Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/34c618-4d43-4736-859f-9d2a42affb1b/1/DT1onb-4ObKDzalYYHYuQuaaeIo.roa
File: DT1onb-4ObKDzalYYHYuQuaaeIo.roa (raw, json)
Hash identifier: vu1nm9V8jbxKLGzlJsgL+mHK04vH81jI0saGvnr/HOw=
Subject key identifier: 0D:3D:68:9D:BF:B8:39:B2:83:CD:A9:58:60:76:2E:42:E6:9A:78:8A
Certificate issuer: /CN=330e3fdb11d826bc01663290bd7ca406b8d76507
Certificate serial: 019421444E046D9C3A3C90CF0C02F79184EF
Authority key identifier: 33:0E:3F:DB:11:D8:26:BC:01:66:32:90:BD:7C:A4:06:B8:D7:65:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw4_2xHYJrwBZjKQvXykBrjXZQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/34c618-4d43-4736-859f-9d2a42affb1b/1/DT1onb-4ObKDzalYYHYuQuaaeIo.roa
Signing time: Wed 01 Jan 2025 09:48:31 +0000
ROA not before: Wed 01 Jan 2025 09:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39203
IP address blocks: 194.105.140.0/24 maxlen: 24
194.105.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:4e:04:6d:9c:3a:3c:90:cf:0c:02:f7:91:84:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330e3fdb11d826bc01663290bd7ca406b8d76507
Validity
Not Before: Jan 1 09:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d3d689dbfb839b283cda95860762e42e69a788a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fb:f8:e9:3d:9c:84:e7:b6:e4:48:3d:6b:4a:
cc:be:05:06:95:d1:25:a4:7c:70:e8:73:f9:94:b6:
13:8d:17:ce:ec:8a:da:bd:c6:48:ff:8c:a1:36:d9:
a9:92:d6:c8:66:51:04:1c:42:72:10:a5:a6:36:64:
a2:ef:a3:25:2b:ce:5f:99:33:d2:a4:b9:33:1f:c4:
30:97:a9:0d:3f:2d:64:38:71:c0:ea:e1:6e:eb:9a:
b5:2f:08:eb:70:b1:e2:cf:f8:a8:ad:38:5d:63:d5:
ea:af:0c:26:b5:37:77:ae:33:6b:22:69:b3:c6:cd:
fa:6a:24:63:5e:88:f9:7e:d8:4e:e9:2c:c6:81:07:
08:7f:97:cf:c7:b1:79:8c:73:e1:08:31:44:ee:7c:
d5:3d:34:a8:94:c8:f7:a7:7a:42:25:dd:18:c3:34:
ff:86:8b:1e:5f:7c:24:03:7c:66:01:4b:44:90:99:
a9:ca:2d:5c:ee:f5:f3:32:cc:93:bd:58:61:a6:6c:
b4:cb:22:84:59:2e:f5:d4:4e:b3:96:3e:09:9c:61:
35:3a:29:c7:d3:b5:62:96:07:f1:70:69:83:c9:17:
36:c6:2b:ae:b1:2e:93:42:88:e0:0a:35:5b:33:79:
4d:be:2b:eb:e0:41:bd:fc:45:73:65:89:d5:d5:2d:
13:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:3D:68:9D:BF:B8:39:B2:83:CD:A9:58:60:76:2E:42:E6:9A:78:8A
X509v3 Authority Key Identifier:
keyid:33:0E:3F:DB:11:D8:26:BC:01:66:32:90:BD:7C:A4:06:B8:D7:65:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw4_2xHYJrwBZjKQvXykBrjXZQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34c618-4d43-4736-859f-9d2a42affb1b/1/DT1onb-4ObKDzalYYHYuQuaaeIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34c618-4d43-4736-859f-9d2a42affb1b/1/Mw4_2xHYJrwBZjKQvXykBrjXZQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.105.140.0/23
