Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/09c4b2-46a9-4f88-99b8-1ccc9c295e8e/1/OKYG51ny4JzR_NLTt0NMC5jjs5w.roa
File: OKYG51ny4JzR_NLTt0NMC5jjs5w.roa (raw, json)
Hash identifier: q7wWYvvmDZVEwvT4mSRrL9j7EyJqRlFav3ZfehvFtAs=
Subject key identifier: 38:A6:06:E7:59:F2:E0:9C:D1:FC:D2:D3:B7:43:4C:0B:98:E3:B3:9C
Certificate issuer: /CN=0c86662b752c8a3be72e8544394ff926f68fbf7e
Certificate serial: 019425FCD224E371548A7B29128FBAF88CD7
Authority key identifier: 0C:86:66:2B:75:2C:8A:3B:E7:2E:85:44:39:4F:F9:26:F6:8F:BF:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DIZmK3UsijvnLoVEOU_5JvaPv34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/09c4b2-46a9-4f88-99b8-1ccc9c295e8e/1/OKYG51ny4JzR_NLTt0NMC5jjs5w.roa
Signing time: Thu 02 Jan 2025 07:48:33 +0000
ROA not before: Thu 02 Jan 2025 07:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 193.9.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:d2:24:e3:71:54:8a:7b:29:12:8f:ba:f8:8c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c86662b752c8a3be72e8544394ff926f68fbf7e
Validity
Not Before: Jan 2 07:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38a606e759f2e09cd1fcd2d3b7434c0b98e3b39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:9c:03:ac:13:e5:90:6b:73:fb:99:db:cd:
f2:b5:6a:4b:16:ba:af:80:db:91:fc:41:d2:ac:75:
04:f6:cb:b8:29:4b:8e:cc:8c:b0:70:67:9e:73:e6:
29:cf:78:d5:1e:b2:30:ed:10:ff:2e:92:4d:d7:f4:
76:a9:3c:74:9c:d0:e7:46:e2:41:d3:31:14:ea:6b:
e8:cc:a6:fe:96:68:d9:23:b3:23:25:20:e7:45:92:
22:78:9f:93:4d:f1:e8:2e:99:02:4b:8d:78:97:bd:
a4:44:87:70:ad:98:8d:d6:60:f2:04:17:10:9c:52:
ed:53:28:22:f6:60:69:e8:75:03:ae:f8:d1:de:3b:
d4:e9:92:0c:a4:85:c9:1f:41:30:e4:de:9d:6c:a8:
26:bb:2b:67:af:6c:e2:bd:af:e0:01:2f:75:de:ca:
8b:f0:d2:a9:cc:9a:00:58:91:13:ab:49:8e:f0:e6:
29:ac:db:0e:77:40:6f:e7:e4:a3:5e:9e:4c:bc:76:
ce:41:f4:93:a3:85:0a:64:e2:1f:f9:7d:29:10:c7:
bb:b6:4c:81:1d:7a:00:22:69:5c:86:c1:28:8e:0e:
6d:64:72:c6:0a:11:c2:3f:de:63:e5:2d:60:01:54:
8d:69:ef:5d:00:f2:ea:fd:32:36:1e:53:41:7e:97:
5a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A6:06:E7:59:F2:E0:9C:D1:FC:D2:D3:B7:43:4C:0B:98:E3:B3:9C
X509v3 Authority Key Identifier:
keyid:0C:86:66:2B:75:2C:8A:3B:E7:2E:85:44:39:4F:F9:26:F6:8F:BF:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DIZmK3UsijvnLoVEOU_5JvaPv34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/09c4b2-46a9-4f88-99b8-1ccc9c295e8e/1/OKYG51ny4JzR_NLTt0NMC5jjs5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/09c4b2-46a9-4f88-99b8-1ccc9c295e8e/1/DIZmK3UsijvnLoVEOU_5JvaPv34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.122.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:c0:da:0b:13:36:0f:f7:06:aa:28:aa:49:b1:80:16:51:52:
0c:18:17:f0:c7:c2:5f:0d:66:f2:74:2a:cc:2b:a8:b6:92:5f:
16:16:1a:da:f3:16:eb:60:0b:1a:cc:c8:4b:e3:c9:b9:b1:75:
c2:02:a9:a7:18:51:67:1e:90:27:1a:e9:6f:00:9d:25:ce:16:
9c:ce:aa:33:36:72:85:c9:41:3b:1c:a9:a1:2a:ee:d6:e4:5a:
5f:cc:33:4b:31:0e:05:49:5a:e2:bb:d0:ec:c7:72:05:42:a8:
5d:af:68:62:db:8d:03:1a:26:00:de:1e:34:98:1b:67:c3:51:
1c:b6:3c:c6:dd:10:6b:34:e1:c8:e6:d4:87:e2:07:33:fd:d8:
9f:f4:5f:ec:45:e8:b3:0f:f9:5e:b1:45:b9:8b:b9:c0:f4:f1:
ca:9f:ea:39:1a:ba:67:78:ef:6b:09:01:4a:aa:fa:a1:99:0f:
13:81:5d:e1:a2:9b:25:4b:f2:40:1b:63:2a:e6:07:4f:6e:bf:
46:e7:4b:6e:9e:d7:81:e6:fd:f1:d6:e4:c2:e3:b9:66:1f:ea:
e8:bf:ee:c1:d7:46:b8:2a:66:de:48:e5:43:52:76:5f:4d:16:
e8:46:93:da:9b:f7:cb:53:e6:d6:33:89:79:3d:9e:3f:31:7e:
3f:19:d8:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/NIk43FUinspEo+6+IzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjODY2NjJiNzUyYzhhM2JlNzJlODU0NDM5NGZmOTI2ZjY4
ZmJmN2UwHhcNMjUwMTAyMDc0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGE2MDZlNzU5ZjJlMDljZDFmY2QyZDNiNzQzNGMwYjk4ZTNiMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDKcA6wT5ZBrc/uZ283ytWpLFrqv
gNuR/EHSrHUE9su4KUuOzIywcGeec+Ypz3jVHrIw7RD/LpJN1/R2qTx0nNDnRuJB
0zEU6mvozKb+lmjZI7MjJSDnRZIieJ+TTfHoLpkCS414l72kRIdwrZiN1mDyBBcQ
nFLtUygi9mBp6HUDrvjR3jvU6ZIMpIXJH0Ew5N6dbKgmuytnr2ziva/gAS913sqL
8NKpzJoAWJETq0mO8OYprNsOd0Bv5+SjXp5MvHbOQfSTo4UKZOIf+X0pEMe7tkyB
HXoAImlchsEojg5tZHLGChHCP95j5S1gAVSNae9dAPLq/TI2HlNBfpdaIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDimBudZ8uCc0fzS07dDTAuY47OcMB8GA1UdIwQY
MBaAFAyGZit1LIo75y6FRDlP+Sb2j79+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRElabUszVXNpanZuTG9WRU9VXzVKdmFQdjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8wOWM0YjItNDZhOS00Zjg4LTk5Yjgt
MWNjYzljMjk1ZThlLzEvT0tZRzUxbnk0SnpSX05MVHQwTk1DNWpqczV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8wOWM0YjItNDZhOS00Zjg4LTk5YjgtMWNjYzljMjk1ZThl
LzEvRElabUszVXNpanZuTG9WRU9VXzVKdmFQdjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQl6MA0G
CSqGSIb3DQEBCwUAA4IBAQB7wNoLEzYP9waqKKpJsYAWUVIMGBfwx8JfDWbydCrM
K6i2kl8WFhra8xbrYAsazMhL48m5sXXCAqmnGFFnHpAnGulvAJ0lzhaczqozNnKF
yUE7HKmhKu7W5FpfzDNLMQ4FSVriu9Dsx3IFQqhdr2hi240DGiYA3h40mBtnw1Ec
tjzG3RBrNOHI5tSH4gcz/dif9F/sReizD/lesUW5i7nA9PHKn+o5GrpneO9rCQFK
qvqhmQ8TgV3hopslS/JAG2Mq5gdPbr9G50tunteB5v3x1uTC47lmH+rov+7B10a4
KmbeSOVDUnZfTRboRpPam/fLU+bWM4l5PZ4/MX4/Gdhp
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:58:34 2025 by rpki-client