Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/b3b3f2-1fb5-48f3-b8b5-1e8ebb09bcac/1/O2-onUAfbByR0sYb2nCOrZQ45Gs.roa
File: O2-onUAfbByR0sYb2nCOrZQ45Gs.roa (raw, json)
Hash identifier: tPc6Ad1Ny4D/sN1oaRZkbIJh1m2/F4T7t+a+Oqq9PUk=
Subject key identifier: 3B:6F:A8:9D:40:1F:6C:1C:91:D2:C6:1B:DA:70:8E:AD:94:38:E4:6B
Certificate issuer: /CN=f28ed739b3233d24de16653c4acc6ffccb0883f5
Certificate serial: 01856D9D4FB5C4AB55F653FC9396B0CF6F83
Authority key identifier: F2:8E:D7:39:B3:23:3D:24:DE:16:65:3C:4A:CC:6F:FC:CB:08:83:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8o7XObMjPSTeFmU8Ssxv_MsIg_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/b3b3f2-1fb5-48f3-b8b5-1e8ebb09bcac/1/O2-onUAfbByR0sYb2nCOrZQ45Gs.roa
Signing time: Sun 01 Jan 2023 13:55:04 +0000
ROA not before: Sun 01 Jan 2023 13:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211439
IP address blocks: 193.3.176.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:4f:b5:c4:ab:55:f6:53:fc:93:96:b0:cf:6f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f28ed739b3233d24de16653c4acc6ffccb0883f5
Validity
Not Before: Jan 1 13:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b6fa89d401f6c1c91d2c61bda708ead9438e46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:82:55:f1:4c:b3:76:e3:b4:c0:26:88:a0:a2:
21:2a:4b:c9:10:1c:9c:f0:9f:84:8b:a9:5c:40:94:
49:48:fa:02:e1:b9:d9:9f:86:e5:fa:b5:43:29:e8:
4a:6c:75:d7:35:33:51:90:19:92:32:d6:89:62:ed:
08:7e:81:4a:c8:98:dd:8d:c3:ed:62:2a:ee:94:7a:
b3:3d:9c:4f:19:a9:c8:1d:4c:fc:0f:e6:d3:dd:ea:
84:21:a2:03:cc:de:8f:34:47:eb:be:60:8d:d6:8a:
75:54:45:49:52:2a:fc:8c:b8:3b:79:b0:5c:5d:86:
5b:b4:06:40:46:2f:ef:7b:88:15:a4:aa:c4:71:6b:
d8:c1:6b:4f:ef:18:24:4b:d3:48:1b:f3:0f:75:df:
01:59:25:26:47:57:a9:c8:35:5b:7b:46:38:06:03:
2c:39:83:6b:66:c4:bd:81:ad:68:c4:ff:b3:2a:5a:
03:f1:63:1a:a3:85:24:b8:01:4b:2a:cf:72:45:ca:
25:2a:0a:83:2e:f2:19:d7:b9:ff:b4:f4:ba:a3:aa:
8d:c6:4f:e9:8f:5c:cb:1d:7a:6c:00:71:8f:65:67:
33:d7:dd:e6:c3:f0:6f:16:8a:e1:25:71:a1:88:e4:
dd:c2:54:30:9c:e6:b0:31:46:92:61:14:f7:90:a2:
41:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6F:A8:9D:40:1F:6C:1C:91:D2:C6:1B:DA:70:8E:AD:94:38:E4:6B
X509v3 Authority Key Identifier:
keyid:F2:8E:D7:39:B3:23:3D:24:DE:16:65:3C:4A:CC:6F:FC:CB:08:83:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8o7XObMjPSTeFmU8Ssxv_MsIg_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/b3b3f2-1fb5-48f3-b8b5-1e8ebb09bcac/1/O2-onUAfbByR0sYb2nCOrZQ45Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/b3b3f2-1fb5-48f3-b8b5-1e8ebb09bcac/1/8o7XObMjPSTeFmU8Ssxv_MsIg_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.176.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:4a:73:5b:84:4b:a8:42:43:09:aa:43:c3:84:01:26:02:0e:
1e:90:cc:e1:d3:83:0c:ef:44:e4:cc:c8:56:a3:5e:96:ff:0b:
12:7d:f2:32:87:02:b1:ca:e5:84:21:a7:e8:2a:a9:d7:fd:03:
1f:36:ad:cf:65:50:97:b9:0f:88:4f:11:d5:39:b6:90:32:cb:
b8:40:20:36:8f:bc:44:27:ff:cd:b3:4b:40:4c:6b:a6:2f:e8:
bd:ed:25:af:b1:49:72:a2:06:b1:4e:bd:fe:3f:ee:0c:16:92:
3a:58:74:51:26:d2:c1:08:f6:3a:96:08:24:b3:eb:a9:c8:98:
94:09:ce:47:48:26:77:2d:01:22:c6:d7:f9:27:53:e6:41:1e:
6a:83:7e:29:97:20:7c:c6:06:b7:6c:cd:85:e7:6c:b7:63:b5:
e9:05:20:38:43:4d:1c:76:d2:74:e5:5b:d2:22:2d:8e:14:7c:
3b:62:25:fd:51:9e:15:bc:af:78:ef:da:21:a1:bc:57:94:54:
0d:48:a7:e5:5a:05:3f:8f:72:9b:eb:23:dd:b4:76:ab:d7:55:
95:b4:fc:d1:46:33:df:d1:ff:17:8d:49:f0:42:fc:0c:7e:ae:
f3:98:ae:93:ab:36:f0:66:30:33:49:00:fe:5f:7e:cc:96:69:
72:f1:f2:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnU+1xKtV9lP8k5awz2+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOGVkNzM5YjMyMzNkMjRkZTE2NjUzYzRhY2M2ZmZjY2Iw
ODgzZjUwHhcNMjMwMTAxMTM1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjZmYTg5ZDQwMWY2YzFjOTFkMmM2MWJkYTcwOGVhZDk0MzhlNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooJV8UyzduO0wCaIoKIhKkvJEByc
8J+Ei6lcQJRJSPoC4bnZn4bl+rVDKehKbHXXNTNRkBmSMtaJYu0IfoFKyJjdjcPt
YirulHqzPZxPGanIHUz8D+bT3eqEIaIDzN6PNEfrvmCN1op1VEVJUir8jLg7ebBc
XYZbtAZARi/ve4gVpKrEcWvYwWtP7xgkS9NIG/MPdd8BWSUmR1epyDVbe0Y4BgMs
OYNrZsS9ga1oxP+zKloD8WMao4UkuAFLKs9yRcolKgqDLvIZ17n/tPS6o6qNxk/p
j1zLHXpsAHGPZWcz193mw/BvForhJXGhiOTdwlQwnOawMUaSYRT3kKJBMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtvqJ1AH2wckdLGG9pwjq2UOORrMB8GA1UdIwQY
MBaAFPKO1zmzIz0k3hZlPErMb/zLCIP1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG83WE9iTWpQU1RlRm1VOFNzeHZfTXNJZ19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9iM2IzZjItMWZiNS00OGYzLWI4YjUt
MWU4ZWJiMDliY2FjLzEvTzItb25VQWZiQnlSMHNZYjJuQ09yWlE0NUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9iM2IzZjItMWZiNS00OGYzLWI4YjUtMWU4ZWJiMDliY2Fj
LzEvOG83WE9iTWpQU1RlRm1VOFNzeHZfTXNJZ19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQOwMA0G
CSqGSIb3DQEBCwUAA4IBAQAcSnNbhEuoQkMJqkPDhAEmAg4ekMzh04MM70TkzMhW
o16W/wsSffIyhwKxyuWEIafoKqnX/QMfNq3PZVCXuQ+ITxHVObaQMsu4QCA2j7xE
J//Ns0tATGumL+i97SWvsUlyogaxTr3+P+4MFpI6WHRRJtLBCPY6lggks+upyJiU
Cc5HSCZ3LQEixtf5J1PmQR5qg34plyB8xga3bM2F52y3Y7XpBSA4Q00cdtJ05VvS
Ii2OFHw7YiX9UZ4VvK9479ohobxXlFQNSKflWgU/j3Kb6yPdtHar11WVtPzRRjPf
0f8XjUnwQvwMfq7zmK6TqzbwZjAzSQD+X37Mlmly8fKa
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:08:59 2025 by rpki-client