Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ot3Q2v3HtdMHInHh9-NB0P6xsO0.roa
File: ot3Q2v3HtdMHInHh9-NB0P6xsO0.roa (raw, json)
Hash identifier: v7bi3ERmDw/H+AvmwPNFhHtGwVNmbkU4tWm0tYrIEyE=
Subject key identifier: A2:DD:D0:DA:FD:C7:B5:D3:07:22:71:E1:F7:E3:41:D0:FE:B1:B0:ED
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018F15312697EDD9CDEA5629920C388D96E1
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ot3Q2v3HtdMHInHh9-NB0P6xsO0.roa
Signing time: Thu 25 Apr 2024 12:18:13 +0000
ROA not before: Thu 25 Apr 2024 12:18:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211025
IP address blocks: 195.136.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:31:26:97:ed:d9:cd:ea:56:29:92:0c:38:8d:96:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Apr 25 12:18:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2ddd0dafdc7b5d3072271e1f7e341d0feb1b0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:93:43:d5:75:4a:4d:8a:21:8e:66:0f:02:02:
dd:44:e3:70:3f:4a:7d:b1:77:ca:d1:fb:4c:46:d9:
ea:c3:1b:61:7a:63:9a:8a:57:f3:f5:d2:0e:25:c2:
12:fc:c6:8d:e3:55:2b:15:59:16:fc:4e:29:08:df:
f7:e9:aa:07:6f:a5:fd:74:2f:6d:58:a7:4a:83:c1:
62:0e:6c:28:93:eb:0e:49:0a:ac:47:e4:02:8d:ec:
84:f1:0e:d5:5d:98:27:73:5f:8e:6e:89:5d:04:cc:
06:ba:3a:2d:6b:99:e8:a3:04:2e:b9:ad:47:22:3d:
69:cf:75:ab:18:08:da:2a:73:d1:ed:4e:20:81:65:
07:f2:19:5d:8f:da:64:08:ab:1b:a6:9e:02:de:76:
b1:2a:f3:05:c7:94:4e:f2:0b:4d:b1:be:c6:7a:f9:
d2:6b:c0:7b:e0:e3:83:20:73:61:11:51:a2:8d:18:
fc:9c:fd:48:e9:a7:47:3c:16:3c:a0:1b:e2:ad:9f:
ee:d0:83:5d:76:33:77:9c:95:5d:d9:8a:01:7a:7e:
34:ee:90:46:80:84:ab:cf:20:bc:be:c8:89:09:2f:
7b:1f:1b:21:5d:c9:43:51:da:98:de:71:9c:61:20:
e7:cb:61:68:a2:00:bf:b4:d4:8e:99:02:cd:8b:2e:
5e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DD:D0:DA:FD:C7:B5:D3:07:22:71:E1:F7:E3:41:D0:FE:B1:B0:ED
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ot3Q2v3HtdMHInHh9-NB0P6xsO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.70.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:bb:85:06:fe:a3:01:96:da:70:41:6d:4b:ac:e6:b4:4c:32:
21:13:d1:3d:0e:b3:fc:a9:af:e3:38:b8:65:08:92:1f:34:2c:
34:40:5e:86:91:fd:e8:a0:4a:61:5f:ed:a1:1e:98:06:2d:8e:
5f:24:42:c3:93:ac:a4:a7:6d:70:29:cf:f0:24:13:0b:29:2d:
4e:19:12:43:5d:54:2d:0e:20:f8:b8:0d:7e:0a:f4:58:ac:77:
8c:9c:26:57:77:cc:18:c5:4a:d3:06:22:5f:74:c5:0b:44:6c:
99:48:be:37:7e:df:65:58:a5:94:1c:f5:2a:14:89:2a:7f:39:
c5:8e:a9:c8:1a:3d:97:75:de:d1:56:4a:1e:2f:52:90:6a:96:
5a:b9:8e:69:b5:02:19:b2:8f:b2:0b:e3:8e:c8:10:d6:fd:d7:
8d:c0:dd:4a:09:18:66:19:11:12:be:1c:89:56:f7:99:d2:dc:
ef:94:70:e9:8e:6c:aa:2e:99:e2:cc:03:f5:ef:b9:de:28:79:
f7:30:08:cd:db:d9:ae:c4:fe:e1:90:c4:d8:cd:f2:2a:86:d6:
1c:d9:0b:1b:6c:2f:d0:f9:f7:5c:11:e5:46:4c:f6:a0:8f:b1:
4f:24:5d:96:0c:e4:48:ab:d2:64:f3:be:52:73:3c:fa:a5:d7:
a5:24:38:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8VMSaX7dnN6lYpkgw4jZbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwNDI1MTIxODEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRkZDBkYWZkYzdiNWQzMDcyMjcxZTFmN2UzNDFkMGZlYjFiMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJND1XVKTYohjmYPAgLdRONwP0p9
sXfK0ftMRtnqwxthemOailfz9dIOJcIS/MaN41UrFVkW/E4pCN/36aoHb6X9dC9t
WKdKg8FiDmwok+sOSQqsR+QCjeyE8Q7VXZgnc1+OboldBMwGujota5noowQuua1H
Ij1pz3WrGAjaKnPR7U4ggWUH8hldj9pkCKsbpp4C3naxKvMFx5RO8gtNsb7GevnS
a8B74OODIHNhEVGijRj8nP1I6adHPBY8oBvirZ/u0INddjN3nJVd2YoBen407pBG
gISrzyC8vsiJCS97HxshXclDUdqY3nGcYSDny2FoogC/tNSOmQLNiy5eEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLd0Nr9x7XTByJx4ffjQdD+sbDtMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvb3QzUTJ2M0h0ZE1ISW5IaDktTkIwUDZ4c08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4hGMA0G
CSqGSIb3DQEBCwUAA4IBAQAfu4UG/qMBltpwQW1LrOa0TDIhE9E9DrP8qa/jOLhl
CJIfNCw0QF6Gkf3ooEphX+2hHpgGLY5fJELDk6ykp21wKc/wJBMLKS1OGRJDXVQt
DiD4uA1+CvRYrHeMnCZXd8wYxUrTBiJfdMULRGyZSL43ft9lWKWUHPUqFIkqfznF
jqnIGj2Xdd7RVkoeL1KQapZauY5ptQIZso+yC+OOyBDW/deNwN1KCRhmGRESvhyJ
VveZ0tzvlHDpjmyqLpnizAP177neKHn3MAjN29muxP7hkMTYzfIqhtYc2QsbbC/Q
+fdcEeVGTPagj7FPJF2WDORIq9Jk875Sczz6pdelJDhl
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:34 2025 by rpki-client