Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/OKPYy_nFaECkRn5FZ2tdqc4-Jcw.roa
File: OKPYy_nFaECkRn5FZ2tdqc4-Jcw.roa (raw, json)
Hash identifier: xFJ/FV1JSV6WyCTUS5j6Ypios9hL1VetECLZdy6AuCs=
Subject key identifier: 38:A3:D8:CB:F9:C5:68:40:A4:46:7E:45:67:6B:5D:A9:CE:3E:25:CC
Certificate issuer: /CN=166dcaf076c3ec103117deaa67990c968bcd644d
Certificate serial: 0182D5FAF286AD2F59199BCF8898F0259106
Authority key identifier: 16:6D:CA:F0:76:C3:EC:10:31:17:DE:AA:67:99:0C:96:8B:CD:64:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fm3K8HbD7BAxF96qZ5kMlovNZE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/OKPYy_nFaECkRn5FZ2tdqc4-Jcw.roa
Signing time: Thu 25 Aug 2022 17:09:29 +0000
ROA not before: Thu 25 Aug 2022 17:09:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205361
IP address blocks: 213.109.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:fa:f2:86:ad:2f:59:19:9b:cf:88:98:f0:25:91:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166dcaf076c3ec103117deaa67990c968bcd644d
Validity
Not Before: Aug 25 17:09:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38a3d8cbf9c56840a4467e45676b5da9ce3e25cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7a:10:c1:9b:6e:fb:30:a8:79:b0:ed:03:bd:
e5:c0:f3:a1:98:9c:18:2a:b8:4c:9a:2f:61:ff:bf:
71:ba:47:13:74:1c:7d:dc:cd:cc:5e:ed:34:34:c9:
40:97:50:26:98:f2:93:a7:2c:8c:3f:c3:32:0b:b9:
fd:14:69:e7:6b:07:8a:ac:c6:1e:91:3e:46:b1:5f:
37:f7:b4:3d:1b:cf:3e:1d:ee:a5:44:6a:be:23:2a:
0a:22:e5:3a:e6:3a:e2:7f:b2:1c:5e:64:db:7a:41:
1e:6f:fa:43:65:0d:56:a3:c4:f8:b8:7a:e0:ec:f9:
3c:c1:24:6a:09:f9:f2:f3:72:e7:0c:ac:01:f6:34:
1c:f9:3c:5b:c5:e2:2c:41:34:76:2e:72:23:59:5a:
84:af:bb:eb:d4:82:09:b9:9a:43:4d:81:b9:5e:d6:
3b:7c:98:2a:c5:6f:1a:2e:6e:47:34:e7:06:62:a2:
7f:f0:e9:79:f0:74:83:be:95:4a:de:ec:a3:3c:fe:
18:72:a2:67:a8:f2:5f:3f:aa:bf:16:78:3c:69:4f:
12:93:4c:8f:44:95:13:86:a7:a0:c3:17:48:b9:5e:
f3:53:98:22:b0:2b:76:eb:32:7c:b6:bb:b9:67:37:
c9:41:c4:81:53:29:e5:fc:24:5a:7b:ef:d4:b5:bf:
62:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A3:D8:CB:F9:C5:68:40:A4:46:7E:45:67:6B:5D:A9:CE:3E:25:CC
X509v3 Authority Key Identifier:
keyid:16:6D:CA:F0:76:C3:EC:10:31:17:DE:AA:67:99:0C:96:8B:CD:64:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fm3K8HbD7BAxF96qZ5kMlovNZE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/OKPYy_nFaECkRn5FZ2tdqc4-Jcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/Fm3K8HbD7BAxF96qZ5kMlovNZE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.154.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:29:0a:60:02:c9:af:f3:96:bb:d4:45:2d:d3:55:e4:c1:af:
