Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/fe45cf-4ad2-41d9-bbca-203cfa238696/1/3OCzpqqGOlJ3RRPa9qcY9JxjkUo.roa
File: 3OCzpqqGOlJ3RRPa9qcY9JxjkUo.roa (raw, json)
Hash identifier: InQFvxlV7A4HcZ9T6xcxQF/B13Yg7udCj77rsg046YE=
Subject key identifier: DC:E0:B3:A6:AA:86:3A:52:77:45:13:DA:F6:A7:18:F4:9C:63:91:4A
Certificate issuer: /CN=cdfcbde632d106faad98c2c1895a877ca601521a
Certificate serial: 019473BBFA5D67A299959A079040896B57D1
Authority key identifier: CD:FC:BD:E6:32:D1:06:FA:AD:98:C2:C1:89:5A:87:7C:A6:01:52:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfy95jLRBvqtmMLBiVqHfKYBUho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/fe45cf-4ad2-41d9-bbca-203cfa238696/1/3OCzpqqGOlJ3RRPa9qcY9JxjkUo.roa
Signing time: Fri 17 Jan 2025 10:08:06 +0000
ROA not before: Fri 17 Jan 2025 10:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 137.120.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:bb:fa:5d:67:a2:99:95:9a:07:90:40:89:6b:57:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdfcbde632d106faad98c2c1895a877ca601521a
Validity
Not Before: Jan 17 10:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dce0b3a6aa863a52774513daf6a718f49c63914a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:be:6a:2e:75:84:a3:bf:7e:a0:cb:8d:8e:7d:
1e:ce:9b:47:03:11:d0:bc:22:5c:72:f8:20:03:60:
47:f8:e0:6d:05:33:eb:3d:29:92:a4:fc:e7:c2:14:
1b:29:2d:a2:66:3f:7c:cc:2b:7e:e8:cb:3d:25:3c:
4e:a8:98:91:e3:31:f0:ca:e1:c8:02:0a:18:74:9d:
e2:b3:5f:5d:35:3f:63:09:58:9b:de:ce:4d:3d:1f:
78:13:3b:2a:19:ac:e4:c0:61:23:89:8b:a4:c2:c7:
ff:a6:8b:11:29:89:e3:38:f9:74:bd:99:4c:8b:4f:
ec:0e:21:68:d5:cb:72:93:f0:44:d5:a1:c2:2e:0a:
76:c1:0e:48:12:ce:45:97:1a:34:e3:a2:0f:9a:68:
fe:f4:7a:45:bc:1f:ea:45:78:07:67:96:dd:52:d6:
6d:0c:bf:81:83:8c:c3:07:d0:c8:e8:41:9c:62:2f:
46:1e:51:11:10:5e:12:ca:b8:ea:ec:53:bc:d9:ca:
c5:93:7d:7e:f3:fc:0d:82:2c:3c:8f:94:8c:b4:dc:
7c:c7:33:e0:e1:c4:c4:2d:9a:d7:b7:2e:c2:03:e6:
d3:b1:a7:8b:f3:a3:eb:5b:cf:8c:2a:55:00:c8:e1:
53:1f:81:32:8d:af:7e:fa:3b:67:62:c8:d6:fb:81:
d6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E0:B3:A6:AA:86:3A:52:77:45:13:DA:F6:A7:18:F4:9C:63:91:4A
X509v3 Authority Key Identifier:
keyid:CD:FC:BD:E6:32:D1:06:FA:AD:98:C2:C1:89:5A:87:7C:A6:01:52:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfy95jLRBvqtmMLBiVqHfKYBUho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/fe45cf-4ad2-41d9-bbca-203cfa238696/1/3OCzpqqGOlJ3RRPa9qcY9JxjkUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/fe45cf-4ad2-41d9-bbca-203cfa238696/1/zfy95jLRBvqtmMLBiVqHfKYBUho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.120.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:79:1e:3c:eb:e8:b6:50:c0:17:38:25:3a:66:d2:24:76:48:
