Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oj-0HOavfKjShpYxBRWEJPy2Lck.roa
File: oj-0HOavfKjShpYxBRWEJPy2Lck.roa (raw, json)
Hash identifier: t6WKxloZ8YAn2rqRxxMbOClN3c0MnW7RyNvdfgN4TFA=
Subject key identifier: A2:3F:B4:1C:E6:AF:7C:A8:D2:86:96:31:05:15:84:24:FC:B6:2D:C9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01942590183ABBD60CB1A2A6CAECF90D1F11
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oj-0HOavfKjShpYxBRWEJPy2Lck.roa
Signing time: Thu 02 Jan 2025 05:49:47 +0000
ROA not before: Thu 02 Jan 2025 05:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215851
IP address blocks: 95.47.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:90:18:3a:bb:d6:0c:b1:a2:a6:ca:ec:f9:0d:1f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a23fb41ce6af7ca8d286963105158424fcb62dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fd:30:37:ff:c4:81:d9:f5:8e:8e:ce:1a:ae:
cd:14:20:e7:13:f6:8a:dd:06:b7:17:83:54:9d:f3:
7a:b1:51:83:2c:86:77:48:20:5a:b7:8d:cb:72:4e:
7d:cd:68:23:ae:1b:5d:14:17:30:33:3c:21:d8:1a:
9a:17:dd:1a:bc:b4:7b:be:be:49:d6:40:d1:24:74:
8a:fd:74:d1:b2:68:61:ef:b2:ce:be:6f:4a:f5:14:
b2:c9:02:f4:8a:40:e2:ca:a5:8b:91:fd:db:59:3b:
20:27:ad:bb:40:63:f7:07:3c:37:f9:14:eb:b2:32:
71:8a:00:94:f6:7f:3a:89:87:78:09:43:d2:a0:90:
ad:23:9e:f6:00:b5:46:b3:fe:59:96:59:0a:5d:b9:
20:8b:0b:10:63:95:fd:c3:6e:56:9c:df:e6:dc:e6:
83:2c:05:16:9b:5f:93:c1:82:1d:10:9a:65:5f:7c:
88:4d:cb:d4:1d:8c:30:94:69:1c:44:b6:89:97:10:
72:68:a5:e5:d2:c5:63:63:a2:f0:5d:e9:7e:48:3e:
d0:40:53:a3:60:f1:34:04:13:2f:6e:b9:c8:59:a5:
6c:b6:89:e0:88:56:f0:32:8c:fc:c1:23:01:bf:c7:
9e:a4:f4:90:e3:35:eb:3c:0e:ca:0a:d7:55:a9:39:
26:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3F:B4:1C:E6:AF:7C:A8:D2:86:96:31:05:15:84:24:FC:B6:2D:C9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oj-0HOavfKjShpYxBRWEJPy2Lck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.63.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7c:2b:3c:3b:67:e7:e1:44:99:84:b0:b6:2e:c8:6e:d2:42:
5c:57:5b:81:ea:6d:0f:9e:50:9c:26:b9:7c:9c:71:99:4e:8c:
a3:ef:2d:50:9e:18:fb:b3:6f:dc:4e:26:98:eb:ce:98:51:a8:
84:03:89:d9:d2:f0:a8:f4:14:ba:99:e7:5b:30:5a:dc:7c:f7:
0c:14:7e:0a:50:ec:22:6e:56:04:3a:b3:f6:14:a4:ea:e0:0d:
b0:ed:f7:6c:58:d0:1c:85:21:93:71:ee:14:e3:cc:4b:e7:9d:
26:85:72:15:ff:ad:45:9e:41:e7:f1:1a:28:38:bd:92:a9:40:
81:87:99:24:e7:50:f4:b3:b7:c7:c8:ec:15:bb:67:94:1d:38:
cb:61:b1:7c:37:92:1d:ee:0d:ff:4b:c3:9a:19:44:f9:d6:3c:
7b:dd:ab:5d:6b:ab:bf:3b:a8:88:c6:22:1c:de:c6:5c:86:00:
a5:34:7e:2d:58:7a:2a:ce:f7:31:31:13:e7:a5:8d:6d:27:1e:
0c:66:dd:76:39:a0:3c:34:7a:9c:02:1d:1e:ba:86:ec:a7:85:
ef:ab:c4:c8:b7:48:ed:b4:34:63:54:53:b5:fa:8d:d2:88:7a:
2f:64:c8:c3:83:e4:62:c4:6a:c2:c1:f8:63:71:bf:21:f4:26:
bb:c6:09:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlkBg6u9YMsaKmyuz5DR8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNmYjQxY2U2YWY3Y2E4ZDI4Njk2MzEwNTE1ODQyNGZjYjYyZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf0wN//Egdn1jo7OGq7NFCDnE/aK
3Qa3F4NUnfN6sVGDLIZ3SCBat43Lck59zWgjrhtdFBcwMzwh2BqaF90avLR7vr5J
1kDRJHSK/XTRsmhh77LOvm9K9RSyyQL0ikDiyqWLkf3bWTsgJ627QGP3Bzw3+RTr
sjJxigCU9n86iYd4CUPSoJCtI572ALVGs/5ZllkKXbkgiwsQY5X9w25WnN/m3OaD
LAUWm1+TwYIdEJplX3yITcvUHYwwlGkcRLaJlxByaKXl0sVjY6LwXel+SD7QQFOj
YPE0BBMvbrnIWaVstongiFbwMoz8wSMBv8eepPSQ4zXrPA7KCtdVqTkmRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKI/tBzmr3yo0oaWMQUVhCT8ti3JMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvb2otMEhPYXZmS2pTaHBZeEJSV0VKUHkyTGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy8/MA0G
CSqGSIb3DQEBCwUAA4IBAQB3fCs8O2fn4USZhLC2Lshu0kJcV1uB6m0PnlCcJrl8
nHGZToyj7y1Qnhj7s2/cTiaY686YUaiEA4nZ0vCo9BS6medbMFrcfPcMFH4KUOwi
blYEOrP2FKTq4A2w7fdsWNAchSGTce4U48xL550mhXIV/61FnkHn8RooOL2SqUCB
h5kk51D0s7fHyOwVu2eUHTjLYbF8N5Id7g3/S8OaGUT51jx73atda6u/O6iIxiIc
3sZchgClNH4tWHoqzvcxMRPnpY1tJx4MZt12OaA8NHqcAh0euobsp4Xvq8TIt0jt
tDRjVFO1+o3SiHovZMjDg+RixGrCwfhjcb8h9Ca7xgne
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:29 2025 by rpki-client