Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O9k4XyH_BlTw5sWeLBCf6V4ShgE.roa
File: O9k4XyH_BlTw5sWeLBCf6V4ShgE.roa (raw, json)
Hash identifier: 2cBgmnVcJHF0Z0p8X3ski33VsjYXzefq50pYLhGrG+o=
Subject key identifier: 3B:D9:38:5F:21:FF:06:54:F0:E6:C5:9E:2C:10:9F:E9:5E:12:86:01
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FF4580DED5A7FA46FD5C3A4B302EC
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O9k4XyH_BlTw5sWeLBCf6V4ShgE.roa
Signing time: Thu 02 Jan 2025 05:49:38 +0000
ROA not before: Thu 02 Jan 2025 05:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204720
IP address blocks: 93.171.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:f4:58:0d:ed:5a:7f:a4:6f:d5:c3:a4:b3:02:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bd9385f21ff0654f0e6c59e2c109fe95e128601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:38:e5:6c:16:57:b4:c5:76:41:60:92:16:02:
3a:41:95:8a:6d:5a:9d:00:cb:12:00:dd:f2:00:13:
69:0d:a6:32:be:4c:84:df:61:a5:01:e6:12:94:b4:
17:ad:88:2a:d2:95:94:a3:20:d0:20:b2:b1:aa:b5:
8e:0c:c2:c5:86:41:c2:60:3e:3c:bd:33:97:9e:9f:
64:ee:0d:0d:10:57:62:22:c4:45:ee:c6:57:40:24:
07:f6:fe:1b:ff:b2:0e:cc:39:ad:bd:c1:f8:38:fb:
f1:a7:53:1e:ee:ff:c8:7e:d5:cd:22:ff:8b:db:f5:
fd:81:e9:b7:47:cc:83:7a:b2:b9:5c:77:01:50:91:
df:b6:61:70:d6:0e:83:60:af:27:25:63:68:e3:c0:
77:a5:26:f9:fa:70:9a:f1:b4:47:57:06:da:4c:81:
29:3c:56:41:4c:ce:13:60:a6:a2:23:bf:b3:9a:d9:
66:70:65:75:7d:d6:e7:9d:7e:51:e9:58:67:8e:09:
eb:1a:4c:99:f7:5c:09:4b:03:1d:f6:1a:b7:a0:9b:
2d:03:e9:6d:53:20:86:0b:0b:81:dc:c6:9e:51:dd:
bb:e1:7a:fd:80:4a:34:5d:af:03:aa:7d:2b:fc:39:
1c:bc:32:16:b2:6c:bd:25:42:17:76:78:09:9d:d6:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D9:38:5F:21:FF:06:54:F0:E6:C5:9E:2C:10:9F:E9:5E:12:86:01
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O9k4XyH_BlTw5sWeLBCf6V4ShgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.230.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:ba:03:63:4a:8f:60:67:ed:b0:e7:b7:c5:35:8b:fd:52:f1:
39:5b:7b:48:8a:05:47:c4:b6:9e:41:86:bd:ea:d0:26:0a:31:
8a:52:77:95:54:0d:68:6a:e5:da:9c:d2:c0:17:52:c5:cf:58:
65:74:6c:57:ef:5e:2c:f4:0b:d7:c0:78:b2:a4:6d:08:fe:94:
3f:25:16:8a:0b:24:da:f3:13:7d:01:9c:1a:1d:d2:f2:10:fb:
db:ed:ba:2b:f7:4f:83:32:f3:10:ec:29:cc:3e:b2:42:08:fd:
41:59:32:46:7f:3d:23:01:ba:62:92:98:9f:9b:b1:c6:95:c4:
e6:70:4f:4d:0d:6f:09:c3:2b:f7:60:fa:a5:ed:09:46:1a:e0:
9f:7c:ce:d3:b9:84:b2:c0:06:50:68:e8:9c:8c:9a:57:8e:70:
a1:3a:34:ee:e3:e5:5c:a6:e7:c5:36:b1:3f:1a:d5:b4:5f:ab:
8c:c9:02:b9:ff:1b:f5:4a:dc:9d:70:55:ab:88:e2:94:af:b9:
0d:53:c5:9d:ce:64:b3:e1:70:5f:22:69:ed:96:07:65:8c:5e:
1c:8b:b1:dc:2c:02:58:5a:dc:11:f0:0a:aa:80:78:a1:59:e2:
1a:2d:af:8b:f0:9d:b7:37:73:96:58:fa:88:07:d0:7c:31:9e:
77:7e:b2:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj/RYDe1af6Rv1cOkswLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ5Mzg1ZjIxZmYwNjU0ZjBlNmM1OWUyYzEwOWZlOTVlMTI4NjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzjlbBZXtMV2QWCSFgI6QZWKbVqd
AMsSAN3yABNpDaYyvkyE32GlAeYSlLQXrYgq0pWUoyDQILKxqrWODMLFhkHCYD48
vTOXnp9k7g0NEFdiIsRF7sZXQCQH9v4b/7IOzDmtvcH4OPvxp1Me7v/IftXNIv+L
2/X9gem3R8yDerK5XHcBUJHftmFw1g6DYK8nJWNo48B3pSb5+nCa8bRHVwbaTIEp
PFZBTM4TYKaiI7+zmtlmcGV1fdbnnX5R6VhnjgnrGkyZ91wJSwMd9hq3oJstA+lt
UyCGCwuB3MaeUd274Xr9gEo0Xa8Dqn0r/DkcvDIWsmy9JUIXdngJndZ0mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvZOF8h/wZU8ObFniwQn+leEoYBMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTzlrNFh5SF9CbFR3NXNXZUxCQ2Y2VjRTaGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXavmMA0G
CSqGSIb3DQEBCwUAA4IBAQCmugNjSo9gZ+2w57fFNYv9UvE5W3tIigVHxLaeQYa9
6tAmCjGKUneVVA1oauXanNLAF1LFz1hldGxX714s9AvXwHiypG0I/pQ/JRaKCyTa
8xN9AZwaHdLyEPvb7bor90+DMvMQ7CnMPrJCCP1BWTJGfz0jAbpikpifm7HGlcTm
cE9NDW8Jwyv3YPql7QlGGuCffM7TuYSywAZQaOicjJpXjnChOjTu4+VcpufFNrE/
GtW0X6uMyQK5/xv1StydcFWriOKUr7kNU8WdzmSz4XBfImntlgdljF4ci7HcLAJY
WtwR8AqqgHihWeIaLa+L8J23N3OWWPqIB9B8MZ53frKX
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:22 2025 by rpki-client