Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/OOkN97yaEJQft3CB_GSTFKY5Iq0.roa
File: OOkN97yaEJQft3CB_GSTFKY5Iq0.roa (raw, json)
Hash identifier: iSV8o2/yv/FaBPy6zPw1ZdK8tXj+xb6+aRTOQno1wCg=
Subject key identifier: 38:E9:0D:F7:BC:9A:10:94:1F:B7:70:81:FC:64:93:14:A6:39:22:AD
Certificate issuer: /CN=b520449d4455cf789c64ea63cbf48fc3bb2c766a
Certificate serial: 01864BC7312EEB24B54CE2D674413023D60D
Authority key identifier: B5:20:44:9D:44:55:CF:78:9C:64:EA:63:CB:F4:8F:C3:BB:2C:76:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSBEnURVz3icZOpjy_SPw7ssdmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/OOkN97yaEJQft3CB_GSTFKY5Iq0.roa
Signing time: Mon 13 Feb 2023 17:16:30 +0000
ROA not before: Mon 13 Feb 2023 17:16:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 176.53.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4b:c7:31:2e:eb:24:b5:4c:e2:d6:74:41:30:23:d6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520449d4455cf789c64ea63cbf48fc3bb2c766a
Validity
Not Before: Feb 13 17:16:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38e90df7bc9a10941fb77081fc649314a63922ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d2:a3:36:f8:ef:f1:1c:62:19:f7:c9:a1:67:
68:1b:31:5c:93:bd:8c:fa:6e:90:ed:ba:e1:21:b1:
54:bd:ee:92:61:0a:b8:c8:ab:25:8a:35:e6:39:34:
85:f0:c9:82:2e:9f:45:d5:0e:9f:7a:b3:84:98:b0:
7c:a0:3d:1c:01:25:0f:bc:e8:00:af:bd:50:3d:88:
b8:cc:1c:ed:d5:a1:26:e0:e4:8d:81:b6:1e:96:0f:
7f:dd:1a:46:df:5b:a1:30:3e:7c:50:64:c9:be:8e:
99:4a:67:a8:da:4a:51:90:9f:8c:4f:86:e9:94:a2:
91:54:ea:e0:df:54:49:a5:02:e8:9a:33:ce:ee:dd:
77:fc:c2:2f:5a:e0:89:2c:82:38:d7:c7:4c:2f:89:
a6:eb:48:d8:74:15:85:16:29:fb:17:8f:a6:bc:af:
d1:b9:58:a1:d6:f4:9d:b8:3f:37:31:c4:b0:41:86:
48:2a:fb:30:f4:ee:c8:19:c8:5d:04:c6:99:d8:15:
9c:e9:79:00:ba:18:00:ee:bb:78:39:b0:82:d0:47:
48:21:fb:d7:cd:1f:83:2a:d1:96:e4:79:d4:30:dd:
bc:ed:06:72:d9:fc:d3:11:e7:8b:d0:c2:21:6f:41:
9b:7b:85:9f:d1:c0:37:79:22:f2:7d:59:78:40:8c:
45:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E9:0D:F7:BC:9A:10:94:1F:B7:70:81:FC:64:93:14:A6:39:22:AD
X509v3 Authority Key Identifier:
keyid:B5:20:44:9D:44:55:CF:78:9C:64:EA:63:CB:F4:8F:C3:BB:2C:76:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSBEnURVz3icZOpjy_SPw7ssdmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/OOkN97yaEJQft3CB_GSTFKY5Iq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/tSBEnURVz3icZOpjy_SPw7ssdmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.146.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:50:8d:9c:e3:f0:e4:54:2b:fa:0c:a5:49:6b:a8:1a:cb:01:
