Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/OvZQb1hcjOkIMnQrBwzGm-WLCpQ.roa
File: OvZQb1hcjOkIMnQrBwzGm-WLCpQ.roa (raw, json)
Hash identifier: AP7pBk7gh//un0koiUryrNu346ceJkk+whaQUXPWQDs=
Subject key identifier: 3A:F6:50:6F:58:5C:8C:E9:08:32:74:2B:07:0C:C6:9B:E5:8B:0A:94
Certificate issuer: /CN=9447ad84b84baec47d5621e2f75623f3eaf13960
Certificate serial: 019585BCA02AF97FF7ADAFAD2CDD70BC31DA
Authority key identifier: 94:47:AD:84:B8:4B:AE:C4:7D:56:21:E2:F7:56:23:F3:EA:F1:39:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lEethLhLrsR9ViHi91Yj8-rxOWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/OvZQb1hcjOkIMnQrBwzGm-WLCpQ.roa
Signing time: Tue 11 Mar 2025 15:04:46 +0000
ROA not before: Tue 11 Mar 2025 15:04:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 79.170.98.0/24 maxlen: 24
2a14:d300:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:85:bc:a0:2a:f9:7f:f7:ad:af:ad:2c:dd:70:bc:31:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9447ad84b84baec47d5621e2f75623f3eaf13960
Validity
Not Before: Mar 11 15:04:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3af6506f585c8ce90832742b070cc69be58b0a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8b:d0:0b:56:5c:01:b8:2c:65:fa:04:9f:d6:
7f:72:56:7b:68:20:da:54:b0:5d:d3:a3:23:8e:a6:
54:fd:85:57:b3:1d:ea:39:28:3e:79:b7:cc:b5:9e:
c4:be:66:69:5a:22:58:f0:04:ba:9f:b5:5e:54:ff:
82:8f:93:b2:4d:5e:02:cb:42:cb:75:43:8b:cc:55:
e5:cc:b7:2d:55:e6:c0:cc:90:1b:aa:b6:e4:b9:02:
7b:d8:c8:52:17:f2:f7:47:34:78:95:36:b9:29:e1:
38:8f:e3:f8:63:ff:6c:15:e2:e0:a7:0d:89:d5:30:
b8:21:7a:47:00:a4:92:f7:a9:e2:f8:2d:96:42:6c:
96:f0:61:71:88:e0:8f:a1:4b:58:ee:58:36:79:0a:
33:6d:b2:80:93:2e:2b:e4:d3:b0:e5:9d:85:e2:b9:
1b:9c:86:32:d6:38:7b:3f:56:9f:8c:5d:32:7f:0a:
f5:92:c3:58:b8:bb:b2:cb:8a:33:91:d3:20:24:a5:
f6:3b:4f:cf:96:e3:d1:c2:d5:42:b9:a0:ea:60:ee:
7c:de:28:3b:40:8b:35:f5:6a:8a:2b:68:60:6e:ac:
6b:b7:9a:48:36:e4:f4:ff:5a:c8:95:90:b0:a2:cf:
21:87:58:b3:0b:21:82:c6:be:d4:e5:58:54:da:f7:
4f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F6:50:6F:58:5C:8C:E9:08:32:74:2B:07:0C:C6:9B:E5:8B:0A:94
X509v3 Authority Key Identifier:
keyid:94:47:AD:84:B8:4B:AE:C4:7D:56:21:E2:F7:56:23:F3:EA:F1:39:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lEethLhLrsR9ViHi91Yj8-rxOWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/OvZQb1hcjOkIMnQrBwzGm-WLCpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/lEethLhLrsR9ViHi91Yj8-rxOWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.98.0/24
IPv6:
2a14:d300:3::/48
