Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/203a53-058a-4d5d-a761-d371855756c3/1/oJDEzXr7gr-7eZ1rexTjd4c8Ul8.roa
File: oJDEzXr7gr-7eZ1rexTjd4c8Ul8.roa (raw, json)
Hash identifier: xZTw5KYNf4Du9zIJjL5q6os9uQVggXiruo8qaJQJCvQ=
Subject key identifier: A0:90:C4:CD:7A:FB:82:BF:BB:79:9D:6B:7B:14:E3:77:87:3C:52:5F
Certificate issuer: /CN=b0bfd2c85e6b79d460e660cf9664dee55dccc8cc
Certificate serial: 0194258F8292E5F36E22970B43CD34E5FF3E
Authority key identifier: B0:BF:D2:C8:5E:6B:79:D4:60:E6:60:CF:96:64:DE:E5:5D:CC:C8:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sL_SyF5redRg5mDPlmTe5V3MyMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/203a53-058a-4d5d-a761-d371855756c3/1/oJDEzXr7gr-7eZ1rexTjd4c8Ul8.roa
Signing time: Thu 02 Jan 2025 05:49:09 +0000
ROA not before: Thu 02 Jan 2025 05:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 185.51.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:82:92:e5:f3:6e:22:97:0b:43:cd:34:e5:ff:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0bfd2c85e6b79d460e660cf9664dee55dccc8cc
Validity
Not Before: Jan 2 05:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a090c4cd7afb82bfbb799d6b7b14e377873c525f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ff:d0:45:6d:35:7f:bc:95:7f:5c:21:ca:1a:
3c:88:a0:f4:19:9a:01:e9:bd:d3:9e:fc:98:b2:72:
15:00:9d:e4:29:72:ab:e2:0d:d7:e8:b7:90:34:36:
12:b7:fc:e1:7a:cf:b8:62:cb:2c:a3:2c:23:30:3b:
48:25:84:96:5e:e2:f6:1b:2e:03:a3:58:25:af:92:
d0:c7:42:c2:00:b2:c3:cb:d1:5e:42:fb:16:34:30:
01:6a:a6:c6:97:db:fe:e1:6c:cb:11:17:ed:fa:1e:
c0:39:c8:61:5c:2b:a8:db:64:33:ed:7a:2b:59:a6:
d7:c2:8c:c9:1b:b7:2e:67:e1:e8:54:7b:b1:3b:20:
74:3d:7a:65:e2:29:54:23:1f:d9:7d:36:4b:b7:b9:
b4:07:b0:37:7b:6d:56:d8:d1:aa:11:69:d7:cb:f8:
3f:2a:a3:39:62:a1:7e:db:6d:c7:89:ed:02:1e:c9:
68:93:19:0b:a0:8d:c4:f1:33:13:ed:5f:44:5c:15:
82:5b:80:fe:8b:9d:55:12:76:b6:d2:20:a3:f8:a4:
8c:41:97:42:08:cc:08:4a:e6:12:b1:1e:42:21:95:
bc:e1:60:c2:3c:2f:9d:17:01:c0:6c:1b:8f:a5:89:
28:50:3c:62:33:f7:62:96:92:a3:3b:57:36:3f:2f:
e4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:90:C4:CD:7A:FB:82:BF:BB:79:9D:6B:7B:14:E3:77:87:3C:52:5F
X509v3 Authority Key Identifier:
keyid:B0:BF:D2:C8:5E:6B:79:D4:60:E6:60:CF:96:64:DE:E5:5D:CC:C8:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sL_SyF5redRg5mDPlmTe5V3MyMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/203a53-058a-4d5d-a761-d371855756c3/1/oJDEzXr7gr-7eZ1rexTjd4c8Ul8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/203a53-058a-4d5d-a761-d371855756c3/1/sL_SyF5redRg5mDPlmTe5V3MyMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.100.0/24
