Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/2ab2ad-3bda-4b86-bab4-d634d7e5525b/1/Dr-ojRESSE7RVV8YeY-sxssOmxo.roa
File: Dr-ojRESSE7RVV8YeY-sxssOmxo.roa (raw, json)
Hash identifier: Bdw3DTPm2kcIDV6m0eypiKeDwAw8zqq9zThN4ay8a4w=
Subject key identifier: 0E:BF:A8:8D:11:12:48:4E:D1:55:5F:18:79:8F:AC:C6:CB:0E:9B:1A
Certificate issuer: /CN=d44bcfaab4f56461337b22b038e75ff649ef3959
Certificate serial: 01856E8B19142482C19C0222FDBF6533BCBF
Authority key identifier: D4:4B:CF:AA:B4:F5:64:61:33:7B:22:B0:38:E7:5F:F6:49:EF:39:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EvPqrT1ZGEzeyKwOOdf9knvOVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/2ab2ad-3bda-4b86-bab4-d634d7e5525b/1/Dr-ojRESSE7RVV8YeY-sxssOmxo.roa
Signing time: Sun 01 Jan 2023 18:14:47 +0000
ROA not before: Sun 01 Jan 2023 18:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 176.97.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:19:14:24:82:c1:9c:02:22:fd:bf:65:33:bc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44bcfaab4f56461337b22b038e75ff649ef3959
Validity
Not Before: Jan 1 18:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ebfa88d1112484ed1555f18798facc6cb0e9b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:aa:dd:55:93:dd:69:7b:88:9f:6a:27:eb:03:
79:a2:12:84:7d:ca:4d:9b:c3:99:f3:af:d0:92:01:
54:cf:ce:26:92:bb:2a:d8:3a:05:42:37:75:4b:b3:
00:f7:c7:aa:f9:17:8e:b3:32:87:1f:b1:33:fa:d4:
a7:ca:1a:f4:b4:31:b0:eb:5e:f9:00:62:3f:44:b0:
60:93:10:74:25:5c:8a:36:1a:8c:e4:2f:25:d4:55:
81:33:ac:c5:94:dc:94:1d:3f:2c:9b:af:e6:a4:30:
40:b0:57:0d:3d:8d:5e:80:34:55:0d:47:0a:01:e8:
41:97:cb:6e:40:2e:38:9a:e6:5c:83:d9:88:2a:7b:
e1:3d:4a:35:59:b0:6c:ad:eb:60:c0:ff:da:aa:1a:
e3:60:8a:cd:b6:cb:47:c4:0d:1e:d7:aa:df:9a:1f:
c4:99:65:af:b7:a7:a5:cb:5d:46:5f:55:01:53:b5:
9c:f6:54:cf:d1:3a:9d:0d:ea:54:30:30:d5:ed:c3:
c2:1a:4d:73:5c:d5:02:17:13:7a:0e:d4:61:5b:44:
22:be:a1:a4:ee:6a:9a:ed:d7:bb:3c:b9:fc:f7:a8:
1f:00:a4:6d:00:35:62:74:be:04:1c:8a:c5:30:6e:
f0:f3:69:bb:9c:6d:ca:95:36:cc:dc:0e:d9:28:01:
cc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BF:A8:8D:11:12:48:4E:D1:55:5F:18:79:8F:AC:C6:CB:0E:9B:1A
X509v3 Authority Key Identifier:
keyid:D4:4B:CF:AA:B4:F5:64:61:33:7B:22:B0:38:E7:5F:F6:49:EF:39:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EvPqrT1ZGEzeyKwOOdf9knvOVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2ab2ad-3bda-4b86-bab4-d634d7e5525b/1/Dr-ojRESSE7RVV8YeY-sxssOmxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/2ab2ad-3bda-4b86-bab4-d634d7e5525b/1/1EvPqrT1ZGEzeyKwOOdf9knvOVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.216.0/24
