Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/OOSnnzJCzwuc2Oreq9KoON2OJy4.roa
File: OOSnnzJCzwuc2Oreq9KoON2OJy4.roa (raw, json)
Hash identifier: 8ZWXugZrnN7Xp4F6Xn87sRk2TjB10Ze3ouSEvaxFbzM=
Subject key identifier: 38:E4:A7:9F:32:42:CF:0B:9C:D8:EA:DE:AB:D2:A8:38:DD:8E:27:2E
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019422FC42FFF79AAAB7CE7975A46F74AFC6
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/OOSnnzJCzwuc2Oreq9KoON2OJy4.roa
Signing time: Wed 01 Jan 2025 17:49:05 +0000
ROA not before: Wed 01 Jan 2025 17:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212527
IP address blocks: 94.188.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:42:ff:f7:9a:aa:b7:ce:79:75:a4:6f:74:af:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 1 17:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38e4a79f3242cf0b9cd8eadeabd2a838dd8e272e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e1:6b:63:53:49:24:bf:b8:81:81:1c:d2:6c:
be:d5:5f:a7:a6:e8:a6:75:21:84:bf:73:0e:a1:a2:
f7:4f:f2:f8:74:ad:7e:04:ec:77:30:f8:8c:59:e7:
23:13:42:ea:7e:c1:7a:a6:f9:7c:a9:03:2f:40:b6:
25:cb:45:d3:a6:9b:44:2f:e0:5c:34:95:2b:9b:1a:
ba:93:a5:58:34:96:94:cb:a2:d4:9b:a3:24:41:48:
0e:58:c5:b6:8b:5c:f6:5b:a9:19:9f:7b:33:79:86:
a6:6b:a5:36:9e:5c:72:f2:19:a2:57:7b:b7:72:09:
fb:37:07:d1:9e:d6:d3:ca:64:33:35:fc:3e:0c:71:
5d:8b:da:2f:31:0b:ca:62:7b:70:f7:8d:18:b8:f0:
ac:13:2c:b7:d9:a7:09:29:bc:35:bf:8a:65:37:35:
ba:7f:04:93:2e:10:34:03:0c:33:28:a5:68:df:e3:
c4:a9:23:cc:dc:c2:42:c5:00:4f:c4:95:f1:49:64:
17:57:c0:32:91:0b:17:f4:90:60:35:f1:be:9e:5f:
61:7a:e1:b2:08:09:cf:1c:24:3e:2b:01:8d:66:a9:
b8:88:bf:64:2c:cb:93:b6:32:51:82:52:9e:f1:5e:
e1:b0:de:e8:4d:60:a3:eb:d1:7d:c6:68:3e:1a:d4:
5b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E4:A7:9F:32:42:CF:0B:9C:D8:EA:DE:AB:D2:A8:38:DD:8E:27:2E
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/OOSnnzJCzwuc2Oreq9KoON2OJy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.245.0/24
Signature Algorithm: sha256WithRSAEncryption
67:93:fd:53:e3:63:f5:a7:36:67:3a:82:f8:9f:a2:93:fc:2c:
19:73:76:18:fb:8c:4e:d2:d4:d1:e0:89:51:42:bf:88:68:38:
a8:c7:c0:15:90:2c:e7:ff:b8:31:f7:b6:2e:44:45:92:c4:32:
02:9d:5f:5f:21:0c:ee:f6:6a:61:28:92:42:52:20:9f:9d:73:
cb:21:3d:61:4d:60:db:b6:a7:e3:83:15:82:92:7b:a5:a6:56:
fe:27:5a:40:6d:ad:0e:d8:9c:3d:f0:1a:f6:72:f2:5e:e5:40:
50:49:f3:a0:b0:7f:66:d0:ff:e3:93:2c:9f:c2:1e:15:56:49:
f9:a3:13:4b:39:95:88:08:81:62:85:2e:da:54:b3:8d:39:97:
81:a3:12:13:fc:96:65:87:94:ea:f7:48:04:15:97:91:65:45:
f2:3b:bc:e7:79:02:ab:c6:01:8d:b3:ae:4e:f8:d1:96:a0:55:
2c:42:e0:08:9f:a4:f8:dd:60:00:81:89:07:8c:e7:4c:3f:42:
96:d2:6d:73:56:40:50:e5:10:0f:6d:60:9b:94:d2:9e:47:3f:
ed:43:ce:cc:dc:69:55:e7:90:86:29:89:41:a6:d3:a2:4b:a3:
57:88:ec:19:61:91:af:ba:5b:57:82:d1:e9:45:ea:64:aa:9e:
08:17:4c:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/EL/95qqt855daRvdK/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjUwMTAxMTc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGU0YTc5ZjMyNDJjZjBiOWNkOGVhZGVhYmQyYTgzOGRkOGUyNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOFrY1NJJL+4gYEc0my+1V+npuim
dSGEv3MOoaL3T/L4dK1+BOx3MPiMWecjE0LqfsF6pvl8qQMvQLYly0XTpptEL+Bc
NJUrmxq6k6VYNJaUy6LUm6MkQUgOWMW2i1z2W6kZn3szeYama6U2nlxy8hmiV3u3
cgn7NwfRntbTymQzNfw+DHFdi9ovMQvKYntw940YuPCsEyy32acJKbw1v4plNzW6
fwSTLhA0AwwzKKVo3+PEqSPM3MJCxQBPxJXxSWQXV8AykQsX9JBgNfG+nl9heuGy
CAnPHCQ+KwGNZqm4iL9kLMuTtjJRglKe8V7hsN7oTWCj69F9xmg+GtRbzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjkp58yQs8LnNjq3qvSqDjdjicuMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvT09Tbm56SkN6d3VjMk9yZXE5S29PTjJPSnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrz1MA0G
CSqGSIb3DQEBCwUAA4IBAQBnk/1T42P1pzZnOoL4n6KT/CwZc3YY+4xO0tTR4IlR
Qr+IaDiox8AVkCzn/7gx97YuREWSxDICnV9fIQzu9mphKJJCUiCfnXPLIT1hTWDb
tqfjgxWCknulplb+J1pAba0O2Jw98Br2cvJe5UBQSfOgsH9m0P/jkyyfwh4VVkn5
oxNLOZWICIFihS7aVLONOZeBoxIT/JZlh5Tq90gEFZeRZUXyO7zneQKrxgGNs65O
+NGWoFUsQuAIn6T43WAAgYkHjOdMP0KW0m1zVkBQ5RAPbWCblNKeRz/tQ87M3GlV
55CGKYlBptOiS6NXiOwZYZGvultXgtHpRepkqp4IF0yt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:41 2025 by rpki-client