Signature Algorithm: sha256WithRSAEncryption
af:73:03:8e:2e:13:9f:b9:7d:99:4d:26:1e:d9:98:f2:8a:84:
9b:15:b4:74:a1:6e:4e:57:00:a8:dc:a1:dd:a7:49:d0:82:45:
d9:79:68:41:49:e1:b8:28:51:c9:b2:26:00:4b:44:fe:d3:5c:
e5:e2:67:6f:fd:66:22:9b:f7:8b:bd:13:61:81:bd:7b:28:11:
26:39:d1:2c:a1:73:3f:6f:dd:08:8f:fe:bc:cc:16:3c:a6:3f:
67:02:2a:8d:a8:d3:ee:1f:51:be:d8:c1:5d:cc:31:1c:64:d0:
27:e1:df:a4:b6:06:bf:48:38:48:e1:5a:ee:5a:ff:c2:59:a4:
cb:e3:d5:ad:f6:38:02:78:9f:40:4a:62:1e:93:c7:a8:84:64:
fb:1b:92:cf:fc:c6:c6:e6:91:c6:c9:f0:5f:f1:8f:2b:2b:de:
f6:56:0d:c4:42:8c:c5:f2:bc:d8:be:3a:ec:4f:fa:77:7f:1c:
2b:c6:e2:bd:f1:a7:56:df:04:71:c8:f5:fd:18:52:99:c1:4d:
71:70:39:b7:4a:88:87:d9:00:9e:aa:18:4f:1e:a7:5b:8e:7b:
c7:66:2a:94:4b:6c:9c:ce:7f:2b:fa:8b:93:0a:f8:31:77:22:
a1:86:39:d5:b7:0e:29:69:f0:69:d8:0e:6a:5b:ec:62:f0:35:
d4:11:c4:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4KS5fNuIpcLQ8005f8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmZkMmM4NWU2Yjc5ZDQ2MGU2NjBjZjk2NjRkZWU1NWRj
Y2M4Y2MwHhcNMjUwMTAyMDU0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkwYzRjZDdhZmI4MmJmYmI3OTlkNmI3YjE0ZTM3Nzg3M2M1MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf/QRW01f7yVf1whyho8iKD0GZoB
6b3TnvyYsnIVAJ3kKXKr4g3X6LeQNDYSt/zhes+4YsssoywjMDtIJYSWXuL2Gy4D
o1glr5LQx0LCALLDy9FeQvsWNDABaqbGl9v+4WzLERft+h7AOchhXCuo22Qz7Xor
WabXwozJG7cuZ+HoVHuxOyB0PXpl4ilUIx/ZfTZLt7m0B7A3e21W2NGqEWnXy/g/
KqM5YqF+223Hie0CHslokxkLoI3E8TMT7V9EXBWCW4D+i51VEna20iCj+KSMQZdC
CMwISuYSsR5CIZW84WDCPC+dFwHAbBuPpYkoUDxiM/dilpKjO1c2Py/kkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCQxM16+4K/u3mda3sU43eHPFJfMB8GA1UdIwQY
MBaAFLC/0shea3nUYOZgz5Zk3uVdzMjMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xfU3lGNXJlZFJnNW1EUGxtVGU1VjNNeU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yMDNhNTMtMDU4YS00ZDVkLWE3NjEt
ZDM3MTg1NTc1NmMzLzEvb0pERXpYcjdnci03ZVoxcmV4VGpkNGM4VWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yMDNhNTMtMDU4YS00ZDVkLWE3NjEtZDM3MTg1NTc1NmMz
LzEvc0xfU3lGNXJlZFJnNW1EUGxtVGU1VjNNeU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTNkMA0G
CSqGSIb3DQEBCwUAA4IBAQCvcwOOLhOfuX2ZTSYe2ZjyioSbFbR0oW5OVwCo3KHd
p0nQgkXZeWhBSeG4KFHJsiYAS0T+01zl4mdv/WYim/eLvRNhgb17KBEmOdEsoXM/
b90Ij/68zBY8pj9nAiqNqNPuH1G+2MFdzDEcZNAn4d+ktga/SDhI4VruWv/CWaTL
49Wt9jgCeJ9ASmIek8eohGT7G5LP/MbG5pHGyfBf8Y8rK972Vg3EQozF8rzYvjrs
T/p3fxwrxuK98adW3wRxyPX9GFKZwU1xcDm3SoiH2QCeqhhPHqdbjnvHZiqUS2yc
zn8r+ouTCvgxdyKhhjnVtw4pafBp2A5qW+xi8DXUEcRj
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:53 2025 by rpki-client