Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oqm2-nbrsnYZ0qkmuckzGja_q2c.roa
File: oqm2-nbrsnYZ0qkmuckzGja_q2c.roa (raw, json)
Hash identifier: 4op+pyOf3mGWj3YlU5TCxlDwtaLMnecYD2YRIK7WjCk=
Subject key identifier: A2:A9:B6:FA:76:EB:B2:76:19:D2:A9:26:B9:C9:33:1A:36:BF:AB:67
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570954B18990AF4848907F6C37BA3C9D1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oqm2-nbrsnYZ0qkmuckzGja_q2c.roa
Signing time: Mon 02 Jan 2023 03:45:10 +0000
ROA not before: Mon 02 Jan 2023 03:45:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50438
IP address blocks: 93.170.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:4b:18:99:0a:f4:84:89:07:f6:c3:7b:a3:c9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a9b6fa76ebb27619d2a926b9c9331a36bfab67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a5:d5:5b:cc:42:dc:39:e0:10:20:28:8c:fb:
34:d6:dc:f4:0d:02:5f:40:81:af:89:83:c8:97:0a:
08:97:47:c3:7b:99:24:61:7b:91:21:fd:cc:b9:6b:
13:86:de:70:2c:e8:f6:67:e0:64:e7:7c:2e:50:7b:
33:af:a6:2b:05:2c:70:04:f7:a9:2f:68:fc:3d:bb:
d7:a1:25:a5:95:06:d6:a7:55:71:68:f3:38:e3:89:
d9:6b:73:ba:26:fd:25:39:24:9a:da:e3:6d:ea:3f:
77:a6:e5:3a:70:fb:97:36:84:2b:b8:52:57:a6:a1:
32:f5:6b:63:d0:10:f3:10:5b:f7:ca:78:f9:38:32:
89:dc:6e:37:13:48:5f:a1:b9:a7:48:90:9d:29:cf:
5c:4a:e9:99:46:24:0e:31:9a:fe:3b:0d:53:76:7c:
d8:9d:c4:bf:2d:b0:53:ff:38:b3:5e:21:54:06:6f:
a7:95:09:e6:8e:f0:80:d7:1b:f4:66:29:5a:ba:da:
cc:22:2e:65:be:e9:6e:84:de:d3:d0:4a:5d:46:ee:
80:c6:aa:90:51:97:27:71:1f:42:76:4f:66:16:22:
ae:54:1e:dd:76:12:0a:98:44:e9:79:46:dc:22:59:
76:19:2d:db:3d:75:25:53:6e:f6:e1:90:39:91:2b:
da:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A9:B6:FA:76:EB:B2:76:19:D2:A9:26:B9:C9:33:1A:36:BF:AB:67
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oqm2-nbrsnYZ0qkmuckzGja_q2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.28.0/22
Signature Algorithm: sha256WithRSAEncryption
95:b5:11:8b:e0:af:dc:72:ba:35:9b:82:0f:76:0b:e9:63:ed:
e3:29:f7:18:4f:f9:e1:c7:b7:5e:e3:b7:55:0d:82:43:a9:86:
09:ba:2b:84:3c:c1:ef:c9:50:15:20:e2:6b:fe:be:17:e2:7b:
e8:85:f5:c6:7e:04:39:05:5a:6c:ef:7a:2e:e7:e8:6a:c1:02:
14:39:79:4f:60:a8:50:2e:16:21:a3:c3:4b:e1:b0:48:45:e2:
46:f1:ac:b3:6d:74:43:d2:de:6e:eb:7a:70:a1:4f:c4:45:b3:
91:ac:b8:ca:11:00:d1:04:0c:c6:9a:7a:65:26:50:73:6c:b0:
43:eb:ba:9c:d4:71:16:2c:e1:0c:73:76:d7:cb:1a:87:cb:c4:
fc:91:ed:bf:00:26:8f:90:b1:67:02:41:1c:f1:cb:39:56:99:
2d:23:84:de:f4:c3:48:e6:fe:51:23:13:b7:69:77:86:df:c5:
c1:a7:64:79:a1:70:5b:41:52:82:f4:d9:8a:9d:95:a6:f6:bf:
f5:3a:92:9e:6e:7b:17:3d:03:6c:00:d0:31:ff:c4:3f:dc:ce:
0b:d1:df:a5:53:30:87:17:4c:36:d9:95:47:57:7b:87:82:e6:
49:cc:f7:c6:cb:c3:66:ad:a1:47:e6:e9:bd:12:e2:bc:fd:09:
f7:10:76:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlUsYmQr0hIkH9sN7o8nRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE5YjZmYTc2ZWJiMjc2MTlkMmE5MjZiOWM5MzMxYTM2YmZhYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqXVW8xC3DngECAojPs01tz0DQJf
QIGviYPIlwoIl0fDe5kkYXuRIf3MuWsTht5wLOj2Z+Bk53wuUHszr6YrBSxwBPep
L2j8PbvXoSWllQbWp1VxaPM444nZa3O6Jv0lOSSa2uNt6j93puU6cPuXNoQruFJX
pqEy9Wtj0BDzEFv3ynj5ODKJ3G43E0hfobmnSJCdKc9cSumZRiQOMZr+Ow1TdnzY
ncS/LbBT/zizXiFUBm+nlQnmjvCA1xv0ZilautrMIi5lvuluhN7T0EpdRu6AxqqQ
UZcncR9Cdk9mFiKuVB7ddhIKmETpeUbcIll2GS3bPXUlU2724ZA5kSvaNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKptvp267J2GdKpJrnJMxo2v6tnMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvb3FtMi1uYnJzbllaMHFrbXVja3pHamFfcTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXaocMA0G
CSqGSIb3DQEBCwUAA4IBAQCVtRGL4K/ccro1m4IPdgvpY+3jKfcYT/nhx7de47dV
DYJDqYYJuiuEPMHvyVAVIOJr/r4X4nvohfXGfgQ5BVps73ou5+hqwQIUOXlPYKhQ
LhYho8NL4bBIReJG8ayzbXRD0t5u63pwoU/ERbORrLjKEQDRBAzGmnplJlBzbLBD
67qc1HEWLOEMc3bXyxqHy8T8ke2/ACaPkLFnAkEc8cs5VpktI4Te9MNI5v5RIxO3
aXeG38XBp2R5oXBbQVKC9NmKnZWm9r/1OpKebnsXPQNsANAx/8Q/3M4L0d+lUzCH
F0w22ZVHV3uHguZJzPfGy8NmraFH5um9EuK8/Qn3EHba
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:40 2025 by rpki-client