Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/OnnGLe98EELExBT2KG1V7ZKvcdg.roa
File: OnnGLe98EELExBT2KG1V7ZKvcdg.roa (raw, json)
Hash identifier: KZt4FFsf5ZOVbwbpsRVi65II52u964xUYYgqCHd+7Xw=
Subject key identifier: 3A:79:C6:2D:EF:7C:10:42:C4:C4:14:F6:28:6D:55:ED:92:AF:71:D8
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 019423698DE364AE9994E1AA1E6FC6E0DA03
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/OnnGLe98EELExBT2KG1V7ZKvcdg.roa
Signing time: Wed 01 Jan 2025 19:48:27 +0000
ROA not before: Wed 01 Jan 2025 19:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35268
IP address blocks: 85.204.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8d:e3:64:ae:99:94:e1:aa:1e:6f:c6:e0:da:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a79c62def7c1042c4c414f6286d55ed92af71d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:38:d9:0d:f5:52:95:a7:61:71:fd:3a:aa:4e:
cd:fe:45:e2:38:c1:d9:99:b6:82:47:e0:15:16:ea:
ee:8c:92:af:4a:26:95:f3:89:b8:87:51:0e:17:85:
4e:bf:d1:35:a0:a4:76:07:69:91:3c:27:91:e5:b9:
6a:e0:5b:36:34:15:a2:e8:fb:53:0f:ca:6d:14:79:
a1:6d:c5:ed:ea:4d:f5:a9:91:32:7a:f9:2a:65:e9:
31:54:e9:65:c5:18:3b:5c:30:b7:3d:27:c3:98:e8:
dd:22:d0:99:62:57:72:74:e5:ac:c4:d7:7f:11:61:
82:fd:a9:9a:d3:01:93:69:65:74:94:5f:7c:25:02:
8c:a2:91:77:db:a9:e4:77:2b:f3:4e:8d:7e:99:9c:
18:8e:77:59:4b:27:73:49:92:d4:61:73:9f:38:22:
01:b3:04:5f:27:c3:34:fd:8b:1c:e1:8d:d8:94:2e:
f0:2a:40:ca:a8:97:36:05:aa:48:06:43:43:3f:e2:
db:7b:b6:20:fb:e3:0c:94:23:4d:81:a0:0c:01:a5:
fa:a9:a3:b5:ed:71:9a:92:dd:4d:46:da:dd:e1:ce:
89:ae:b3:26:24:fe:d4:ac:58:0d:9f:5b:e6:d3:f6:
0f:bb:f9:a5:09:9b:54:45:24:0c:56:4a:c9:df:e2:
a9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:79:C6:2D:EF:7C:10:42:C4:C4:14:F6:28:6D:55:ED:92:AF:71:D8
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/OnnGLe98EELExBT2KG1V7ZKvcdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.134.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:2b:86:17:e8:9f:b8:f1:a3:18:f3:64:e1:27:ae:50:5a:84:
43:66:c2:49:d9:3f:77:dc:55:0f:ac:42:51:35:b3:49:86:5b:
4b:6e:28:be:4b:ba:09:0b:85:54:d3:35:3d:52:cf:ae:f4:fa:
89:ff:82:5d:c5:d4:db:53:14:61:de:17:4f:93:be:b1:01:9f:
8e:26:01:c0:69:a0:47:da:39:fe:af:13:42:c3:97:f1:0a:f4:
e5:7c:85:0e:28:c5:7a:3b:cc:5b:52:64:dd:54:05:ed:c6:d4:
22:38:95:01:e2:5f:77:d0:78:9f:9b:75:79:56:c3:b9:52:93:
ed:ee:35:d4:4d:e4:05:e9:b3:04:dc:70:a0:f6:4f:ad:f4:65:
16:10:78:fc:0a:16:72:fa:62:bd:eb:6d:4a:77:49:5f:4b:4c:
75:41:4a:3a:05:08:6f:d5:3b:09:7a:35:fd:fa:e6:f8:78:a3:
54:20:be:7b:6d:1a:87:c4:38:78:90:08:ea:f2:16:bd:d6:fa:
98:a5:b6:49:a7:86:07:6c:5a:99:6f:ff:16:2c:0a:8f:e2:9b:
43:c5:93:9e:9b:4b:23:11:5e:d7:19:87:6b:23:5b:66:e8:65:
59:c1:f8:50:50:25:1d:a6:3d:6d:eb:fe:ba:fd:bf:e3:49:e0:
15:80:ac:7c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaY3jZK6ZlOGqHm/G4NoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc5YzYyZGVmN2MxMDQyYzRjNDE0ZjYyODZkNTVlZDkyYWY3MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDjZDfVSladhcf06qk7N/kXiOMHZ
mbaCR+AVFurujJKvSiaV84m4h1EOF4VOv9E1oKR2B2mRPCeR5blq4Fs2NBWi6PtT
D8ptFHmhbcXt6k31qZEyevkqZekxVOllxRg7XDC3PSfDmOjdItCZYldydOWsxNd/
EWGC/ama0wGTaWV0lF98JQKMopF326nkdyvzTo1+mZwYjndZSydzSZLUYXOfOCIB
swRfJ8M0/Ysc4Y3YlC7wKkDKqJc2BapIBkNDP+Lbe7Yg++MMlCNNgaAMAaX6qaO1
7XGakt1NRtrd4c6JrrMmJP7UrFgNn1vm0/YPu/mlCZtURSQMVkrJ3+KpSQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDp5xi3vfBBCxMQU9ihtVe2Sr3HYMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL09ubkdMZTk4RUVMRXhCVDJLRzFWN1pLdmNkZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVzIYw
DQYJKoZIhvcNAQELBQADggEBAL8rhhfon7jxoxjzZOEnrlBahENmwknZP3fcVQ+s
QlE1s0mGW0tuKL5LugkLhVTTNT1Sz670+on/gl3F1NtTFGHeF0+TvrEBn44mAcBp
oEfaOf6vE0LDl/EK9OV8hQ4oxXo7zFtSZN1UBe3G1CI4lQHiX3fQeJ+bdXlWw7lS
k+3uNdRN5AXpswTccKD2T630ZRYQePwKFnL6Yr3rbUp3SV9LTHVBSjoFCG/VOwl6
Nf365vh4o1QgvnttGofEOHiQCOryFr3W+piltkmnhgdsWplv/xYsCo/im0PFk56b
SyMRXtcZh2sjW2boZVnB+FBQJR2mPW3r/rr9v+NJ4BWArHw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:40 2025 by rpki-client