Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/oMzwmstp6zrD3At3avSoaBK3hAo.roa
File: oMzwmstp6zrD3At3avSoaBK3hAo.roa (raw, json)
Hash identifier: 8PnyI0kL8i6bYnpsnoYp4rBhTUwwbbvugRAvfcmzU5M=
Subject key identifier: A0:CC:F0:9A:CB:69:EB:3A:C3:DC:0B:77:6A:F4:A8:68:12:B7:84:0A
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01955C21E41BBFA96FBC9DFE1AC978908C50
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/oMzwmstp6zrD3At3avSoaBK3hAo.roa
Signing time: Mon 03 Mar 2025 13:11:19 +0000
ROA not before: Mon 03 Mar 2025 13:11:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32002
IP address blocks: 155.2.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:21:e4:1b:bf:a9:6f:bc:9d:fe:1a:c9:78:90:8c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 3 13:11:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0ccf09acb69eb3ac3dc0b776af4a86812b7840a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:be:cf:4d:79:50:ed:55:4d:6b:82:29:48:41:
79:4c:ee:6e:58:57:ad:25:56:00:0e:ae:23:9e:6b:
ba:64:f2:38:e7:2c:84:b9:8c:2b:8c:8f:71:49:03:
fb:1a:a1:d1:e0:e1:49:4c:b6:c7:f7:5a:6c:ec:bb:
65:34:d8:79:17:09:f5:bd:59:25:35:83:5c:2f:d5:
e6:0b:7e:fe:1c:a1:11:3b:43:81:b8:40:c2:5e:cc:
62:3d:15:29:3f:a4:24:e3:f1:f4:fa:b6:60:3d:89:
54:eb:b0:ec:6a:cc:79:1d:a6:e6:35:89:b0:f3:17:
0d:df:d9:46:35:ea:69:f5:5d:02:f4:f8:0c:85:c7:
f3:a4:1b:14:e3:70:32:ba:52:f1:7a:8f:a9:68:3b:
a1:e2:21:98:cb:74:1b:8d:6b:f1:ba:7f:b7:28:60:
9d:57:a9:36:6e:70:9c:2f:d0:36:16:91:f9:67:51:
bc:73:1b:96:c0:84:85:da:2f:83:2f:c5:64:64:3e:
83:23:d2:03:61:27:cd:44:57:13:d1:74:9c:2a:80:
6f:63:cb:d0:3b:2b:35:f1:57:64:5a:7b:22:6b:93:
8c:25:e7:cf:03:1e:44:75:5a:08:b2:f0:66:60:98:
2b:82:92:e7:24:6a:f6:34:08:b3:c6:37:63:c4:8b:
ae:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CC:F0:9A:CB:69:EB:3A:C3:DC:0B:77:6A:F4:A8:68:12:B7:84:0A
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/oMzwmstp6zrD3At3avSoaBK3hAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.2.214.0/24
Signature Algorithm: sha256WithRSAEncryption
07:14:fc:45:8a:23:ca:3d:d6:33:4e:92:9f:8a:08:74:32:9c:
a7:aa:54:4f:e4:0e:52:d1:d4:6d:b7:37:68:25:4a:d3:ab:83:
60:77:08:6c:79:b8:e1:01:ba:a1:87:31:10:5e:b5:f9:87:2b:
97:3a:e9:b0:30:14:90:b8:18:40:09:30:4f:8f:63:29:91:b8:
b6:e1:95:8b:64:24:e0:ca:aa:33:d4:20:15:10:67:ca:85:27:
06:5f:15:5c:5a:fe:bc:de:0f:a5:4c:f9:66:b7:3d:81:66:40:
76:4b:5e:5b:6a:df:14:73:4e:59:e8:ba:df:37:ca:21:e3:f4:
fc:7e:5b:10:a0:2e:b6:de:0c:d1:51:a8:87:0f:ce:79:6e:0c:
41:bc:d0:95:20:12:5c:35:ba:86:26:f7:08:39:21:d5:06:16:
e3:03:68:31:02:52:c7:d5:79:08:69:9a:f2:96:e7:3a:11:5a:
e5:bd:75:ed:f5:fb:a2:39:9f:a6:a9:a1:32:95:d4:dc:16:c4:
db:63:dd:0e:32:a9:84:a6:1c:14:ca:45:b7:cd:fb:43:78:7d:
55:55:a4:e4:9b:3b:96:a7:cc:72:0e:81:64:3e:db:e3:fd:a2:
d1:90:01:dc:bd:77:8b:7f:51:3c:9f:b6:67:87:50:e8:5d:8b:
d3:3e:7e:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVcIeQbv6lvvJ3+Gsl4kIxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMzAzMTMxMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGNjZjA5YWNiNjllYjNhYzNkYzBiNzc2YWY0YTg2ODEyYjc4NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub7PTXlQ7VVNa4IpSEF5TO5uWFet
JVYADq4jnmu6ZPI45yyEuYwrjI9xSQP7GqHR4OFJTLbH91ps7LtlNNh5Fwn1vVkl
NYNcL9XmC37+HKERO0OBuEDCXsxiPRUpP6Qk4/H0+rZgPYlU67Dsasx5HabmNYmw
8xcN39lGNepp9V0C9PgMhcfzpBsU43AyulLxeo+paDuh4iGYy3QbjWvxun+3KGCd
V6k2bnCcL9A2FpH5Z1G8cxuWwISF2i+DL8VkZD6DI9IDYSfNRFcT0XScKoBvY8vQ
Oys18VdkWnsia5OMJefPAx5EdVoIsvBmYJgrgpLnJGr2NAizxjdjxIuulwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDM8JrLaes6w9wLd2r0qGgSt4QKMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvb016d21zdHA2enJEM0F0M2F2U29hQkszaEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmwLWMA0G
CSqGSIb3DQEBCwUAA4IBAQAHFPxFiiPKPdYzTpKfigh0MpynqlRP5A5S0dRttzdo
JUrTq4NgdwhsebjhAbqhhzEQXrX5hyuXOumwMBSQuBhACTBPj2Mpkbi24ZWLZCTg
yqoz1CAVEGfKhScGXxVcWv683g+lTPlmtz2BZkB2S15bat8Uc05Z6LrfN8oh4/T8
flsQoC623gzRUaiHD855bgxBvNCVIBJcNbqGJvcIOSHVBhbjA2gxAlLH1XkIaZry
luc6EVrlvXXt9fuiOZ+mqaEyldTcFsTbY90OMqmEphwUykW3zftDeH1VVaTkmzuW
p8xyDoFkPtvj/aLRkAHcvXeLf1E8n7Znh1DoXYvTPn7R
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:55:15 2025 by rpki-client