9a:10:e4:60:ce:cd:2b:9e:ba:ab:84:03:aa:ed:a9:5a:f8:58:
91:c3:0a:41:76:85:01:31:16:78:c6:da:d1:45:07:8d:13:68:
bc:48:ad:10:ad:18:fb:f1:c1:6d:c0:fd:70:38:f9:8d:a7:9b:
58:52:b6:8f:46:12:a1:4e:39:5b:8f:fc:e2:04:26:b8:7d:fe:
15:c1:fb:65:4e:6e:f5:5c:fc:51:e8:f4:ba:dd:3c:77:00:90:
c5:0e:75:5a:b7:12:e0:10:87:61:3a:c9:a0:57:29:f6:fb:79:
b8:ab:36:31:8d:56:b4:c2:f7:ec:ad:fb:ed:ec:36:bb:eb:fc:
74:06:01:03:b4:ec:70:0c:35:2d:34:b1:3f:48:2f:f6:3b:75:
ad:f5:7a:f1:b3:5a:85:dc:4c:7d:65:2e:95:2f:77:c9:ea:24:
31:35:58:0b:ac:ed:a2:8e:ab:8e:7c:10:bc:3a:bb:61:b8:23:
e4:50:45:38:0f:7a:1b:78:e1:23:e5:fe:a1:c9:e1:03:1d:b8:
99:13:30:75:43:9c:17:4d:11:09:e4:7b:47:8f:e4:d7:5f:ff:
b1:b4:3f:6b:3e:bb:d5:85:66:98:f8:36:eb:19:98:df:50:b9:
da:86:f0:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLV+vKGrS9ZGZvPiJjwJZEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmRjYWYwNzZjM2VjMTAzMTE3ZGVhYTY3OTkwYzk2OGJj
ZDY0NGQwHhcNMjIwODI1MTcwOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGEzZDhjYmY5YzU2ODQwYTQ0NjdlNDU2NzZiNWRhOWNlM2UyNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HoQwZtu+zCoebDtA73lwPOhmJwY
KrhMmi9h/79xukcTdBx93M3MXu00NMlAl1AmmPKTpyyMP8MyC7n9FGnnaweKrMYe
kT5GsV8397Q9G88+He6lRGq+IyoKIuU65jrif7IcXmTbekEeb/pDZQ1Wo8T4uHrg
7Pk8wSRqCfny83LnDKwB9jQc+TxbxeIsQTR2LnIjWVqEr7vr1IIJuZpDTYG5XtY7
fJgqxW8aLm5HNOcGYqJ/8Ol58HSDvpVK3uyjPP4YcqJnqPJfP6q/Fng8aU8Sk0yP
RJUThqegwxdIuV7zU5gisCt26zJ8tru5ZzfJQcSBUynl/CRae+/Utb9ixwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDij2Mv5xWhApEZ+RWdrXanOPiXMMB8GA1UdIwQY
MBaAFBZtyvB2w+wQMRfeqmeZDJaLzWRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm0zSzhIYkQ3QkF4Rjk2cVo1a01sb3ZOWkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zYWYxZTYtN2Y2ZC00YWM4LWEwMjIt
ZmFiOWJhYjJmODk0LzEvT0tQWXlfbkZhRUNrUm41RloydGRxYzQtSmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zYWYxZTYtN2Y2ZC00YWM4LWEwMjItZmFiOWJhYjJmODk0
LzEvRm0zSzhIYkQ3QkF4Rjk2cVo1a01sb3ZOWkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W2aMA0G
CSqGSIb3DQEBCwUAA4IBAQDDKQpgAsmv85a71EUt01Xkwa+aEORgzs0rnrqrhAOq
7ala+FiRwwpBdoUBMRZ4xtrRRQeNE2i8SK0QrRj78cFtwP1wOPmNp5tYUraPRhKh
Tjlbj/ziBCa4ff4VwftlTm71XPxR6PS63Tx3AJDFDnVatxLgEIdhOsmgVyn2+3m4
qzYxjVa0wvfsrfvt7Da76/x0BgEDtOxwDDUtNLE/SC/2O3Wt9Xrxs1qF3Ex9ZS6V
L3fJ6iQxNVgLrO2ijquOfBC8OrthuCPkUEU4D3obeOEj5f6hyeEDHbiZEzB1Q5wX
TREJ5HtHj+TXX/+xtD9rPrvVhWaY+DbrGZjfULnahvD1
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:56:15 2025 by rpki-client