Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Orn9mMECvNnMxcocGzjxOdoRHk0.roa
File: Orn9mMECvNnMxcocGzjxOdoRHk0.roa (raw, json)
Hash identifier: aAMLejN67KDw/WEq6MTlllANPts4owmBi6ah/2ILaOs=
Subject key identifier: 3A:B9:FD:98:C1:02:BC:D9:CC:C5:CA:1C:1B:38:F1:39:DA:11:1E:4D
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019426D8E6291F1C1E6A2586D9F159727ACF
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Orn9mMECvNnMxcocGzjxOdoRHk0.roa
Signing time: Thu 02 Jan 2025 11:48:56 +0000
ROA not before: Thu 02 Jan 2025 11:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 192.102.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:e6:29:1f:1c:1e:6a:25:86:d9:f1:59:72:7a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 11:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ab9fd98c102bcd9ccc5ca1c1b38f139da111e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:34:0d:74:b9:56:4a:6f:70:c3:ed:6e:87:7c:
9a:29:31:77:30:c6:70:3e:7c:eb:70:c0:28:82:be:
7f:db:0c:d1:40:75:fb:d9:1c:69:7d:98:4b:8b:a9:
ef:b0:3a:ba:2d:76:a9:7a:f5:15:10:ae:41:1b:81:
78:41:88:f2:08:03:ce:65:82:e8:0f:f7:76:22:19:
b3:17:eb:31:12:1b:14:4c:11:24:be:17:5f:9b:ab:
3f:00:f0:22:8b:85:18:b7:e8:9c:a8:d4:4a:44:48:
04:a0:b4:c3:8e:c8:13:67:16:b8:2e:38:f0:d7:db:
34:cf:24:af:34:3b:02:8a:fc:8f:ee:da:ba:c9:bd:
10:a0:17:87:2c:92:24:da:fd:e0:96:77:4b:39:65:
e2:f4:cd:b3:c0:be:7b:42:e1:a1:47:a6:63:f7:d9:
83:27:e0:ce:b9:c2:09:4c:52:20:fa:12:71:a6:de:
97:e4:52:0a:3d:37:e6:1c:73:77:92:b9:66:30:15:
fb:0c:a9:3c:0b:22:58:06:76:e6:5d:51:5a:80:70:
0e:6c:b2:9f:1d:51:b4:01:58:ee:1d:f1:78:c5:c1:
7b:a1:42:f0:16:f5:d5:b3:50:ba:00:cc:cb:4a:1d:
7a:89:72:14:51:90:ac:f0:1b:81:e0:5e:0f:88:db:
0a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B9:FD:98:C1:02:BC:D9:CC:C5:CA:1C:1B:38:F1:39:DA:11:1E:4D
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Orn9mMECvNnMxcocGzjxOdoRHk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.102.165.0/24
Signature Algorithm: sha256WithRSAEncryption
36:d4:6a:b3:23:3a:4e:dd:4b:ac:d8:1c:1d:13:12:7e:93:f4:
7a:9d:2f:7a:41:8a:a0:7b:35:7d:a9:05:b6:e8:4b:82:19:40:
56:1b:8f:cd:53:c8:68:07:55:a8:a7:35:c2:0b:e7:d8:0b:f6:
89:96:19:25:0b:42:40:da:a0:29:24:03:5a:b2:07:4e:c5:ff:
39:75:bf:b7:b9:47:f0:34:2b:0a:36:30:74:80:4d:74:3a:61:
fa:d8:05:17:2d:8a:70:e3:f2:73:89:3c:f8:e9:ff:4c:a9:b3:
cb:11:42:d7:63:21:25:a7:0f:19:63:67:b3:e1:63:53:48:49:
6a:07:53:46:f6:d6:70:e3:9c:32:52:c8:fe:2d:d0:a6:ca:36:
e5:8e:38:6e:6a:28:a0:df:b6:58:e8:7e:a7:8b:7c:3a:15:80:
14:52:38:38:17:9f:26:c8:d7:17:29:25:c1:38:a0:d5:0a:bc:
36:73:0d:38:da:f9:49:bd:47:86:85:1b:dd:7d:3e:70:ce:35:
f3:89:d6:df:30:ac:86:20:7e:33:3c:80:13:53:e8:cd:42:09:
27:b8:17:d7:06:c5:1e:f3:79:ac:58:bd:62:3e:c0:c7:d7:2b:
47:b1:dc:87:64:3c:8a:b0:30:61:5d:b6:a2:ff:31:5d:c8:bf:
11:42:5f:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2OYpHxweaiWG2fFZcnrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjUwMTAyMTE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI5ZmQ5OGMxMDJiY2Q5Y2NjNWNhMWMxYjM4ZjEzOWRhMTExZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzQNdLlWSm9ww+1uh3yaKTF3MMZw
PnzrcMAogr5/2wzRQHX72RxpfZhLi6nvsDq6LXapevUVEK5BG4F4QYjyCAPOZYLo
D/d2IhmzF+sxEhsUTBEkvhdfm6s/APAii4UYt+icqNRKREgEoLTDjsgTZxa4Ljjw
19s0zySvNDsCivyP7tq6yb0QoBeHLJIk2v3glndLOWXi9M2zwL57QuGhR6Zj99mD
J+DOucIJTFIg+hJxpt6X5FIKPTfmHHN3krlmMBX7DKk8CyJYBnbmXVFagHAObLKf
HVG0AVjuHfF4xcF7oULwFvXVs1C6AMzLSh16iXIUUZCs8BuB4F4PiNsKKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDq5/ZjBArzZzMXKHBs48TnaER5NMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvT3JuOW1NRUN2Tm5NeGNvY0d6anhPZG9SSGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwGalMA0G
CSqGSIb3DQEBCwUAA4IBAQA21GqzIzpO3Uus2BwdExJ+k/R6nS96QYqgezV9qQW2
6EuCGUBWG4/NU8hoB1WopzXCC+fYC/aJlhklC0JA2qApJANasgdOxf85db+3uUfw
NCsKNjB0gE10OmH62AUXLYpw4/JziTz46f9MqbPLEULXYyElpw8ZY2ez4WNTSElq
B1NG9tZw45wyUsj+LdCmyjbljjhuaiig37ZY6H6ni3w6FYAUUjg4F58myNcXKSXB
OKDVCrw2cw042vlJvUeGhRvdfT5wzjXzidbfMKyGIH4zPIATU+jNQgknuBfXBsUe
83msWL1iPsDH1ytHsdyHZDyKsDBhXbai/zFdyL8RQl9p
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:30 2025 by rpki-client