Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/24822b-6184-46a0-bcc5-8f29f3d98214/1/oNabnVBprWmOKAwf55I_S596kpA.roa
File: oNabnVBprWmOKAwf55I_S596kpA.roa (raw, json)
Hash identifier: oPO4zSXw/czstjjrx9MIpyMDwMbOHA6CB7TjTGFGR/0=
Subject key identifier: A0:D6:9B:9D:50:69:AD:69:8E:28:0C:1F:E7:92:3F:4B:9F:7A:92:90
Certificate issuer: /CN=10515090f850e337eb3b118a157e4e39083b77a6
Certificate serial: 01941F8C2CCC6FC65C0FA202E07F457935D2
Authority key identifier: 10:51:50:90:F8:50:E3:37:EB:3B:11:8A:15:7E:4E:39:08:3B:77:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFFQkPhQ4zfrOxGKFX5OOQg7d6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/24822b-6184-46a0-bcc5-8f29f3d98214/1/oNabnVBprWmOKAwf55I_S596kpA.roa
Signing time: Wed 01 Jan 2025 01:47:47 +0000
ROA not before: Wed 01 Jan 2025 01:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39260
IP address blocks: 195.238.88.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2c:cc:6f:c6:5c:0f:a2:02:e0:7f:45:79:35:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10515090f850e337eb3b118a157e4e39083b77a6
Validity
Not Before: Jan 1 01:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0d69b9d5069ad698e280c1fe7923f4b9f7a9290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7d:67:e7:2c:4a:60:82:45:2d:20:15:34:57:
8c:10:b8:df:0f:ff:47:58:5d:c6:3c:cb:a5:07:eb:
12:2b:b9:3f:e6:4e:94:83:31:08:c3:9f:23:86:fc:
16:22:3b:4f:49:03:9b:72:35:40:81:1d:10:c1:28:
4f:ea:15:3f:b2:cd:61:d6:c9:0d:80:d5:30:87:ec:
e6:87:76:38:f0:17:fc:88:30:34:bf:09:96:6f:fc:
81:7d:ea:7a:03:3c:be:6c:27:c4:ca:31:36:eb:dc:
cb:54:33:f3:20:75:a7:e7:da:1f:ea:c8:12:38:f0:
95:71:f3:ba:d8:34:a5:69:de:0b:a1:b4:05:62:45:
d4:7f:fb:90:fc:a1:10:4e:35:16:de:8e:9e:57:b4:
9f:0a:6f:6d:a9:2e:ae:b2:2e:13:53:d6:ba:00:7e:
43:3d:b6:65:d3:14:dc:d6:6a:0f:28:27:ee:56:85:
4e:af:f6:aa:28:8e:49:ea:19:30:4c:b6:19:d5:6c:
f6:9a:44:68:7f:cb:b0:dd:e4:15:93:93:f5:ed:7f:
65:93:55:05:d2:8e:7d:65:84:61:80:13:ba:c7:d4:
9a:36:5a:d7:13:38:7d:07:be:94:a9:4c:f5:92:ed:
9a:6c:45:b3:de:28:22:b1:38:88:6a:31:d1:ef:e8:
34:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D6:9B:9D:50:69:AD:69:8E:28:0C:1F:E7:92:3F:4B:9F:7A:92:90
X509v3 Authority Key Identifier:
keyid:10:51:50:90:F8:50:E3:37:EB:3B:11:8A:15:7E:4E:39:08:3B:77:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFFQkPhQ4zfrOxGKFX5OOQg7d6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/24822b-6184-46a0-bcc5-8f29f3d98214/1/oNabnVBprWmOKAwf55I_S596kpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/24822b-6184-46a0-bcc5-8f29f3d98214/1/EFFQkPhQ4zfrOxGKFX5OOQg7d6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.88.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:2d:78:85:67:a1:db:b7:3b:36:1d:07:fa:ec:93:6f:da:8a:
a6:9d:a8:96:82:31:25:d5:a3:35:12:0d:71:57:c4:a5:70:94:
24:27:b0:2f:7f:8d:19:c5:cb:06:d8:e9:06:e0:c6:29:c9:cc:
0a:c7:a7:4f:af:16:31:4b:03:22:ce:af:a3:47:f2:73:70:30:
94:8d:e0:68:ce:36:fe:7d:94:ea:e8:0f:ab:0d:4c:26:40:9c:
d1:be:82:80:b6:70:84:3d:74:fa:c0:9f:e1:3b:39:58:e5:91:
fc:16:60:38:f9:50:da:f8:60:fe:de:86:f2:38:84:ac:0d:f5:
9a:1f:a1:80:64:c2:43:5b:7c:6c:ce:7c:2e:67:a0:ed:f3:b3:
13:ea:ea:1a:35:9f:e3:c0:14:43:25:e0:42:d0:46:65:7b:22:
96:0f:df:8a:a4:95:5e:ae:81:42:0a:f2:8d:9f:a3:cd:3c:1d:
28:c6:d8:0a:f6:4a:c9:a8:ef:74:26:24:69:7e:c6:6a:0b:db:
a9:c6:80:cc:36:ed:50:d5:69:b0:9f:ce:f8:c1:17:34:c1:71:
d2:99:70:4c:7d:85:ed:d3:18:15:45:de:b9:fa:35:66:c1:74:
57:c5:d8:28:f0:7f:51:fe:2b:93:8d:14:21:4e:c2:e1:7b:df:
cb:42:0c:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCzMb8ZcD6IC4H9FeTXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTE1MDkwZjg1MGUzMzdlYjNiMTE4YTE1N2U0ZTM5MDgz
Yjc3YTYwHhcNMjUwMTAxMDE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQ2OWI5ZDUwNjlhZDY5OGUyODBjMWZlNzkyM2Y0YjlmN2E5MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn1n5yxKYIJFLSAVNFeMELjfD/9H
WF3GPMulB+sSK7k/5k6UgzEIw58jhvwWIjtPSQObcjVAgR0QwShP6hU/ss1h1skN
gNUwh+zmh3Y48Bf8iDA0vwmWb/yBfep6Azy+bCfEyjE269zLVDPzIHWn59of6sgS
OPCVcfO62DSlad4LobQFYkXUf/uQ/KEQTjUW3o6eV7SfCm9tqS6usi4TU9a6AH5D
PbZl0xTc1moPKCfuVoVOr/aqKI5J6hkwTLYZ1Wz2mkRof8uw3eQVk5P17X9lk1UF
0o59ZYRhgBO6x9SaNlrXEzh9B76UqUz1ku2abEWz3igisTiIajHR7+g0pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDWm51Qaa1pjigMH+eSP0ufepKQMB8GA1UdIwQY
MBaAFBBRUJD4UOM36zsRihV+TjkIO3emMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZGUWtQaFE0emZyT3hHS0ZYNU9PUWc3ZDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNDgyMmItNjE4NC00NmEwLWJjYzUt
OGYyOWYzZDk4MjE0LzEvb05hYm5WQnByV21PS0F3ZjU1SV9TNTk2a3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNDgyMmItNjE4NC00NmEwLWJjYzUtOGYyOWYzZDk4MjE0
LzEvRUZGUWtQaFE0emZyT3hHS0ZYNU9PUWc3ZDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+5YMA0G
CSqGSIb3DQEBCwUAA4IBAQCuLXiFZ6Hbtzs2HQf67JNv2oqmnaiWgjEl1aM1Eg1x
V8SlcJQkJ7Avf40ZxcsG2OkG4MYpycwKx6dPrxYxSwMizq+jR/JzcDCUjeBozjb+
fZTq6A+rDUwmQJzRvoKAtnCEPXT6wJ/hOzlY5ZH8FmA4+VDa+GD+3obyOISsDfWa
H6GAZMJDW3xsznwuZ6Dt87MT6uoaNZ/jwBRDJeBC0EZleyKWD9+KpJVeroFCCvKN
n6PNPB0oxtgK9krJqO90JiRpfsZqC9upxoDMNu1Q1Wmwn874wRc0wXHSmXBMfYXt
0xgVRd65+jVmwXRXxdgo8H9R/iuTjRQhTsLhe9/LQgwz
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:10 2025 by rpki-client