Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/288628-2039-4085-a006-060cd9c92f26/1/2OXGBjO85npyAkFnRouh_UBk1Hs.roa
File: 2OXGBjO85npyAkFnRouh_UBk1Hs.roa (raw, json)
Hash identifier: HbPy+YRVvuPyiRQMlka5FfjRj4FCj/zQuaXQr9znzdU=
Subject key identifier: D8:E5:C6:06:33:BC:E6:7A:72:02:41:67:46:8B:A1:FD:40:64:D4:7B
Certificate issuer: /CN=fecf282821da575f68917647cf3e1898f9d0a62a
Certificate serial: 019421B1D74FF937E5B1C950FB19D5F2FDDD
Authority key identifier: FE:CF:28:28:21:DA:57:5F:68:91:76:47:CF:3E:18:98:F9:D0:A6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_s8oKCHaV19okXZHzz4YmPnQpio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/288628-2039-4085-a006-060cd9c92f26/1/2OXGBjO85npyAkFnRouh_UBk1Hs.roa
Signing time: Wed 01 Jan 2025 11:48:10 +0000
ROA not before: Wed 01 Jan 2025 11:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59560
IP address blocks: 176.116.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d7:4f:f9:37:e5:b1:c9:50:fb:19:d5:f2:fd:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fecf282821da575f68917647cf3e1898f9d0a62a
Validity
Not Before: Jan 1 11:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8e5c60633bce67a72024167468ba1fd4064d47b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6e:9c:e2:5e:15:0f:c4:bb:66:38:09:c7:ed:
9e:8a:10:f6:b7:10:54:f8:e4:f1:82:d6:20:95:a4:
56:9e:ef:fd:1b:9a:50:6d:31:ac:54:d8:48:8a:0b:
64:34:ef:28:37:c6:bf:91:e1:2c:0d:cb:65:bc:d9:
00:5a:11:54:1e:8e:e8:63:15:d3:75:b0:4d:6a:57:
59:59:9e:f7:bb:d7:9a:af:17:3b:8c:70:78:c0:8b:
a6:a8:d7:20:57:ea:1b:95:79:9e:3e:71:57:92:9d:
88:80:b1:3b:b4:7f:09:2e:ae:c4:29:0d:da:83:7c:
09:62:f9:bc:ff:6a:a6:9b:09:2f:cb:d3:e5:fc:d2:
1c:bc:99:38:69:4b:2c:95:5c:a1:59:37:18:a4:e2:
a4:33:59:92:81:f2:c6:2f:3e:b5:ea:c4:77:02:9c:
74:7f:5f:f2:45:a3:90:2b:7f:8a:f8:23:4e:f8:58:
4d:a7:ea:47:f9:93:7b:65:6a:04:de:fb:af:25:77:
cf:98:03:51:03:b7:a9:4e:af:84:78:f9:aa:c8:ef:
b9:a5:90:e6:a2:49:a5:ed:dd:e5:3e:fd:40:7f:39:
a4:42:ad:9f:d8:09:ea:fd:0f:09:d9:d8:62:db:86:
0c:ea:73:51:9c:61:3c:13:fe:e0:da:e0:55:f2:7c:
67:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E5:C6:06:33:BC:E6:7A:72:02:41:67:46:8B:A1:FD:40:64:D4:7B
X509v3 Authority Key Identifier:
keyid:FE:CF:28:28:21:DA:57:5F:68:91:76:47:CF:3E:18:98:F9:D0:A6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_s8oKCHaV19okXZHzz4YmPnQpio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/288628-2039-4085-a006-060cd9c92f26/1/2OXGBjO85npyAkFnRouh_UBk1Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/288628-2039-4085-a006-060cd9c92f26/1/_s8oKCHaV19okXZHzz4YmPnQpio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.145.0/24
