Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ojT-i1WyMoMzrKUGF70lR5SpfKo.roa
File: ojT-i1WyMoMzrKUGF70lR5SpfKo.roa (raw, json)
Hash identifier: +svQt7tDqw+nZSwF/1dh5yGoWZXeOhltuo6UFjy/ZCA=
Subject key identifier: A2:34:FE:8B:55:B2:32:83:33:AC:A5:06:17:BD:25:47:94:A9:7C:AA
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 019421B1D60BED1B86925250413A40339A98
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ojT-i1WyMoMzrKUGF70lR5SpfKo.roa
Signing time: Wed 01 Jan 2025 11:48:10 +0000
ROA not before: Wed 01 Jan 2025 11:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208604
IP address blocks: 188.68.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d6:0b:ed:1b:86:92:52:50:41:3a:40:33:9a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 11:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a234fe8b55b2328333aca50617bd254794a97caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0c:a1:d7:ba:50:46:07:03:38:f7:dd:8b:15:
e7:49:0f:58:cd:82:f9:b4:9d:57:f4:58:c0:77:1a:
0a:2c:d1:dc:b2:18:a5:5f:14:b7:44:96:71:6e:86:
a7:ee:47:17:15:0a:d7:9e:1a:3c:36:5e:f0:60:87:
62:8c:33:0e:f5:71:3d:dd:91:ed:de:06:7b:6d:ff:
33:be:85:1b:11:98:b7:2a:d6:84:5d:c6:6c:0e:de:
60:8c:ef:40:ff:9c:91:50:e1:18:e4:dc:6b:ff:20:
8e:e7:cd:f0:72:ee:bf:76:56:d0:97:2c:43:eb:72:
05:fc:ce:de:62:05:79:ba:59:05:e8:3c:f2:f8:2e:
e6:5e:43:38:56:b6:1f:9d:c2:68:db:79:32:2c:09:
86:be:6c:df:d4:bf:3b:e7:1d:86:91:5e:35:d3:36:
1a:50:3a:93:d1:29:ba:50:66:e1:c2:bc:d9:d7:3e:
cd:fe:fb:45:97:99:aa:ab:90:8c:76:2a:34:d8:10:
35:76:16:53:d5:76:18:b9:bd:a2:0e:6a:25:92:75:
65:49:e1:d7:f8:b3:cd:f0:06:93:10:a5:2f:b8:3e:
db:82:dc:28:35:bf:5f:de:d2:75:cd:5f:56:db:df:
93:8b:f1:5c:c7:7c:c6:7c:1f:87:a3:b6:91:5c:de:
d0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:34:FE:8B:55:B2:32:83:33:AC:A5:06:17:BD:25:47:94:A9:7C:AA
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/ojT-i1WyMoMzrKUGF70lR5SpfKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.68.6.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ca:7b:cc:cd:83:08:36:25:bd:45:1a:55:30:1d:af:f6:98:
3f:77:76:0e:e4:e5:dc:8f:1d:62:85:e5:3d:a1:ff:51:39:49:
68:36:a8:6f:c6:0a:89:bd:9f:74:61:62:bb:c3:3f:04:5a:6d:
b1:2a:98:e2:3d:95:fb:56:77:7a:7f:16:0b:2b:99:32:8d:d9:
f3:7f:be:b7:27:f5:0d:32:28:fc:c7:6f:30:e4:33:44:e7:da:
ae:b4:e2:6b:d0:79:99:ed:6c:e7:cd:d8:1d:9b:49:0a:43:d4:
8d:c9:fe:96:e4:eb:bb:09:2c:43:40:c4:ad:27:c1:38:ea:2d:
8d:9f:50:51:9a:16:e1:d7:30:9b:da:88:94:aa:c6:b1:aa:2f:
98:a8:b1:10:b3:ba:b5:c6:7b:16:92:eb:9e:c4:0e:4a:74:bb:
29:8c:19:96:cc:87:06:97:cf:06:65:52:12:97:85:7d:5d:84:
d1:be:30:0f:92:0c:7b:06:b3:fb:91:69:e3:71:38:c5:67:96:
92:ad:86:98:d3:2b:a3:95:3b:96:0f:91:b9:d2:47:b1:8f:bd:
11:3c:d3:2c:98:f9:49:db:72:a5:b7:01:e6:3b:95:74:49:1a:
3c:04:c8:dd:80:37:a6:31:a4:e7:67:c4:d9:04:4b:0b:f4:7e:
9e:10:9a:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsdYL7RuGklJQQTpAM5qYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwMTAxMTE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM0ZmU4YjU1YjIzMjgzMzNhY2E1MDYxN2JkMjU0Nzk0YTk3Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQyh17pQRgcDOPfdixXnSQ9YzYL5
tJ1X9FjAdxoKLNHcshilXxS3RJZxboan7kcXFQrXnho8Nl7wYIdijDMO9XE93ZHt
3gZ7bf8zvoUbEZi3KtaEXcZsDt5gjO9A/5yRUOEY5Nxr/yCO583wcu6/dlbQlyxD
63IF/M7eYgV5ulkF6Dzy+C7mXkM4VrYfncJo23kyLAmGvmzf1L875x2GkV410zYa
UDqT0Sm6UGbhwrzZ1z7N/vtFl5mqq5CMdio02BA1dhZT1XYYub2iDmolknVlSeHX
+LPN8AaTEKUvuD7bgtwoNb9f3tJ1zV9W29+Ti/Fcx3zGfB+Ho7aRXN7QDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKI0/otVsjKDM6ylBhe9JUeUqXyqMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvb2pULWkxV3lNb016cktVR0Y3MGxSNVNwZktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEQGMA0G
CSqGSIb3DQEBCwUAA4IBAQAZynvMzYMINiW9RRpVMB2v9pg/d3YO5OXcjx1iheU9
of9ROUloNqhvxgqJvZ90YWK7wz8EWm2xKpjiPZX7Vnd6fxYLK5kyjdnzf763J/UN
Mij8x28w5DNE59qutOJr0HmZ7Wznzdgdm0kKQ9SNyf6W5Ou7CSxDQMStJ8E46i2N
n1BRmhbh1zCb2oiUqsaxqi+YqLEQs7q1xnsWkuuexA5KdLspjBmWzIcGl88GZVIS
l4V9XYTRvjAPkgx7BrP7kWnjcTjFZ5aSrYaY0yujlTuWD5G50kexj70RPNMsmPlJ
23KltwHmO5V0SRo8BMjdgDemMaTnZ8TZBEsL9H6eEJp7
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:40:26 2025 by rpki-client