Signature Algorithm: sha256WithRSAEncryption
20:e9:51:ea:5f:a2:31:80:cd:aa:51:76:b1:6a:0a:24:3d:78:
f1:be:5e:11:2e:51:54:4e:d4:e7:51:0d:9e:82:1a:e1:1d:fd:
a0:76:35:cc:11:1e:fb:66:44:02:38:b6:96:62:1c:65:7e:40:
8f:21:14:27:94:88:28:1c:eb:6d:d9:6d:c5:ac:ba:2d:29:c6:
c9:f5:a4:a0:f6:df:7f:9e:da:3f:b8:a2:cc:61:3b:93:99:65:
9a:e5:91:38:21:0c:c7:37:3d:06:f7:e9:0a:55:4a:5d:72:2f:
84:5f:5a:e1:b5:ad:5d:61:4f:80:cb:c0:89:d6:c5:3b:66:bd:
85:1a:ec:be:1e:0f:2b:2f:6d:18:7c:95:5a:7d:d1:43:3c:b2:
6f:f7:74:41:5b:37:d1:68:3b:86:88:78:d2:a6:7d:cf:b2:8f:
1f:ba:0f:3b:35:d4:cb:c1:a7:dc:50:d4:38:5b:09:d1:f8:58:
9f:4f:52:42:52:0b:0c:6a:a6:4e:d4:57:81:94:0a:16:a6:ae:
89:e6:b7:37:d8:35:8b:1f:c3:18:45:e2:26:5a:3d:33:87:d4:
85:4d:da:22:de:b3:68:98:44:65:e6:fc:3e:8d:8a:f3:3d:87:
1c:5d:70:89:41:78:cf:8f:03:5b:c7:93:e9:69:df:67:1e:62:
80:b5:43:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZWFvKAq+X/3ra+tLN1wvDHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NDdhZDg0Yjg0YmFlYzQ3ZDU2MjFlMmY3NTYyM2YzZWFm
MTM5NjAwHhcNMjUwMzExMTUwNDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY2NTA2ZjU4NWM4Y2U5MDgzMjc0MmIwNzBjYzY5YmU1OGIwYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuovQC1ZcAbgsZfoEn9Z/clZ7aCDa
VLBd06MjjqZU/YVXsx3qOSg+ebfMtZ7EvmZpWiJY8AS6n7VeVP+Cj5OyTV4Cy0LL
dUOLzFXlzLctVebAzJAbqrbkuQJ72MhSF/L3RzR4lTa5KeE4j+P4Y/9sFeLgpw2J
1TC4IXpHAKSS96ni+C2WQmyW8GFxiOCPoUtY7lg2eQozbbKAky4r5NOw5Z2F4rkb
nIYy1jh7P1afjF0yfwr1ksNYuLuyy4ozkdMgJKX2O0/PluPRwtVCuaDqYO583ig7
QIs19WqKK2hgbqxrt5pINuT0/1rIlZCwos8hh1izCyGCxr7U5VhU2vdP2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDr2UG9YXIzpCDJ0KwcMxpvliwqUMB8GA1UdIwQY
MBaAFJRHrYS4S67EfVYh4vdWI/Pq8TlgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEVldGhMaExyc1I5VmlIaTkxWWo4LXJ4T1dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yMzhjNTYtYzI1ZS00ZmQ2LWI5MTYt
NWIzMThjMzQ5OWZiLzEvT3ZaUWIxaGNqT2tJTW5RckJ3ekdtLVdMQ3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yMzhjNTYtYzI1ZS00ZmQ2LWI5MTYtNWIzMThjMzQ5OWZi
LzEvbEVldGhMaExyc1I5VmlIaTkxWWo4LXJ4T1dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAT6piMA8E
AgACMAkDBwAqFNMAAAMwDQYJKoZIhvcNAQELBQADggEBACDpUepfojGAzapRdrFq
CiQ9ePG+XhEuUVRO1OdRDZ6CGuEd/aB2NcwRHvtmRAI4tpZiHGV+QI8hFCeUiCgc
623ZbcWsui0pxsn1pKD233+e2j+4osxhO5OZZZrlkTghDMc3PQb36QpVSl1yL4Rf
WuG1rV1hT4DLwInWxTtmvYUa7L4eDysvbRh8lVp90UM8sm/3dEFbN9FoO4aIeNKm
fc+yjx+6Dzs11MvBp9xQ1DhbCdH4WJ9PUkJSCwxqpk7UV4GUChamronmtzfYNYsf
wxhF4iZaPTOH1IVN2iLes2iYRGXm/D6NivM9hxxdcIlBeM+PA1vHk+lp32ceYoC1
Q58=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:37:49 2025 by rpki-client