Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/_oksDFSuMnMqsIgD2xIpQMBMthw.roa
File: _oksDFSuMnMqsIgD2xIpQMBMthw.roa (raw, json)
Hash identifier: ea23MjnNhyR9HJDD5DM69trVWqfIriV9YcmUWE06hcg=
Subject key identifier: FE:89:2C:0C:54:AE:32:73:2A:B0:88:03:DB:12:29:40:C0:4C:B6:1C
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 019423D6D2DAB2744458485B523F71D5D053
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/_oksDFSuMnMqsIgD2xIpQMBMthw.roa
Signing time: Wed 01 Jan 2025 21:47:48 +0000
ROA not before: Wed 01 Jan 2025 21:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 81.29.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d2:da:b2:74:44:58:48:5b:52:3f:71:d5:d0:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe892c0c54ae32732ab08803db122940c04cb61c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:fc:09:47:39:bf:a1:ba:47:03:34:b9:a3:
c5:bb:b7:f1:5a:c3:22:4a:6e:ae:fa:72:03:7f:93:
0e:39:4c:75:ce:3f:66:9a:be:d4:27:40:23:b0:6c:
2b:e8:c7:d0:dc:78:ef:b5:0a:7f:3c:e7:70:f3:96:
1b:37:c4:91:8a:1c:78:5f:a4:62:f5:e2:01:5f:8a:
1e:50:52:96:f8:2c:93:93:94:53:47:96:85:fd:67:
5a:3d:45:f0:43:a8:ee:6a:6d:bf:51:65:20:ca:fd:
e0:67:b2:40:21:d9:ca:be:5a:6b:6d:5f:2a:74:09:
52:31:1c:77:2c:b4:5d:fc:cf:5d:45:33:90:40:85:
28:f7:32:6b:62:13:09:cd:fe:b1:42:2d:d5:25:7f:
4c:e6:04:dd:f1:b2:93:d9:aa:61:e6:53:98:69:4e:
45:c1:07:62:38:32:79:1b:c6:36:ba:3b:f5:16:1a:
24:72:6d:b8:8c:80:6a:99:92:5e:59:9d:99:e9:02:
5a:f5:25:3b:b3:36:65:14:1e:a1:dc:98:bc:ea:60:
24:e1:d7:3c:13:33:bb:9a:c3:b8:11:0f:9e:0c:93:
b8:22:84:61:f4:2e:ce:ed:a3:84:49:96:19:fb:81:
01:39:83:63:b6:8b:d6:db:2d:fe:87:b0:11:bd:fe:
c4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:89:2C:0C:54:AE:32:73:2A:B0:88:03:DB:12:29:40:C0:4C:B6:1C
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/_oksDFSuMnMqsIgD2xIpQMBMthw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.149.0/24
Signature Algorithm: sha256WithRSAEncryption
31:4d:5e:10:03:94:61:f1:7d:96:e5:35:a6:5b:f4:e7:fe:81:
0e:3d:3c:87:8e:3e:a0:fe:23:f5:b5:3b:90:00:ea:e9:0f:8c:
52:ee:b5:eb:5d:f0:a3:9c:cd:36:a1:c1:f6:ae:85:af:64:00:
ae:c2:4e:a9:1c:3b:2d:61:11:7b:66:ad:52:a6:ba:cd:d1:6e:
ba:c7:d1:a8:45:af:08:34:53:4f:ff:ca:c1:6a:5b:4b:67:2d:
71:b9:e7:5c:25:ce:ed:b6:71:0e:f7:0e:6e:06:ba:2f:9d:36:
4d:62:8e:39:3b:cb:f8:ad:e5:38:97:bb:b4:ce:8c:82:ee:da:
87:07:7d:cd:d5:1e:e7:4c:96:a0:20:95:a2:bb:eb:47:30:d2:
8b:83:2d:30:fb:92:1b:a4:85:ac:7d:2a:25:75:b6:9e:2c:2c:
89:9d:85:02:06:29:92:a8:fa:f9:50:4a:38:7c:69:f2:46:42:
11:86:ed:8e:51:6f:34:be:5d:bb:e8:ee:fa:24:ef:e2:35:19:
74:37:15:8f:aa:59:f5:8e:a7:0e:5d:22:48:55:e4:9e:72:7a:
2c:49:56:07:8f:54:be:e7:31:e4:cb:c6:bc:07:21:c5:f7:33:
37:dd:1a:3c:d7:7b:a7:85:29:20:88:14:90:4c:76:25:13:8d:
03:00:a5:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1tLasnREWEhbUj9x1dBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwMTAxMjE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg5MmMwYzU0YWUzMjczMmFiMDg4MDNkYjEyMjk0MGMwNGNiNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmT8CUc5v6G6RwM0uaPFu7fxWsMi
Sm6u+nIDf5MOOUx1zj9mmr7UJ0AjsGwr6MfQ3HjvtQp/POdw85YbN8SRihx4X6Ri
9eIBX4oeUFKW+CyTk5RTR5aF/WdaPUXwQ6juam2/UWUgyv3gZ7JAIdnKvlprbV8q
dAlSMRx3LLRd/M9dRTOQQIUo9zJrYhMJzf6xQi3VJX9M5gTd8bKT2aph5lOYaU5F
wQdiODJ5G8Y2ujv1Fhokcm24jIBqmZJeWZ2Z6QJa9SU7szZlFB6h3Ji86mAk4dc8
EzO7msO4EQ+eDJO4IoRh9C7O7aOESZYZ+4EBOYNjtovW2y3+h7ARvf7EywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP6JLAxUrjJzKrCIA9sSKUDATLYcMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvX29rc0RGU3VNbk1xc0lnRDJ4SXBRTUJNdGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2VMA0G
CSqGSIb3DQEBCwUAA4IBAQAxTV4QA5Rh8X2W5TWmW/Tn/oEOPTyHjj6g/iP1tTuQ
AOrpD4xS7rXrXfCjnM02ocH2roWvZACuwk6pHDstYRF7Zq1SprrN0W66x9GoRa8I
NFNP/8rBaltLZy1xuedcJc7ttnEO9w5uBrovnTZNYo45O8v4reU4l7u0zoyC7tqH
B33N1R7nTJagIJWiu+tHMNKLgy0w+5IbpIWsfSoldbaeLCyJnYUCBimSqPr5UEo4
fGnyRkIRhu2OUW80vl276O76JO/iNRl0NxWPqln1jqcOXSJIVeSecnosSVYHj1S+
5zHky8a8ByHF9zM33Ro813unhSkgiBSQTHYlE40DAKUE
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:02:11 2025 by rpki-client