1b:b0:b4:5a:f1:db:43:d8:45:26:fd:4d:85:0c:36:69:0b:d1:
0a:d5:f0:0d:5d:34:9a:ba:67:af:fc:cb:5a:ba:2d:ff:c6:20:
07:1f:c5:81:3f:96:37:d8:68:e0:c8:5f:34:0a:2e:fb:41:85:
af:e5:51:2f:1d:d2:7c:70:01:c4:eb:aa:05:25:8e:c3:f3:25:
08:05:5a:ae:e6:06:a4:79:7e:f6:2b:d3:c0:48:e0:26:b5:64:
1d:d1:df:89:a4:52:6e:8c:72:aa:93:65:d5:5b:d9:f6:20:1f:
92:d0:98:78:4e:db:21:70:b0:90:19:6e:7a:dd:0a:cd:d6:aa:
b5:c9:bd:d4:83:40:bd:34:ec:94:c2:4a:9c:b6:94:e4:20:0e:
b9:a1:73:2c:71:9b:d8:25:d2:49:82:f4:c2:c3:b3:9b:f3:45:
c6:a2:a2:48:09:4c:c6:f0:55:95:52:3a:12:53:b9:81:f8:fb:
82:28:cd:e3:f3:cf:fa:34:b5:df:6e:7f:41:a3:54:0f:8a:43:
90:f9:a6:c5:de:a8:32:81:0d:80:9c:63:0e:6e:16:b3:96:16:
f0:95:14:ae:ad:1a:e3:ab:22:60:99:ca:b4:83:67:56:ac:0f:
2a:cb:39:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZLxzEu6yS1TOLWdEEwI9YNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjA0NDlkNDQ1NWNmNzg5YzY0ZWE2M2NiZjQ4ZmMzYmIy
Yzc2NmEwHhcNMjMwMjEzMTcxNjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGU5MGRmN2JjOWExMDk0MWZiNzcwODFmYzY0OTMxNGE2MzkyMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tKjNvjv8RxiGffJoWdoGzFck72M
+m6Q7brhIbFUve6SYQq4yKslijXmOTSF8MmCLp9F1Q6ferOEmLB8oD0cASUPvOgA
r71QPYi4zBzt1aEm4OSNgbYelg9/3RpG31uhMD58UGTJvo6ZSmeo2kpRkJ+MT4bp
lKKRVOrg31RJpQLomjPO7t13/MIvWuCJLII418dML4mm60jYdBWFFin7F4+mvK/R
uVih1vSduD83McSwQYZIKvsw9O7IGchdBMaZ2BWc6XkAuhgA7rt4ObCC0EdIIfvX
zR+DKtGW5HnUMN287QZy2fzTEeeL0MIhb0Gbe4Wf0cA3eSLyfVl4QIxF4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjpDfe8mhCUH7dwgfxkkxSmOSKtMB8GA1UdIwQY
MBaAFLUgRJ1EVc94nGTqY8v0j8O7LHZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNCRW5VUlZ6M2ljWk9wanlfU1B3N3NzZG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9mMGQ1ZTctZWRiNi00MmFkLTg0ODIt
YTE0ZDg1Zjk5NWNiLzEvT09rTjk3eWFFSlFmdDNDQl9HU1RGS1k1SXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9mMGQ1ZTctZWRiNi00MmFkLTg0ODItYTE0ZDg1Zjk5NWNi
LzEvdFNCRW5VUlZ6M2ljWk9wanlfU1B3N3NzZG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDWSMA0G
CSqGSIb3DQEBCwUAA4IBAQBOUI2c4/DkVCv6DKVJa6gaywEbsLRa8dtD2EUm/U2F
DDZpC9EK1fANXTSaumev/Mtaui3/xiAHH8WBP5Y32GjgyF80Ci77QYWv5VEvHdJ8
cAHE66oFJY7D8yUIBVqu5gakeX72K9PASOAmtWQd0d+JpFJujHKqk2XVW9n2IB+S
0Jh4TtshcLCQGW563QrN1qq1yb3Ug0C9NOyUwkqctpTkIA65oXMscZvYJdJJgvTC
w7Ob80XGoqJICUzG8FWVUjoSU7mB+PuCKM3j88/6NLXfbn9Bo1QPikOQ+abF3qgy
gQ2AnGMObhazlhbwlRSurRrjqyJgmcq0g2dWrA8qyznV
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:55:42 2025 by rpki-client