Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/imCKG77bp7WdK7vCymhvohTOBTY.roa
File: imCKG77bp7WdK7vCymhvohTOBTY.roa (raw, json)
Hash identifier: +dr21Yl70b2bDHidLxNi7sVQLr7J1XvXON+K+7bZ+aQ=
Subject key identifier: 8A:60:8A:1B:BE:DB:A7:B5:9D:2B:BB:C2:CA:68:6F:A2:14:CE:05:36
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01958FC77D6AF0BD3DE80DE440E7088298F3
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/imCKG77bp7WdK7vCymhvohTOBTY.roa
Signing time: Thu 13 Mar 2025 13:52:50 +0000
ROA not before: Thu 13 Mar 2025 13:52:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2288
IP address blocks: 90.84.28.0/24 maxlen: 24
90.84.29.0/24 maxlen: 24
90.84.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:c7:7d:6a:f0:bd:3d:e8:0d:e4:40:e7:08:82:98:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Mar 13 13:52:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a608a1bbedba7b59d2bbbc2ca686fa214ce0536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a1:5e:d0:25:0d:f8:d5:c8:d7:03:e6:fd:1f:
fa:9f:3b:03:03:4a:2a:dc:30:2a:12:c3:cb:e5:84:
c2:62:20:fb:9d:8b:e9:2a:a9:22:d2:f2:f7:76:b0:
ad:4c:86:12:91:54:9a:d9:46:96:54:a7:de:7a:64:
e6:3a:64:b1:b2:94:8f:69:a6:70:a7:87:09:98:82:
ae:84:44:07:1a:ff:45:a8:ad:48:38:e5:f0:fc:34:
99:55:9c:52:96:13:ae:dc:75:9a:73:c4:87:46:39:
1d:2a:d7:d6:55:b4:f4:2e:c3:92:80:0b:8f:e9:8b:
48:83:78:76:c9:ed:42:6f:76:67:c9:5a:cc:35:de:
d6:b1:06:aa:43:be:8b:4f:94:b7:69:8a:05:19:b8:
e3:8b:51:fd:14:89:2a:99:36:0d:f4:5c:32:8f:27:
83:f7:59:16:fb:39:7a:10:df:10:9a:7c:f9:e5:c4:
30:6b:0a:a7:c0:c6:17:33:14:7a:38:98:1f:99:51:
9a:a1:80:f7:e1:5a:f0:b0:5d:2f:f6:6c:f2:8a:c2:
00:89:95:e0:a8:07:91:e5:36:dd:ed:28:3f:b4:a0:
c8:2e:2f:d0:28:53:b6:db:75:b0:ed:f2:25:98:ed:
85:a2:a4:c1:f0:1b:c7:26:81:c3:d4:93:36:cd:b9:
e0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:60:8A:1B:BE:DB:A7:B5:9D:2B:BB:C2:CA:68:6F:A2:14:CE:05:36
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/imCKG77bp7WdK7vCymhvohTOBTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.28.0-90.84.30.255
Signature Algorithm: sha256WithRSAEncryption
9d:6b:8a:42:a7:ae:84:f5:cc:ce:8a:00:af:8b:35:c3:d5:5b:
55:4f:66:12:a1:35:14:48:0e:76:a3:8d:dc:3d:e4:37:30:ff:
f5:1c:6f:b0:67:dc:0e:0b:c2:47:8b:7d:fd:b2:e2:29:9c:c0:
6b:d7:b7:de:77:51:79:15:0b:5e:15:40:29:a1:73:c4:23:a6:
0a:27:63:b7:24:65:d1:d0:b4:2d:08:e4:06:91:7d:b6:82:d7:
b4:a2:b4:88:19:bd:16:f7:54:39:e9:16:34:f4:75:8c:63:b6:
72:be:61:51:88:86:7d:f0:d9:37:8e:5a:20:c5:38:95:bb:e6:
29:66:79:d5:ad:58:26:a9:ff:0d:00:a0:84:11:ec:72:32:5b:
8e:25:18:ad:c2:ba:4c:ff:74:f3:98:4c:17:8d:93:c4:58:4a:
6f:80:c1:39:68:00:aa:84:23:ff:e4:ce:8e:81:8f:57:50:ce:
a8:33:15:ac:a6:6a:4a:b3:25:00:4a:c5:57:90:1c:dd:0d:03:
be:8e:49:cc:13:bd:64:5d:4e:e7:3b:30:32:3a:a2:4c:6d:b3:
cc:be:30:50:f6:38:16:e5:4d:c9:87:76:d0:6e:5f:30:3c:df:
8b:52:52:d8:62:2d:fc:20:b5:01:aa:4d:b9:f0:0b:af:77:4d:
4a:38:1d:6f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZWPx31q8L096A3kQOcIgpjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMzEzMTM1MjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTYwOGExYmJlZGJhN2I1OWQyYmJiYzJjYTY4NmZhMjE0Y2UwNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaFe0CUN+NXI1wPm/R/6nzsDA0oq
3DAqEsPL5YTCYiD7nYvpKqki0vL3drCtTIYSkVSa2UaWVKfeemTmOmSxspSPaaZw
p4cJmIKuhEQHGv9FqK1IOOXw/DSZVZxSlhOu3HWac8SHRjkdKtfWVbT0LsOSgAuP
6YtIg3h2ye1Cb3ZnyVrMNd7WsQaqQ76LT5S3aYoFGbjji1H9FIkqmTYN9FwyjyeD
91kW+zl6EN8Qmnz55cQwawqnwMYXMxR6OJgfmVGaoYD34VrwsF0v9mzyisIAiZXg
qAeR5Tbd7Sg/tKDILi/QKFO223Ww7fIlmO2FoqTB8BvHJoHD1JM2zbngnwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIpgihu+26e1nSu7wspob6IUzgU2MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvaW1DS0c3N2JwN1dkSzd2Q3ltaHZvaFRPQlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJaVBwD
BABaVB4wDQYJKoZIhvcNAQELBQADggEBAJ1rikKnroT1zM6KAK+LNcPVW1VPZhKh
NRRIDnajjdw95Dcw//Ucb7Bn3A4LwkeLff2y4imcwGvXt953UXkVC14VQCmhc8Qj
pgonY7ckZdHQtC0I5AaRfbaC17SitIgZvRb3VDnpFjT0dYxjtnK+YVGIhn3w2TeO
WiDFOJW75ilmedWtWCap/w0AoIQR7HIyW44lGK3Cukz/dPOYTBeNk8RYSm+AwTlo
AKqEI//kzo6Bj1dQzqgzFaymakqzJQBKxVeQHN0NA76OScwTvWRdTuc7MDI6okxt
s8y+MFD2OBblTcmHdtBuXzA834tSUthiLfwgtQGqTbnwC693TUo4HW8=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:20:54 2025 by rpki-client