:47:bf:a0:a4:13:7c:ee:82:78:3c:a9:
32:f7:e7:02:f3:cd:f9:0e:c8:4d:50:d5:2f:02:11:ee:3a:47:
1c:a6:9e:08:e7:ef:f0:12:71:e6:9d:c9:53:1a:8e:a6:9f:5c:
c1:b9:7f:62:ee:d9:73:47:dd:97:9b:a2:b4:f8:af:fd:e1:bc:
1f:34:1a:95:0e:a1:cf:d8:bf:f4:5a:4b:d4:cd:fd:6a:89:a0:
e6:75:83:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkisIE1QfBHtbL6ruUyssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDVmOGMwMzNjYzRjMDk2YzM5NTM1ODVjMjY4OWM5YTc1
ZDNmMTgwHhcNMjQwMTAxMTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVkMGVkMjg0NmEzODM2MGU4ZmRhNjFmMjY5Nzk5ZmFhMWQ1MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNAIYmDI23fYxS1Hl4NjiwPYxQQf
0TLhIrokMf2nIre5mXsiPpA0M6XZzeNrXEwybE0lg6vS4//PZAh5A5sDUdCdHwGK
QLD3Nh0VLWshON8I/UXk8yGSAoSVZOc/NnPSNgLMA/qPe2iaFbL9Mu49HsTN8eTF
eli5vs5mlNhjG1RNMjVaeCQfmSBmCElw/llBTR2g6ICIivBmMpXlQwb0ku1AJSkt
4IMgG6nkCkBFQvJ6nBuFLBL0XOsQ12gzLUwQGNwMrmhF5X2hgw/sXBmUpsycZ3ss
egUjITpGXwGSaL1oBf1Rlu0x77GnSrIsG4yPRg1BRlz4vPFTXsaymNC4kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpdDtKEajg2Do/aYfJpeZ+qHVHgMB8GA1UdIwQY
MBaAFNMF+MAzzEwJbDlTWFwmicmnXT8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdYNHdEUE1UQWxzT1ZOWVhDYUp5YWRkUHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zMjNlYzctNTgyZC00YzEyLWI3MjMt
Mjk3YzRiMzNkNTQxLzEvT2wwTzBvUnFPRFlPajlwaDhtbDVuNm9kVWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zMjNlYzctNTgyZC00YzEyLWI3MjMtMjk3YzRiMzNkNTQx
LzEvMHdYNHdEUE1UQWxzT1ZOWVhDYUp5YWRkUHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwglGMA0G
CSqGSIb3DQEBCwUAA4IBAQCUr1ueHty0UihI4BZF40YSFVGbpYA/mIi+sDETMnSL
7XnJVwhTrqChkQo2MdWNGp883jiQwmmGPqRqU0y7RnvTHc07uMeNKHMPtD/WUJ1w
JfNIbQScf9jxqdQqYfJ7GXU6wtN1NHlKhxUjeB1b3JFGwELRsw6FewqW7d+oEkKT
xIwRxVNgUCWjQU7itzrkNV0wI/XfDtXqivwD0uZRq5DnisaXRiTOKh4KR7+gpBN8
7oJ4PKky9+cC8835DshNUNUvAhHuOkccpp4I5+/wEnHmnclTGo6mn1zBuX9i7tlz
R92Xm6K0+K/94bwfNBqVDqHP2L/0WkvUzf1qiaDmdYOL
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:23:30 2025 by rpki-client