Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/om3N9ug1vxTA-JOJ0P_08L7ZWxo.roa
File: om3N9ug1vxTA-JOJ0P_08L7ZWxo.roa (raw, json)
Hash identifier: FdL6R9gigrjiaEd9SVuTmcrerTtUR7V2cH9/PXq0cyA=
Subject key identifier: A2:6D:CD:F6:E8:35:BF:14:C0:F8:93:89:D0:FF:F4:F0:BE:D9:5B:1A
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 019427B58D54DFC0AB56587E51674405571F
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/om3N9ug1vxTA-JOJ0P_08L7ZWxo.roa
Signing time: Thu 02 Jan 2025 15:49:57 +0000
ROA not before: Thu 02 Jan 2025 15:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52180
IP address blocks: 185.126.253.0/24 maxlen: 24
212.79.123.0/24 maxlen: 24
212.79.124.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8d:54:df:c0:ab:56:58:7e:51:67:44:05:57:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Jan 2 15:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a26dcdf6e835bf14c0f89389d0fff4f0bed95b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:29:f7:4e:49:ad:9d:18:e8:74:75:df:17:30:
ab:29:c7:08:c7:5f:41:98:55:13:76:13:b3:5a:fb:
9f:bf:5f:e1:2e:cf:b2:cc:a2:c5:54:40:32:b1:64:
f1:1d:e9:52:9c:06:c8:b3:bf:9b:e4:4c:69:17:d8:
97:70:35:19:0c:98:f4:8a:98:73:69:18:ae:96:34:
bf:16:26:88:3b:d7:37:02:08:17:98:2e:df:54:11:
a9:cf:ee:00:0b:ff:7d:11:4d:bb:93:db:d4:e4:ee:
68:6b:1f:1e:a7:7c:9f:af:81:a5:e9:13:5c:f8:cf:
83:27:a9:38:fb:34:95:08:c0:07:09:fd:48:11:49:
8a:5a:58:18:14:50:50:40:84:b9:5d:b8:95:33:4b:
bf:2a:2f:81:c4:86:02:66:b8:f5:bb:ac:f8:a9:22:
2a:4f:ea:02:9d:f0:1c:11:c8:2b:2a:13:8b:b6:0e:
16:bc:b8:2b:29:cc:9a:55:d0:a6:86:e7:a5:66:bb:
d5:c8:ed:dd:9b:ef:88:d7:55:ab:8a:f8:e5:8a:16:
83:42:20:7e:76:bd:2a:b3:cf:e6:19:d2:f3:5a:62:
0a:50:1b:ad:57:4d:1a:f3:f9:88:79:6b:68:20:b3:
60:69:16:f7:52:6a:40:dc:94:0b:7b:a8:66:8c:2b:
88:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6D:CD:F6:E8:35:BF:14:C0:F8:93:89:D0:FF:F4:F0:BE:D9:5B:1A
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/om3N9ug1vxTA-JOJ0P_08L7ZWxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.253.0/24
212.79.123.0-212.79.124.255
Signature Algorithm: sha256WithRSAEncryption
a6:36:51:c1:b0:68:86:b1:4b:c8:1c:86:ae:e3:7c:d5:5d:9e:
61:20:3b:2f:f1:a1:c4:7f:04:f7:8c:5b:73:5c:c0:0c:0a:2f:
fb:1b:44:1a:34:d6:b3:dd:94:5e:fc:cb:fa:50:ff:08:98:e2:
6e:8b:4c:76:38:ce:6d:82:0b:d9:15:b8:7a:1a:fc:bf:20:64:
92:bd:ff:13:88:a5:28:9f:5c:33:9b:a6:50:ec:e4:45:dd:bc:
2a:1b:f4:38:ad:38:dc:86:a4:c0:b5:1f:0d:63:f4:3f:7a:4b:
21:69:f5:b6:77:d4:1d:18:03:7a:d8:8c:a7:b6:49:a2:10:7c:
60:4a:c8:06:53:d2:50:5b:75:0f:7a:e8:4e:83:00:3c:da:1b:
33:09:fc:77:87:7a:04:bd:85:b6:89:3c:7f:15:e4:0d:ff:e6:
79:a8:31:73:8e:ff:a9:7b:11:c0:19:82:8b:56:ef:fa:69:91:
c6:3e:fe:9e:8b:78:d8:af:64:69:19:06:a3:c6:57:41:41:3d:
50:d5:ee:99:46:7a:97:82:5d:b0:ea:49:c4:4e:21:70:50:29:
6f:7e:8d:60:3c:17:c5:27:43:cc:a8:c6:39:54:6b:c5:4c:23:
d0:71:1c:cf:49:1d:48:17:0d:e5:a8:f2:b4:4f:2e:67:a4:9f:
3a:b4:4b:f3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQntY1U38CrVlh+UWdEBVcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjUwMTAyMTU0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZkY2RmNmU4MzViZjE0YzBmODkzODlkMGZmZjRmMGJlZDk1YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSn3TkmtnRjodHXfFzCrKccIx19B
mFUTdhOzWvufv1/hLs+yzKLFVEAysWTxHelSnAbIs7+b5ExpF9iXcDUZDJj0iphz
aRiuljS/FiaIO9c3AggXmC7fVBGpz+4AC/99EU27k9vU5O5oax8ep3yfr4Gl6RNc
+M+DJ6k4+zSVCMAHCf1IEUmKWlgYFFBQQIS5XbiVM0u/Ki+BxIYCZrj1u6z4qSIq
T+oCnfAcEcgrKhOLtg4WvLgrKcyaVdCmhuelZrvVyO3dm++I11WrivjlihaDQiB+
dr0qs8/mGdLzWmIKUButV00a8/mIeWtoILNgaRb3UmpA3JQLe6hmjCuIwwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKJtzfboNb8UwPiTidD/9PC+2VsaMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvb20zTjl1ZzF2eFRBLUpPSjBQXzA4TDdaV3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuX79MAwD
BADUT3sDBADUT3wwDQYJKoZIhvcNAQELBQADggEBAKY2UcGwaIaxS8gchq7jfNVd
nmEgOy/xocR/BPeMW3NcwAwKL/sbRBo01rPdlF78y/pQ/wiY4m6LTHY4zm2CC9kV
uHoa/L8gZJK9/xOIpSifXDObplDs5EXdvCob9DitONyGpMC1Hw1j9D96SyFp9bZ3
1B0YA3rYjKe2SaIQfGBKyAZT0lBbdQ966E6DADzaGzMJ/HeHegS9hbaJPH8V5A3/
5nmoMXOO/6l7EcAZgotW7/ppkcY+/p6LeNivZGkZBqPGV0FBPVDV7plGepeCXbDq
ScROIXBQKW9+jWA8F8UnQ8yoxjlUa8VMI9BxHM9JHUgXDeWo8rRPLmeknzq0S/M=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:17 2025 by rpki-client