Signature Algorithm: sha256WithRSAEncryption
90:4e:5d:6f:0c:68:ac:14:14:2e:d2:97:de:cc:c6:6a:2b:10:
92:6e:2a:6c:c1:c4:25:f7:ca:9a:75:d0:b7:6f:55:f5:4d:fe:
09:ce:69:68:2b:4f:38:f9:9f:0e:6d:6a:96:8e:66:96:36:45:
d0:38:66:cc:c5:f6:58:f7:83:d0:6b:21:61:a6:f7:4b:7a:f3:
f0:94:21:12:1c:98:94:be:69:24:74:54:a8:74:15:8b:f6:ef:
85:36:17:c5:59:b5:65:fb:f5:38:31:50:26:bd:7c:03:fd:ba:
81:bb:4f:e0:1f:8f:db:ff:df:54:96:d8:16:35:32:10:d7:4e:
6b:c6:83:98:a1:68:a1:d2:b6:24:3e:b1:06:ac:cc:c4:04:74:
a0:4c:a8:7c:17:7e:91:7a:ed:4b:92:0b:ff:a4:31:4a:f5:4b:
f0:0f:70:a2:5b:f1:6c:39:5c:59:b1:db:8b:19:f5:a4:c7:21:
7f:18:b1:01:bc:b9:06:aa:8f:a0:6a:bd:cd:6f:d9:03:1f:38:
2f:62:ee:88:25:ad:2c:82:ab:e5:0a:29:27:9f:f9:bb:38:d0:
8e:f0:0f:ee:74:62:4c:51:ad:b7:c1:dd:86:7b:cd:39:36:39:
08:f9:db:f6:e4:37:b2:d0:16:1e:85:b9:7c:b0:3b:b6:ff:ac:
24:88:41:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsddP+TflsclQ+xnV8v3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlY2YyODI4MjFkYTU3NWY2ODkxNzY0N2NmM2UxODk4Zjlk
MGE2MmEwHhcNMjUwMTAxMTE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU1YzYwNjMzYmNlNjdhNzIwMjQxNjc0NjhiYTFmZDQwNjRkNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW6c4l4VD8S7ZjgJx+2eihD2txBU
+OTxgtYglaRWnu/9G5pQbTGsVNhIigtkNO8oN8a/keEsDctlvNkAWhFUHo7oYxXT
dbBNaldZWZ73u9earxc7jHB4wIumqNcgV+oblXmePnFXkp2IgLE7tH8JLq7EKQ3a
g3wJYvm8/2qmmwkvy9Pl/NIcvJk4aUsslVyhWTcYpOKkM1mSgfLGLz616sR3Apx0
f1/yRaOQK3+K+CNO+FhNp+pH+ZN7ZWoE3vuvJXfPmANRA7epTq+EePmqyO+5pZDm
okml7d3lPv1AfzmkQq2f2Anq/Q8J2dhi24YM6nNRnGE8E/7g2uBV8nxnWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjlxgYzvOZ6cgJBZ0aLof1AZNR7MB8GA1UdIwQY
MBaAFP7PKCgh2ldfaJF2R88+GJj50KYqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3M4b0tDSGFWMTlva1haSHp6NFltUG5RcGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yODg2MjgtMjAzOS00MDg1LWEwMDYt
MDYwY2Q5YzkyZjI2LzEvMk9YR0JqTzg1bnB5QWtGblJvdWhfVUJrMUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yODg2MjgtMjAzOS00MDg1LWEwMDYtMDYwY2Q5YzkyZjI2
LzEvX3M4b0tDSGFWMTlva1haSHp6NFltUG5RcGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHSRMA0G
CSqGSIb3DQEBCwUAA4IBAQCQTl1vDGisFBQu0pfezMZqKxCSbipswcQl98qaddC3
b1X1Tf4JzmloK084+Z8ObWqWjmaWNkXQOGbMxfZY94PQayFhpvdLevPwlCESHJiU
vmkkdFSodBWL9u+FNhfFWbVl+/U4MVAmvXwD/bqBu0/gH4/b/99UltgWNTIQ105r
xoOYoWih0rYkPrEGrMzEBHSgTKh8F36Reu1Lkgv/pDFK9UvwD3CiW/FsOVxZsduL
GfWkxyF/GLEBvLkGqo+gar3Nb9kDHzgvYu6IJa0sgqvlCiknn/m7ONCO8A/udGJM
Ua23wd2Ge805NjkI+dv25Dey0BYehbl8sDu2/6wkiEG+
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:42 2025 by rpki-client