Signature Algorithm: sha256WithRSAEncryption
55:56:e0:48:a7:00:12:8a:02:42:9e:fe:15:dc:a4:01:82:00:
81:38:3b:82:f4:b6:a4:25:f9:8a:6b:de:3a:f2:9a:06:69:c8:
6f:16:44:25:47:bb:47:2c:cc:a4:41:3e:4e:f3:ea:a1:76:60:
e7:44:5a:c4:b1:44:77:ed:93:47:9a:16:85:b9:30:5e:14:4b:
42:91:b6:78:1c:78:17:39:3d:d8:6e:50:5b:e4:68:50:c6:2a:
cb:6d:26:be:88:8f:32:a8:30:92:c9:5f:08:3b:5a:16:66:1d:
f5:16:dd:d0:d9:1d:14:04:78:c4:53:5e:02:32:94:15:3f:32:
c1:d1:0b:53:f5:0f:aa:3d:cb:3e:1a:ec:c7:74:ce:5a:f3:f9:
c6:54:0c:87:ec:96:7d:40:fd:4b:39:17:4d:c9:14:a6:be:a3:
0b:16:8f:a6:46:07:7a:aa:61:36:82:85:db:d9:f4:ac:20:56:
40:58:d4:52:c7:57:c7:2b:a6:14:0c:4d:2a:10:28:7c:91:dd:
88:38:98:7e:42:24:0e:29:ce:ea:ea:27:05:d5:de:85:77:ab:
4d:03:e3:8b:eb:7b:b7:83:ec:b7:33:6d:d6:a3:5a:a2:3c:43:
5d:7b:ca:45:d3:4e:18:3f:f7:95:9c:14:14:ce:28:d1:73:65:
5a:15:fa:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRE4EbZw6PJDPDAL3kYTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMGUzZmRiMTFkODI2YmMwMTY2MzI5MGJkN2NhNDA2Yjhk
NzY1MDcwHhcNMjUwMTAxMDk0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDNkNjg5ZGJmYjgzOWIyODNjZGE5NTg2MDc2MmU0MmU2OWE3ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPv46T2chOe25Eg9a0rMvgUGldEl
pHxw6HP5lLYTjRfO7IravcZI/4yhNtmpktbIZlEEHEJyEKWmNmSi76MlK85fmTPS
pLkzH8Qwl6kNPy1kOHHA6uFu65q1LwjrcLHiz/iorThdY9XqrwwmtTd3rjNrImmz
xs36aiRjXoj5fthO6SzGgQcIf5fPx7F5jHPhCDFE7nzVPTSolMj3p3pCJd0YwzT/
hoseX3wkA3xmAUtEkJmpyi1c7vXzMsyTvVhhpmy0yyKEWS711E6zlj4JnGE1OinH
07VilgfxcGmDyRc2xiuusS6TQojgCjVbM3lNvivr4EG9/EVzZYnV1S0TkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA09aJ2/uDmyg82pWGB2LkLmmniKMB8GA1UdIwQY
MBaAFDMOP9sR2Ca8AWYykL18pAa412UHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXc0XzJ4SFlKcndCWmpLUXZYeWtCcmpYWlFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zNGM2MTgtNGQ0My00NzM2LTg1OWYt
OWQyYTQyYWZmYjFiLzEvRFQxb25iLTRPYktEemFsWVlIWXVRdWFhZUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zNGM2MTgtNGQ0My00NzM2LTg1OWYtOWQyYTQyYWZmYjFi
LzEvTXc0XzJ4SFlKcndCWmpLUXZYeWtCcmpYWlFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwmmMMA0G
CSqGSIb3DQEBCwUAA4IBAQBVVuBIpwASigJCnv4V3KQBggCBODuC9LakJfmKa946
8poGachvFkQlR7tHLMykQT5O8+qhdmDnRFrEsUR37ZNHmhaFuTBeFEtCkbZ4HHgX
OT3YblBb5GhQxirLbSa+iI8yqDCSyV8IO1oWZh31Ft3Q2R0UBHjEU14CMpQVPzLB
0QtT9Q+qPcs+GuzHdM5a8/nGVAyH7JZ9QP1LORdNyRSmvqMLFo+mRgd6qmE2goXb
2fSsIFZAWNRSx1fHK6YUDE0qECh8kd2IOJh+QiQOKc7q6icF1d6Fd6tNA+OL63u3
g+y3M23Wo1qiPENde8pF004YP/eVnBQUzijRc2VaFfpV
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:13:37 2025 by rpki-client