Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/oyEKnBP2q2cG4FIITm_uC5-LgEA.roa
File: oyEKnBP2q2cG4FIITm_uC5-LgEA.roa (raw, json)
Hash identifier: Mvd7XIA0p++gT3AAT/jpxuO2YoHgfEeNP/e9GaNwuCA=
Subject key identifier: A3:21:0A:9C:13:F6:AB:67:06:E0:52:08:4E:6F:EE:0B:9F:8B:80:40
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 019478F7652770F5EC03E19DA271A6433503
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/oyEKnBP2q2cG4FIITm_uC5-LgEA.roa
Signing time: Sat 18 Jan 2025 10:31:06 +0000
ROA not before: Sat 18 Jan 2025 10:31:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 82.206.80.0/21 maxlen: 24
82.206.88.0/21 maxlen: 24
82.206.96.0/20 maxlen: 24
82.206.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:78:f7:65:27:70:f5:ec:03:e1:9d:a2:71:a6:43:35:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Jan 18 10:31:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3210a9c13f6ab6706e052084e6fee0b9f8b8040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c3:e1:15:c6:5f:2a:99:ad:87:3b:98:b3:11:
1a:bb:4f:fe:3a:0a:e9:3e:7d:b0:a8:e7:0e:f9:a5:
5e:19:45:29:db:66:b4:12:f9:ea:e9:59:0c:94:d4:
f2:ca:46:93:fd:a6:b8:2e:83:73:88:c4:de:45:cc:
0d:b4:1a:94:e1:e8:ff:c8:56:49:71:ea:e7:0c:f1:
6a:92:74:44:a9:f8:e0:b5:ce:6f:58:90:5e:13:6c:
f7:1e:44:a7:f3:db:64:14:1d:06:62:fb:8d:80:4f:
99:0c:e5:62:87:4e:54:95:72:37:ab:07:59:41:9d:
eb:25:a6:80:86:43:fb:b1:d1:e2:e3:0c:2c:e8:e6:
f3:82:6a:81:1c:d2:72:47:20:95:2b:c4:8d:33:7a:
ac:e2:f5:1e:c0:9a:f2:cf:2d:a1:67:5b:b0:d0:92:
be:7f:16:b3:e7:d4:aa:1e:45:9f:12:fc:58:e6:73:
52:4a:e7:23:0d:85:11:35:c6:ae:cc:04:11:6f:ec:
ad:0f:af:50:c4:71:76:18:8f:e7:a3:a5:f6:26:26:
52:b2:dc:9a:90:db:7f:e0:0d:a3:4d:42:f4:59:15:
ac:3d:dd:59:72:db:2a:af:82:85:27:31:d7:dd:47:
97:b0:93:6b:ee:be:d5:2b:ec:70:0b:15:80:7a:ee:
af:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:21:0A:9C:13:F6:AB:67:06:E0:52:08:4E:6F:EE:0B:9F:8B:80:40
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/oyEKnBP2q2cG4FIITm_uC5-LgEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.80.0-82.206.127.255
Signature Algorithm: sha256WithRSAEncryption
38:11:97:5d:b0:98:4b:00:4e:67:3b:4c:df:2a:e6:01:b4:53:
f1:0a:97:dc:43:ec:09:51:d2:95:d7:fa:19:02:2c:a6:c0:9c:
85:d8:b7:dc:27:74:15:ae:08:49:08:4f:81:55:3e:d9:56:88:
77:22:c3:55:34:b3:b9:98:b4:04:2b:a9:ca:d3:0a:e8:12:a7:
8d:81:92:fd:b7:81:f3:31:9a:36:58:b3:b7:5a:a0:a0:71:05:
1f:25:9d:4d:d4:23:46:b1:fd:c7:cd:68:cf:69:f2:79:b1:92:
8e:e3:45:f7:4e:81:93:94:73:85:fb:96:e9:b3:9f:d4:ba:ee:
36:71:39:e2:8c:8b:b3:23:4c:41:ee:38:70:d7:72:ab:6a:93:
80:13:86:a3:37:38:64:a3:63:c7:fc:f3:f8:10:dd:c7:b6:94:
7c:97:04:c1:95:3f:dd:a5:04:9f:92:69:9a:fe:cf:c9:b5:4c:
c4:c3:8e:23:72:e5:42:ec:ef:04:17:67:90:9f:05:e6:c6:da:
0f:d6:b0:4f:3c:9b:45:ca:87:b7:c0:41:6b:24:0a:d2:bd:8e:
91:73:93:6d:36:2f:ba:ce:85:55:79:bf:d1:aa:23:ca:59:82:
38:96:bc:b4:61:3c:e5:5e:31:e8:65:74:eb:e0:52:e9:0c:bd:
1a:1a:d1:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZR492UncPXsA+GdonGmQzUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMTE4MTAzMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzIxMGE5YzEzZjZhYjY3MDZlMDUyMDg0ZTZmZWUwYjlmOGI4MDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsPhFcZfKpmthzuYsxEau0/+Ogrp
Pn2wqOcO+aVeGUUp22a0Evnq6VkMlNTyykaT/aa4LoNziMTeRcwNtBqU4ej/yFZJ
cernDPFqknREqfjgtc5vWJBeE2z3HkSn89tkFB0GYvuNgE+ZDOVih05UlXI3qwdZ
QZ3rJaaAhkP7sdHi4wws6ObzgmqBHNJyRyCVK8SNM3qs4vUewJryzy2hZ1uw0JK+
fxaz59SqHkWfEvxY5nNSSucjDYURNcauzAQRb+ytD69QxHF2GI/no6X2JiZSstya
kNt/4A2jTUL0WRWsPd1Zctsqr4KFJzHX3UeXsJNr7r7VK+xwCxWAeu6vywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKMhCpwT9qtnBuBSCE5v7gufi4BAMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvb3lFS25CUDJxMmNHNEZJSVRtX3VDNS1MZ0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARSzlAD
BAdSzgAwDQYJKoZIhvcNAQELBQADggEBADgRl12wmEsATmc7TN8q5gG0U/EKl9xD
7AlR0pXX+hkCLKbAnIXYt9wndBWuCEkIT4FVPtlWiHciw1U0s7mYtAQrqcrTCugS
p42Bkv23gfMxmjZYs7daoKBxBR8lnU3UI0ax/cfNaM9p8nmxko7jRfdOgZOUc4X7
lumzn9S67jZxOeKMi7MjTEHuOHDXcqtqk4AThqM3OGSjY8f88/gQ3ce2lHyXBMGV
P92lBJ+SaZr+z8m1TMTDjiNy5ULs7wQXZ5CfBebG2g/WsE88m0XKh7fAQWskCtK9
jpFzk202L7rOhVV5v9GqI8pZgjiWvLRhPOVeMehldOvgUukMvRoa0e0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:34 2025 by rpki-client