Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/OKvzKSdRprY6KmoCf5oHQIz_91A.roa
File: OKvzKSdRprY6KmoCf5oHQIz_91A.roa (raw, json)
Hash identifier: c7CmyJe2kYuAmiLCH0rQuuU8EyGxHjQvlpZniPCLw0U=
Subject key identifier: 38:AB:F3:29:27:51:A6:B6:3A:2A:6A:02:7F:9A:07:40:8C:FF:F7:50
Certificate issuer: /CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Certificate serial: 019420D666390CB38B5E233AA31965DC603D
Authority key identifier: 0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/OKvzKSdRprY6KmoCf5oHQIz_91A.roa
Signing time: Wed 01 Jan 2025 07:48:29 +0000
ROA not before: Wed 01 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200739
IP address blocks: 185.97.227.0/24 maxlen: 24
2a06:8c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:66:39:0c:b3:8b:5e:23:3a:a3:19:65:dc:60:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Validity
Not Before: Jan 1 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38abf3292751a6b63a2a6a027f9a07408cfff750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:99:b8:89:cd:39:3e:0f:ce:af:5a:2e:c9:ea:
78:75:20:d2:26:c4:80:06:eb:cd:43:5e:48:5f:e9:
c6:b4:12:35:24:dc:29:af:f6:24:95:d1:e5:73:0f:
e7:c8:4a:2f:91:d0:d9:cf:bd:2c:33:d8:eb:87:d7:
23:25:72:5b:93:23:08:e6:b6:c9:e8:9c:8e:0a:df:
0b:1c:09:86:60:e6:43:52:ae:ac:7e:05:bb:00:af:
d3:38:d4:ae:d1:c4:f3:55:e7:fd:49:92:59:75:6a:
ac:62:04:72:36:32:8d:c4:33:38:47:d5:f9:2a:63:
eb:04:50:a3:71:4b:f7:fa:a5:5b:08:d4:84:ea:e3:
c6:c9:c8:10:7a:ec:c6:4a:7f:7b:9c:74:f6:6e:c4:
d4:a9:0c:fd:b4:bd:00:2c:3c:63:41:ff:6e:c7:01:
1a:ed:25:3b:74:e4:1f:13:97:5e:b9:b2:28:2b:df:
2f:60:bd:2a:08:ed:39:09:40:21:fa:53:3b:03:2b:
d4:d1:cc:ba:fe:05:2d:e5:6b:11:67:3f:f6:e1:33:
7d:c2:86:bf:5f:c7:c6:74:76:71:ce:61:72:f3:b0:
80:ba:02:b3:d0:5a:d1:a4:cb:f7:c2:5d:46:c8:6f:
47:c5:80:19:6c:81:9c:4d:d1:d2:4b:10:a4:c4:8a:
ee:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AB:F3:29:27:51:A6:B6:3A:2A:6A:02:7F:9A:07:40:8C:FF:F7:50
X509v3 Authority Key Identifier:
keyid:0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/OKvzKSdRprY6KmoCf5oHQIz_91A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/DZMC1UbgaML9dnfZ1SAK3TbIvNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.227.0/24
IPv6:
2a06:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
88:e4:0c:bd:5b:1b:44:1b:3a:8b:03:9c:45:85:d5:f0:18:62:
e0:e6:71:e3:b8:16:30:2a:69:84:9d:86:75:38:a0:0f:23:65:
12:87:3b:40:f7:cb:16:6a:74:7c:ec:97:73:e2:4f:31:38:35:
12:89:00:4f:3e:e3:0d:83:fd:5b:71:43:ac:d8:9b:bd:64:98:
7f:80:b2:0a:fb:89:a8:c5:45:ff:90:9d:17:e1:ea:3b:dd:4e:
51:71:f5:b0:c3:29:29:91:9a:e8:3d:88:f3:52:db:15:dd:94:
f6:d0:60:37:51:24:4e:04:89:3d:d4:9f:b1:09:9c:12:30:d7:
d9:20:3c:d7:09:f4:6c:ef:9b:e8:3c:7c:79:f0:c1:49:d4:35:
f8:5f:3e:eb:7f:4a:ad:d7:73:a9:1b:f5:9b:c6:65:c7:bc:1b:
ba:72:00:5f:27:65:94:1b:c1:2f:39:06:0b:94:34:f1:4d:44:
a5:ca:cc:1b:7f:22:ce:c4:3d:6a:f7:c6:29:00:0b:92:0a:54:
77:27:84:ca:5b:9b:55:82:de:e0:cb:eb:3f:89:76:7c:ba:2a:
d8:20:d1:e9:f2:69:bb:7d:60:f5:90:7c:58:9c:2f:88:a7:90:
6c:32:6f:f0:31:dd:c3:79:48:3d:bd:a1:40:aa:63:ac:ea:19:
41:d4:5e:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1mY5DLOLXiM6oxll3GA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTMwMmQ1NDZlMDY4YzJmZDc2NzdkOWQ1MjAwYWRkMzZj
OGJjZDUwHhcNMjUwMTAxMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFiZjMyOTI3NTFhNmI2M2EyYTZhMDI3ZjlhMDc0MDhjZmZmNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopm4ic05Pg/Or1ouyep4dSDSJsSA
BuvNQ15IX+nGtBI1JNwpr/YkldHlcw/nyEovkdDZz70sM9jrh9cjJXJbkyMI5rbJ
6JyOCt8LHAmGYOZDUq6sfgW7AK/TONSu0cTzVef9SZJZdWqsYgRyNjKNxDM4R9X5
KmPrBFCjcUv3+qVbCNSE6uPGycgQeuzGSn97nHT2bsTUqQz9tL0ALDxjQf9uxwEa
7SU7dOQfE5deubIoK98vYL0qCO05CUAh+lM7AyvU0cy6/gUt5WsRZz/24TN9woa/
X8fGdHZxzmFy87CAugKz0FrRpMv3wl1GyG9HxYAZbIGcTdHSSxCkxIruQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDir8yknUaa2OipqAn+aB0CM//dQMB8GA1UdIwQY
MBaAFA2TAtVG4GjC/XZ32dUgCt02yLzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUt
NGJlZjQzZDNmYjE3LzEvT0t2ektTZFJwclk2S21vQ2Y1b0hRSXpfOTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUtNGJlZjQzZDNmYjE3
LzEvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWHjMA0E
AgACMAcDBQMqBgjAMA0GCSqGSIb3DQEBCwUAA4IBAQCI5Ay9WxtEGzqLA5xFhdXw
GGLg5nHjuBYwKmmEnYZ1OKAPI2UShztA98sWanR87Jdz4k8xODUSiQBPPuMNg/1b
cUOs2Ju9ZJh/gLIK+4moxUX/kJ0X4eo73U5RcfWwwykpkZroPYjzUtsV3ZT20GA3
USROBIk91J+xCZwSMNfZIDzXCfRs75voPHx58MFJ1DX4Xz7rf0qt13OpG/WbxmXH
vBu6cgBfJ2WUG8EvOQYLlDTxTUSlyswbfyLOxD1q98YpAAuSClR3J4TKW5tVgt7g
y+s/iXZ8uirYINHp8mm7fWD1kHxYnC+Ip5BsMm/wMd3DeUg9vaFAqmOs6hlB1F6Z
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:18:50 2025 by rpki-client