Signature Algorithm: sha256WithRSAEncryption
91:cc:f5:f7:31:aa:86:5d:ea:f2:0a:91:9a:59:43:af:cf:f6:
a4:fb:03:c0:23:c4:2d:85:c6:26:64:f4:89:76:d0:f6:a3:0a:
94:27:00:50:fd:bc:8f:0a:1f:1b:a7:45:3a:71:b5:19:9d:71:
cd:6e:d6:2a:83:d1:dc:aa:61:66:9f:44:f4:d4:6e:e8:a1:55:
00:0f:79:b8:a0:18:39:27:9e:97:b3:4c:4a:8f:3c:a3:23:c6:
1b:ed:ac:e6:47:72:8a:08:5f:7f:a7:43:da:e5:e8:e9:24:17:
c3:cc:a1:63:a7:c5:63:32:89:9e:5d:be:d8:8a:ac:21:0c:0a:
9d:4d:e4:57:fb:05:d3:f6:8d:74:cb:df:ec:4c:2a:56:c9:06:
81:0a:18:69:38:c4:31:ab:d3:4a:ac:ae:80:73:0b:e6:2f:c6:
6c:38:59:93:65:97:5c:62:7b:d6:66:21:46:80:96:ef:9a:11:
01:12:69:5b:59:cf:1e:f4:df:e5:4d:a6:12:23:b2:c9:23:ba:
19:ba:36:62:9c:74:41:b5:bf:9b:f5:3f:bc:3a:e4:30:40:e0:
77:46:83:b9:13:5f:d2:a2:e8:86:8d:6c:06:37:e5:b3:1e:d9:
78:7b:07:dd:dd:b2:f9:34:b4:bb:a9:7f:ac:0d:9f:32:37:9f:
1f:56:78:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuixkUJILBnAIi/b9lM7y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NGJjZmFhYjRmNTY0NjEzMzdiMjJiMDM4ZTc1ZmY2NDll
ZjM5NTkwHhcNMjMwMTAxMTgxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJmYTg4ZDExMTI0ODRlZDE1NTVmMTg3OThmYWNjNmNiMGU5YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKrdVZPdaXuIn2on6wN5ohKEfcpN
m8OZ86/QkgFUz84mkrsq2DoFQjd1S7MA98eq+ReOszKHH7Ez+tSnyhr0tDGw6175
AGI/RLBgkxB0JVyKNhqM5C8l1FWBM6zFlNyUHT8sm6/mpDBAsFcNPY1egDRVDUcK
AehBl8tuQC44muZcg9mIKnvhPUo1WbBsretgwP/aqhrjYIrNtstHxA0e16rfmh/E
mWWvt6ely11GX1UBU7Wc9lTP0TqdDepUMDDV7cPCGk1zXNUCFxN6DtRhW0QivqGk
7mqa7de7PLn896gfAKRtADVidL4EHIrFMG7w82m7nG3KlTbM3A7ZKAHMTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6/qI0REkhO0VVfGHmPrMbLDpsaMB8GA1UdIwQY
MBaAFNRLz6q09WRhM3sisDjnX/ZJ7zlZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUV2UHFyVDFaR0V6ZXlLd09PZGY5a252T1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yYWIyYWQtM2JkYS00Yjg2LWJhYjQt
ZDYzNGQ3ZTU1MjViLzEvRHItb2pSRVNTRTdSVlY4WWVZLXN4c3NPbXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yYWIyYWQtM2JkYS00Yjg2LWJhYjQtZDYzNGQ3ZTU1MjVi
LzEvMUV2UHFyVDFaR0V6ZXlLd09PZGY5a252T1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHYMA0G
CSqGSIb3DQEBCwUAA4IBAQCRzPX3MaqGXeryCpGaWUOvz/ak+wPAI8QthcYmZPSJ
dtD2owqUJwBQ/byPCh8bp0U6cbUZnXHNbtYqg9HcqmFmn0T01G7ooVUAD3m4oBg5
J56Xs0xKjzyjI8Yb7azmR3KKCF9/p0Pa5ejpJBfDzKFjp8VjMomeXb7YiqwhDAqd
TeRX+wXT9o10y9/sTCpWyQaBChhpOMQxq9NKrK6AcwvmL8ZsOFmTZZdcYnvWZiFG
gJbvmhEBEmlbWc8e9N/lTaYSI7LJI7oZujZinHRBtb+b9T+8OuQwQOB3RoO5E1/S
ouiGjWwGN+WzHtl4ewfd3bL5NLS7qX+sDZ8yN58fVnj2
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:59:46 2025 by rpki-client