Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/ORQO2bt4tZ4vLLqKLMcbfQp8XGU.roa
File: ORQO2bt4tZ4vLLqKLMcbfQp8XGU.roa (raw, json)
Hash identifier: GaOlBqWm8PmHR6a76TijAKH4zFKfXPTZYlG9t2+OjAY=
Subject key identifier: 39:14:0E:D9:BB:78:B5:9E:2F:2C:BA:8A:2C:C7:1B:7D:0A:7C:5C:65
Certificate issuer: /CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Certificate serial: 018D82A9FFF32676E6134A5FE4EAA7AAE6D2
Authority key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/ORQO2bt4tZ4vLLqKLMcbfQp8XGU.roa
Signing time: Wed 07 Feb 2024 08:23:15 +0000
ROA not before: Wed 07 Feb 2024 08:23:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49617
IP address blocks: 91.236.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:a9:ff:f3:26:76:e6:13:4a:5f:e4:ea:a7:aa:e6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Validity
Not Before: Feb 7 08:23:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39140ed9bb78b59e2f2cba8a2cc71b7d0a7c5c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:42:7d:ec:56:9a:b2:ce:a5:be:a9:a8:5b:9e:
89:83:19:c3:75:45:8f:0c:25:5a:bb:b5:c6:ac:73:
6a:5c:a5:b9:92:93:0a:d1:48:05:ef:88:de:51:b3:
72:dd:66:6f:b0:54:cf:af:02:d1:6d:79:aa:f0:79:
5e:dd:8a:7f:59:27:96:1a:40:a3:ab:45:8f:f4:65:
dc:87:fb:e8:40:2c:b8:64:e0:36:ad:cf:89:ed:af:
06:78:04:9d:9a:54:a6:96:a1:19:47:f6:3e:ad:6f:
72:4c:3f:e4:99:48:c2:f8:8a:22:49:8c:0a:62:15:
28:8a:31:5e:66:d4:5c:97:3f:14:0b:83:b3:a6:e9:
33:ce:c5:1c:7c:0b:56:00:76:16:99:91:7d:00:2d:
14:f3:d6:11:aa:f3:b3:89:c0:7d:5d:98:c4:14:7c:
78:97:d5:f3:cc:09:31:6c:dc:b3:0a:54:ec:63:09:
90:72:ca:dd:92:81:30:73:e1:eb:79:90:e1:49:09:
25:ad:c5:61:3b:55:b5:b0:41:2f:ef:a7:52:c4:b1:
02:4a:f4:22:d8:c3:33:e0:97:0e:cb:f8:b1:c7:74:
95:32:8a:a5:8b:23:f6:96:70:ff:45:3f:c1:b1:d3:
28:47:a1:a5:3c:4c:98:eb:b9:fd:4b:d0:f3:f7:9a:
99:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:14:0E:D9:BB:78:B5:9E:2F:2C:BA:8A:2C:C7:1B:7D:0A:7C:5C:65
X509v3 Authority Key Identifier:
keyid:85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/ORQO2bt4tZ4vLLqKLMcbfQp8XGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.134.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:51:c2:49:63:ea:1d:92:84:5a:da:8b:3a:58:5a:ec:ec:dc:
98:9d:ff:93:d8:d8:3d:9b:02:58:93:00:34:03:65:1a:4d:24:
b7:0b:38:63:4d:96:ed:c9:d4:18:ae:02:fe:c9:20:7c:73:06:
2d:64:23:d0:46:24:c3:26:a9:73:96:9d:48:21:72:e8:24:d2:
37:f4:d9:b2:07:4d:f2:a1:26:59:c3:39:c2:89:e3:b0:71:5b:
85:6c:4a:32:72:fd:cf:64:78:89:4e:03:00:a2:87:7f:d8:5e:
ec:58:ad:60:b0:e5:a7:83:fc:f7:bb:22:8a:9b:d1:7d:88:e4:
9d:27:58:19:aa:de:67:3d:c9:53:17:f6:f9:69:45:83:b6:81:
77:82:69:53:e8:ba:1e:ee:40:a8:29:2f:a1:12:4a:8c:b7:6e:
98:b4:c1:20:77:0b:35:84:eb:17:08:c9:0e:28:78:22:43:ba:
6b:59:53:db:0e:98:21:03:2b:90:0a:3a:a8:0d:ca:06:06:99:
ba:55:63:d8:03:76:1a:17:51:ad:9b:07:9a:7a:27:b8:81:33:
b0:84:8e:2c:14:a1:59:7b:76:72:84:7d:32:72:fa:47:79:37:
80:e0:fd:d2:eb:b9:53:05:3d:7a:39:90:12:8c:81:68:a4:09:
ac:6f:6f:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2Cqf/zJnbmE0pf5OqnqubSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MmVjZTljOWEzMjRkNDVjMzVmOTU1OWYzMjlkODg2OWRh
YjUzYmEwHhcNMjQwMjA3MDgyMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTE0MGVkOWJiNzhiNTllMmYyY2JhOGEyY2M3MWI3ZDBhN2M1YzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0J97Faass6lvqmoW56JgxnDdUWP
DCVau7XGrHNqXKW5kpMK0UgF74jeUbNy3WZvsFTPrwLRbXmq8Hle3Yp/WSeWGkCj
q0WP9GXch/voQCy4ZOA2rc+J7a8GeASdmlSmlqEZR/Y+rW9yTD/kmUjC+IoiSYwK
YhUoijFeZtRclz8UC4OzpukzzsUcfAtWAHYWmZF9AC0U89YRqvOzicB9XZjEFHx4
l9XzzAkxbNyzClTsYwmQcsrdkoEwc+HreZDhSQklrcVhO1W1sEEv76dSxLECSvQi
2MMz4JcOy/ixx3SVMoqliyP2lnD/RT/BsdMoR6GlPEyY67n9S9Dz95qZFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkUDtm7eLWeLyy6iizHG30KfFxlMB8GA1UdIwQY
MBaAFIUuzpyaMk1Fw1+VWfMp2Iadq1O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYt
ZWIyNDExZDIxMmFiLzEvT1JRTzJidDR0WjR2TExxS0xNY2JmUXA4WEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYtZWIyNDExZDIxMmFi
LzEvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+yGMA0G
CSqGSIb3DQEBCwUAA4IBAQBMUcJJY+odkoRa2os6WFrs7NyYnf+T2Ng9mwJYkwA0
A2UaTSS3CzhjTZbtydQYrgL+ySB8cwYtZCPQRiTDJqlzlp1IIXLoJNI39NmyB03y
oSZZwznCieOwcVuFbEoycv3PZHiJTgMAood/2F7sWK1gsOWng/z3uyKKm9F9iOSd
J1gZqt5nPclTF/b5aUWDtoF3gmlT6Loe7kCoKS+hEkqMt26YtMEgdws1hOsXCMkO
KHgiQ7prWVPbDpghAyuQCjqoDcoGBpm6VWPYA3YaF1Gtmweaeie4gTOwhI4sFKFZ
e3ZyhH0ycvpHeTeA4P3S67lTBT16OZASjIFopAmsb2+f
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:45:59 2025 by rpki-client