d8:9e:06:3b:93:09:49:73:3e:b2:f6:ab:92:1a:e6:be:72:e7:
a9:c7:4b:74:9d:ca:7b:de:b5:9b:f8:d3:d0:fd:58:7c:70:f9:
94:09:fa:05:66:6a:e3:7e:21:99:3c:c8:3e:76:73:10:ba:c8:
bb:2d:0f:92:22:b1:b9:f1:0a:57:96:81:b2:2a:ac:fe:54:95:
a1:98:fc:96:21:ad:b7:4c:80:cd:97:43:8a:73:e8:1e:bb:bf:
13:81:f8:ee:de:70:14:f3:63:c0:a4:5c:c3:62:d2:0d:b3:7d:
51:bf:bc:7a:7f:6d:02:fa:2f:55:60:17:8b:60:ca:31:9a:3a:
97:a2:68:25:29:df:e0:12:53:83:98:db:48:29:7d:f5:d2:62:
dc:55:89:18:71:35:25:6c:a5:6d:c5:f6:75:9d:e5:5b:5e:19:
0e:a0:8c:d7:e1:80:08:e0:27:da:d7:b3:86:7e:57:a2:c7:f1:
42:f9:97:80:36:8f:58:43:bd:cb:a4:af:08:d5:1c:9e:a9:7e:
1d:ab:b5:e6:c1:e4:43:48:17:13:b7:df:6c:5c:1c:37:e3:1c:
b3:bd:3c:26:d0:f4:49:fd:08:21:23:54:21:d3:20:74:88:40:
a3:60:2b:e1
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZRzu/pdZ6KZlZoHkECJa1fRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZmNiZGU2MzJkMTA2ZmFhZDk4YzJjMTg5NWE4NzdjYTYw
MTUyMWEwHhcNMjUwMTE3MTAwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2UwYjNhNmFhODYzYTUyNzc0NTEzZGFmNmE3MThmNDljNjM5MTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy75qLnWEo79+oMuNjn0ezptHAxHQ
vCJccvggA2BH+OBtBTPrPSmSpPznwhQbKS2iZj98zCt+6Ms9JTxOqJiR4zHwyuHI
AgoYdJ3is19dNT9jCVib3s5NPR94EzsqGazkwGEjiYukwsf/posRKYnjOPl0vZlM
i0/sDiFo1ctyk/BE1aHCLgp2wQ5IEs5Flxo046IPmmj+9HpFvB/qRXgHZ5bdUtZt
DL+Bg4zDB9DI6EGcYi9GHlEREF4Syrjq7FO82crFk31+8/wNgiw8j5SMtNx8xzPg
4cTELZrXty7CA+bTsaeL86PrW8+MKlUAyOFTH4Eyja9++jtnYsjW+4HWwQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNzgs6aqhjpSd0UT2vanGPScY5FKMB8GA1UdIwQY
MBaAFM38veYy0Qb6rZjCwYlah3ymAVIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZ5OTVqTFJCdnF0bU1MQmlWcUhmS1lCVWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9mZTQ1Y2YtNGFkMi00MWQ5LWJiY2Et
MjAzY2ZhMjM4Njk2LzEvM09DenBxcUdPbEozUlJQYTlxY1k5Snhqa1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9mZTQ1Y2YtNGFkMi00MWQ5LWJiY2EtMjAzY2ZhMjM4Njk2
LzEvemZ5OTVqTFJCdnF0bU1MQmlWcUhmS1lCVWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAiXgwDQYJ
KoZIhvcNAQELBQADggEBAKJ5Hjzr6LZQwBc4JTpm0iR2SNieBjuTCUlzPrL2q5Ia
5r5y56nHS3SdynvetZv409D9WHxw+ZQJ+gVmauN+IZk8yD52cxC6yLstD5Iisbnx
CleWgbIqrP5UlaGY/JYhrbdMgM2XQ4pz6B67vxOB+O7ecBTzY8CkXMNi0g2zfVG/
vHp/bQL6L1VgF4tgyjGaOpeiaCUp3+ASU4OY20gpffXSYtxViRhxNSVspW3F9nWd
5VteGQ6gjNfhgAjgJ9rXs4Z+V6LH8UL5l4A2j1hDvcukrwjVHJ6pfh2rtebB5ENI
FxO332xcHDfjHLO9PCbQ9En9CCEjVCHTIHSIQKNgK+E=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:37:15 2025 by rpki-client