Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/oLsRck0rfRJTe_DlIobAHiPybik.roa
File: oLsRck0rfRJTe_DlIobAHiPybik.roa (raw, json)
Hash identifier: HITR6UDaTE4KoI724hxLpPj2e++WnzdsOgqIY7veXg8=
Subject key identifier: A0:BB:11:72:4D:2B:7D:12:53:7B:F0:E5:22:86:C0:1E:23:F2:6E:29
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 01941FFA5860F47ED6C48AEFDA532295D7CD
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/oLsRck0rfRJTe_DlIobAHiPybik.roa
Signing time: Wed 01 Jan 2025 03:48:07 +0000
ROA not before: Wed 01 Jan 2025 03:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39216
IP address blocks: 185.21.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:58:60:f4:7e:d6:c4:8a:ef:da:53:22:95:d7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Jan 1 03:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0bb11724d2b7d12537bf0e52286c01e23f26e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7a:c0:c5:40:32:5c:86:de:15:14:e9:fe:73:
17:e8:1a:53:0b:1b:19:f4:53:94:19:fc:6c:82:8a:
9b:ec:61:0d:59:32:20:62:30:c9:f5:b8:de:16:6d:
72:89:83:4e:22:ef:62:59:e0:ed:db:44:70:20:a4:
d4:84:ce:7a:fb:49:d2:55:f8:e6:ed:76:7b:7a:d1:
32:18:e4:da:0b:6b:17:f0:72:23:e9:cf:2f:c7:8e:
73:53:25:19:a5:dc:18:53:9c:e9:7d:7a:ad:dc:9b:
87:4a:88:ab:ba:25:a0:9e:55:a9:16:22:a7:64:6c:
47:ea:f7:88:bf:ad:4d:64:39:f1:05:90:b3:d1:e6:
d8:eb:b8:68:0a:5d:19:9b:ac:5c:c3:4e:73:1c:d3:
b3:18:58:ed:f4:88:e7:c0:ce:59:66:62:d3:88:08:
19:44:93:8d:c3:be:7f:a6:16:5b:2f:1f:ff:3e:1d:
d8:17:cb:a6:49:9b:fa:b8:b6:a9:d1:50:66:c0:95:
84:72:98:7d:ee:f7:56:af:70:36:4c:bc:1d:b8:22:
99:68:0e:93:bf:4a:8f:2e:71:67:25:34:29:19:19:
ef:7e:eb:c4:69:49:7c:74:50:33:94:5d:3f:e5:87:
73:af:f6:88:be:80:fc:8d:41:70:28:dd:a7:b5:0d:
c4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BB:11:72:4D:2B:7D:12:53:7B:F0:E5:22:86:C0:1E:23:F2:6E:29
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/oLsRck0rfRJTe_DlIobAHiPybik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.139.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:75:70:0d:bf:91:20:b0:65:cf:5f:e5:5a:50:b4:20:33:bb:
32:46:06:f3:dd:b3:28:86:b2:de:b7:4f:76:6f:68:e1:20:d5:
6d:ad:80:4b:f0:12:44:d8:11:6a:fb:72:ae:ac:44:f6:27:9e:
d1:6f:7b:6c:3d:8b:e1:c9:5f:98:0c:f3:68:d8:f2:e9:5f:52:
a0:f7:ba:d6:83:84:a8:0f:7b:62:58:41:c4:78:13:c9:9c:86:
39:37:8f:5e:a3:37:36:5a:24:12:5f:be:b1:7c:fd:b1:0c:1b:
22:8d:e3:a2:cd:20:3d:44:e1:1e:5a:58:54:83:2b:8e:2b:c9:
9c:c0:c7:5b:44:84:7e:3f:aa:60:55:66:69:67:83:dc:80:2b:
f3:a5:ef:d9:07:9c:89:0a:22:ae:b0:c5:12:34:f4:69:19:da:
1f:18:56:ac:00:5d:ec:2e:7f:c8:1d:91:c5:da:e6:79:3d:81:
72:01:cd:86:81:e2:12:0a:31:31:37:27:6a:b8:e3:60:83:85:
56:29:00:22:53:fa:a8:e5:fb:f8:e5:49:90:3b:f4:30:cf:e7:
a0:ae:9c:b1:83:b1:d6:5a:b7:18:99:aa:86:3e:d5:bb:c4:59:
0b:5c:55:07:a4:ab:af:fa:0e:a5:c9:21:ff:14:27:66:4f:38:
f5:9c:f2:3c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQf+lhg9H7WxIrv2lMildfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjUwMTAxMDM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGJiMTE3MjRkMmI3ZDEyNTM3YmYwZTUyMjg2YzAxZTIzZjI2ZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHrAxUAyXIbeFRTp/nMX6BpTCxsZ
9FOUGfxsgoqb7GENWTIgYjDJ9bjeFm1yiYNOIu9iWeDt20RwIKTUhM56+0nSVfjm
7XZ7etEyGOTaC2sX8HIj6c8vx45zUyUZpdwYU5zpfXqt3JuHSoiruiWgnlWpFiKn
ZGxH6veIv61NZDnxBZCz0ebY67hoCl0Zm6xcw05zHNOzGFjt9IjnwM5ZZmLTiAgZ
RJONw75/phZbLx//Ph3YF8umSZv6uLap0VBmwJWEcph97vdWr3A2TLwduCKZaA6T
v0qPLnFnJTQpGRnvfuvEaUl8dFAzlF0/5Ydzr/aIvoD8jUFwKN2ntQ3EgwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKC7EXJNK30SU3vw5SKGwB4j8m4pMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL29Mc1JjazByZlJKVGVfRGxJb2JBSGlQeWJpay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5FYsw
DQYJKoZIhvcNAQELBQADggEBAKF1cA2/kSCwZc9f5VpQtCAzuzJGBvPdsyiGst63
T3ZvaOEg1W2tgEvwEkTYEWr7cq6sRPYnntFve2w9i+HJX5gM82jY8ulfUqD3utaD
hKgPe2JYQcR4E8mchjk3j16jNzZaJBJfvrF8/bEMGyKN46LNID1E4R5aWFSDK44r
yZzAx1tEhH4/qmBVZmlng9yAK/Ol79kHnIkKIq6wxRI09GkZ2h8YVqwAXewuf8gd
kcXa5nk9gXIBzYaB4hIKMTE3J2q442CDhVYpACJT+qjl+/jlSZA79DDP56CunLGD
sdZatxiZqoY+1bvEWQtcVQekq6/6DqXJIf8UJ2ZPOPWc8jw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:49:48 2025 by rpki-client