Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/OCZT2CotgRCIuoB7CyLdArI0Xq4.roa
File: OCZT2CotgRCIuoB7CyLdArI0Xq4.roa (raw, json)
Hash identifier: 2KavfbQ9/xCmCPRw2wyEJR9Q6ABQMSBcOd2DtqJChbQ=
Subject key identifier: 38:26:53:D8:2A:2D:81:10:88:BA:80:7B:0B:22:DD:02:B2:34:5E:AE
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 01942143B3165A5C5B5746C107B34723B7B2
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/OCZT2CotgRCIuoB7CyLdArI0Xq4.roa
Signing time: Wed 01 Jan 2025 09:47:52 +0000
ROA not before: Wed 01 Jan 2025 09:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61134
IP address blocks: 188.137.118.0/24 maxlen: 24
2a02:c47:c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b3:16:5a:5c:5b:57:46:c1:07:b3:47:23:b7:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 09:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=382653d82a2d811088ba807b0b22dd02b2345eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:fd:21:3e:50:c3:5b:79:4b:f3:6d:4e:db:8e:
57:e8:94:ad:f6:e0:58:d8:54:c3:0d:13:10:9d:62:
66:97:cd:79:12:44:e9:7c:2e:e4:28:46:86:23:59:
a5:8f:97:fb:e6:9e:fc:d4:6f:ed:dd:e5:cb:00:c8:
18:76:e6:16:41:90:ee:db:73:99:43:e1:8b:62:39:
aa:06:d2:6b:2c:a6:6c:5f:a1:37:7f:27:83:0a:3d:
30:38:19:0c:0a:23:e7:e9:cb:82:f0:19:d6:d6:48:
5c:8c:e2:4e:9f:65:f0:90:3a:79:e2:8c:10:bb:4a:
08:1e:e8:c8:8e:5b:6b:ab:44:e0:95:d7:a8:50:6b:
de:b3:49:b6:18:43:db:24:c8:6a:7e:eb:53:6a:f7:
51:94:6d:46:be:d1:58:5d:bd:79:0a:89:ea:2b:e1:
02:6d:17:b4:66:90:a2:29:9f:78:4a:5a:e7:c0:d4:
f4:fd:01:cd:a6:a7:86:1a:7e:8e:8e:1d:df:9a:af:
6c:a9:0c:3c:97:69:7f:bc:6d:9f:46:51:e6:5c:41:
51:46:06:9b:a1:7c:95:8d:7c:f2:85:2a:29:45:50:
0a:3f:c9:49:d9:ec:fc:92:b1:5d:12:98:52:cb:d9:
b7:18:fd:84:a9:cd:d2:31:e4:55:98:0e:56:b0:45:
ad:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:26:53:D8:2A:2D:81:10:88:BA:80:7B:0B:22:DD:02:B2:34:5E:AE
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/OCZT2CotgRCIuoB7CyLdArI0Xq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.118.0/24
IPv6:
2a02:c47:c::/48
Signature Algorithm: sha256WithRSAEncryption
6f:35:a0:ab:47:1a:95:21:2f:3a:e6:3f:09:46:bc:be:1c:83:
ab:c1:94:3f:0b:be:21:98:10:2f:b8:0e:8d:d6:55:e2:b6:4f:
40:79:8e:2f:a2:26:dd:5d:a1:4f:bb:0f:ef:d7:9d:ac:a1:12:
1b:95:08:03:98:4d:c4:a1:8c:36:2a:31:c4:05:5c:a1:fb:dc:
36:8a:5b:cf:7e:01:48:9c:55:84:62:5a:eb:71:5c:2a:aa:cc:
ce:7f:5b:05:2a:1b:e2:49:a0:ed:be:96:b3:18:13:39:44:d6:
ad:4b:39:01:2d:25:59:86:b5:5b:04:d0:d3:02:b5:b7:6a:e7:
12:ec:2e:d4:ed:2f:a0:50:f7:cd:ec:9e:34:6f:45:3d:0b:0f:
25:2b:5e:97:e8:a1:40:4e:a9:a5:dc:43:af:2f:bd:ce:b2:eb:
86:33:99:fa:73:6f:3b:c4:bf:f6:52:d6:29:bb:2b:02:2c:5e:
f7:bc:5d:35:e6:fd:bf:32:11:cd:ad:3e:1e:1b:74:a4:50:42:
3a:59:d0:c1:ce:2d:8b:1d:03:21:4a:67:14:54:36:31:3e:ee:
3b:e5:7f:de:36:d6:99:41:eb:b9:4d:c1:1a:e1:46:8c:ec:db:
b7:58:02:04:ee:64:f7:f2:be:04:a7:a6:de:df:1e:03:a2:50:
44:be:f1:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhQ7MWWlxbV0bBB7NHI7eyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjUwMTAxMDk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI2NTNkODJhMmQ4MTEwODhiYTgwN2IwYjIyZGQwMmIyMzQ1ZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4v0hPlDDW3lL821O245X6JSt9uBY
2FTDDRMQnWJml815EkTpfC7kKEaGI1mlj5f75p781G/t3eXLAMgYduYWQZDu23OZ
Q+GLYjmqBtJrLKZsX6E3fyeDCj0wOBkMCiPn6cuC8BnW1khcjOJOn2XwkDp54owQ
u0oIHujIjltrq0TgldeoUGves0m2GEPbJMhqfutTavdRlG1GvtFYXb15ConqK+EC
bRe0ZpCiKZ94SlrnwNT0/QHNpqeGGn6Ojh3fmq9sqQw8l2l/vG2fRlHmXEFRRgab
oXyVjXzyhSopRVAKP8lJ2ez8krFdEphSy9m3GP2Eqc3SMeRVmA5WsEWtpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDgmU9gqLYEQiLqAewsi3QKyNF6uMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvT0NaVDJDb3RnUkNJdW9CN0N5TGRBckkwWHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAvIl2MA8E
AgACMAkDBwAqAgxHAAwwDQYJKoZIhvcNAQELBQADggEBAG81oKtHGpUhLzrmPwlG
vL4cg6vBlD8LviGYEC+4Do3WVeK2T0B5ji+iJt1doU+7D+/XnayhEhuVCAOYTcSh
jDYqMcQFXKH73DaKW89+AUicVYRiWutxXCqqzM5/WwUqG+JJoO2+lrMYEzlE1q1L
OQEtJVmGtVsE0NMCtbdq5xLsLtTtL6BQ983snjRvRT0LDyUrXpfooUBOqaXcQ68v
vc6y64YzmfpzbzvEv/ZS1im7KwIsXve8XTXm/b8yEc2tPh4bdKRQQjpZ0MHOLYsd
AyFKZxRUNjE+7jvlf9421plB67lNwRrhRozs27dYAgTuZPfyvgSnpt7fHgOiUES+
8Uc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:12 2025 by rpki-client