Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/or-bzNEKWPMFfhcprlc4Je8yiEw.roa
File: or-bzNEKWPMFfhcprlc4Je8yiEw.roa (raw, json)
Hash identifier: 0ccoqvXPYXyqKu7ptIxj46L5QnRWLmAZYnw492FU0Aw=
Subject key identifier: A2:BF:9B:CC:D1:0A:58:F3:05:7E:17:29:AE:57:38:25:EF:32:88:4C
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5A781B7D24ECC698CCEF91244F5A3
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/or-bzNEKWPMFfhcprlc4Je8yiEw.roa
Signing time: Wed 01 Jan 2025 07:47:40 +0000
ROA not before: Wed 01 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21304
IP address blocks: 194.3.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a7:81:b7:d2:4e:cc:69:8c:ce:f9:12:44:f5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2bf9bccd10a58f3057e1729ae573825ef32884c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d3:09:88:f4:e6:71:2b:13:f5:90:5f:4f:ab:
1a:46:78:e4:77:6b:8b:58:9b:38:50:6b:19:6d:d0:
48:8e:56:96:32:2c:d0:5f:b0:23:13:31:04:1b:e0:
6c:e7:e8:eb:d3:37:bf:af:a7:7c:0f:2c:54:7e:28:
b6:52:6c:2e:27:58:2e:76:fa:20:7c:35:74:85:16:
3e:0d:41:d7:0e:d1:3c:ba:4b:c3:00:12:f7:41:0a:
4f:5e:5e:70:02:76:06:00:0a:80:f1:59:b7:1d:d3:
33:f1:b9:4a:75:d3:b1:ff:60:01:7e:1d:dc:65:2f:
b3:dd:98:10:b8:6a:16:84:1f:00:09:bd:18:8e:29:
4e:36:99:3f:bd:7c:f5:54:4d:51:e2:43:16:f0:be:
31:5b:aa:42:6e:ab:fb:62:dc:1b:72:33:3d:47:3b:
e8:a1:84:e2:11:86:e6:5d:e7:2f:aa:c3:69:60:46:
e7:45:a7:8f:47:0b:ff:50:c8:47:c7:30:9f:4c:56:
e4:eb:a9:78:f4:ca:92:1e:84:91:75:54:28:8b:04:
4c:38:ad:f7:c0:16:c0:76:7d:dc:11:26:14:82:4a:
e2:c4:b7:b0:f9:f9:24:d5:dc:02:d8:37:ed:12:10:
da:ae:8c:32:78:1f:20:a8:1d:21:ff:88:c5:9d:25:
1b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BF:9B:CC:D1:0A:58:F3:05:7E:17:29:AE:57:38:25:EF:32:88:4C
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/or-bzNEKWPMFfhcprlc4Je8yiEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.3.119.0/24
Signature Algorithm: sha256WithRSAEncryption
56:b3:02:a9:9c:ad:85:47:25:5c:af:31:17:e3:b0:b0:09:03:
f3:e8:09:43:fb:a2:31:ce:ef:b6:5d:b9:4a:ed:a4:a1:19:ac:
d3:40:cf:9f:62:df:28:d0:56:f7:5a:9d:a4:be:02:17:0b:54:
8a:77:68:85:b1:8f:8e:12:19:cb:6a:4d:cc:35:28:55:b9:ce:
38:50:51:aa:c7:3f:57:12:dc:1d:c7:37:09:6e:43:ed:e0:17:
0f:b9:62:1b:49:c4:72:be:3e:b1:d3:96:89:97:96:2c:28:9a:
94:d7:40:c9:4a:e9:a2:6c:8d:f6:33:f3:82:b1:13:87:a3:d2:
d9:20:3b:ca:61:aa:3d:66:8f:5c:ff:1f:f7:2a:f0:6c:7f:c0:
81:e7:b0:e9:a6:c0:48:9c:47:39:d0:21:6f:3d:14:0c:e2:48:
64:fa:c3:b8:c2:4f:c1:ae:7b:31:f3:47:58:eb:7a:56:e5:60:
d5:ef:46:3f:15:07:f8:b2:87:7e:d3:76:2e:62:93:d6:7e:26:
63:a0:8a:b2:f1:09:d9:3c:7e:dc:e9:7e:bd:48:37:1b:0a:d7:
23:d0:7a:c2:33:8f:db:76:61:82:0d:6e:fc:04:3c:07:32:61:
3b:67:3b:fb:3b:d7:9f:df:86:60:b6:f7:85:b8:73:94:99:b9:
44:74:0c:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1aeBt9JOzGmMzvkSRPWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJmOWJjY2QxMGE1OGYzMDU3ZTE3MjlhZTU3MzgyNWVmMzI4ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9MJiPTmcSsT9ZBfT6saRnjkd2uL
WJs4UGsZbdBIjlaWMizQX7AjEzEEG+Bs5+jr0ze/r6d8DyxUfii2UmwuJ1gudvog
fDV0hRY+DUHXDtE8ukvDABL3QQpPXl5wAnYGAAqA8Vm3HdMz8blKddOx/2ABfh3c
ZS+z3ZgQuGoWhB8ACb0YjilONpk/vXz1VE1R4kMW8L4xW6pCbqv7YtwbcjM9Rzvo
oYTiEYbmXecvqsNpYEbnRaePRwv/UMhHxzCfTFbk66l49MqSHoSRdVQoiwRMOK33
wBbAdn3cESYUgkrixLew+fkk1dwC2DftEhDarowyeB8gqB0h/4jFnSUbvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKK/m8zRCljzBX4XKa5XOCXvMohMMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvb3ItYnpORUtXUE1GZmhjcHJsYzRKZTh5aUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgN3MA0G
CSqGSIb3DQEBCwUAA4IBAQBWswKpnK2FRyVcrzEX47CwCQPz6AlD+6Ixzu+2XblK
7aShGazTQM+fYt8o0Fb3Wp2kvgIXC1SKd2iFsY+OEhnLak3MNShVuc44UFGqxz9X
EtwdxzcJbkPt4BcPuWIbScRyvj6x05aJl5YsKJqU10DJSumibI32M/OCsROHo9LZ
IDvKYao9Zo9c/x/3KvBsf8CB57DppsBInEc50CFvPRQM4khk+sO4wk/Brnsx80dY
63pW5WDV70Y/FQf4sod+03YuYpPWfiZjoIqy8QnZPH7c6X69SDcbCtcj0HrCM4/b
dmGCDW78BDwHMmE7Zzv7O9ef34ZgtveFuHOUmblEdAwf
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:18:14 2025 by rpki-client