Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/O7JK_R6ip6iR244uyf3DBgROHco.roa
File: O7JK_R6ip6iR244uyf3DBgROHco.roa (raw, json)
Hash identifier: GKH7o0xxF7nZfmB+4s7mUapBQQrsXrRHoDwbM7Hh8hA=
Subject key identifier: 3B:B2:4A:FD:1E:A2:A7:A8:91:DB:8E:2E:C9:FD:C3:06:04:4E:1D:CA
Certificate issuer: /CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1
Certificate serial: 019422FC3EA40C80BC86C08B0A4E01D1C025
Authority key identifier: C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/O7JK_R6ip6iR244uyf3DBgROHco.roa
Signing time: Wed 01 Jan 2025 17:49:03 +0000
ROA not before: Wed 01 Jan 2025 17:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41599
IP address blocks: 195.3.252.0/22 maxlen: 24
2001:67c:380::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3e:a4:0c:80:bc:86:c0:8b:0a:4e:01:d1:c0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4a31628565820b3a5a3e1cfc87773e283fb95c1
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bb24afd1ea2a7a891db8e2ec9fdc306044e1dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ef:17:2a:3e:a0:3e:af:b2:62:43:85:b8:a5:
7d:c0:f0:7b:e6:18:9c:04:9d:9c:d5:c4:9e:fe:34:
1c:80:8c:4f:e8:76:ce:d1:a0:e0:a6:7a:17:a1:f6:
eb:53:23:25:0a:08:45:44:2b:fc:ce:bd:59:49:86:
1a:6a:a5:3b:55:4e:57:8d:e2:fa:86:7f:18:35:03:
e0:60:f1:9d:7c:43:4d:72:c8:f5:76:32:d5:0e:b4:
c5:c6:fb:1a:bf:ee:89:11:d2:6e:59:7b:1c:58:8a:
c5:fa:40:e5:c7:6b:c1:c0:0a:a7:86:f1:28:9b:4a:
2c:ad:fc:b7:44:6c:c4:05:a8:ff:e3:38:b7:6b:50:
53:a5:76:8c:30:2c:88:c0:06:5e:b4:b9:7d:96:65:
d6:a4:96:84:88:4c:8d:9a:5f:b2:30:81:22:17:e8:
9b:46:0d:2a:66:81:7d:4d:fb:c9:8a:bc:73:22:79:
85:1e:71:9b:d6:d4:02:d5:09:fb:d7:bc:3c:ff:ca:
6f:58:4d:83:5d:98:84:ec:97:85:c4:86:85:fa:3e:
b4:8c:a7:78:93:2b:81:24:e5:23:65:77:d2:2e:48:
37:b7:76:de:df:ed:74:7e:ec:c1:dc:31:63:28:60:
fb:7e:2c:35:93:28:af:f1:b8:82:98:82:1b:20:10:
4c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B2:4A:FD:1E:A2:A7:A8:91:DB:8E:2E:C9:FD:C3:06:04:4E:1D:CA
X509v3 Authority Key Identifier:
keyid:C4:A3:16:28:56:58:20:B3:A5:A3:E1:CF:C8:77:73:E2:83:FB:95:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xKMWKFZYILOlo-HPyHdz4oP7lcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/O7JK_R6ip6iR244uyf3DBgROHco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7a80aa-000a-4714-a2fa-fb307badec4d/1/xKMWKFZYILOlo-HPyHdz4oP7lcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.3.252.0/22
IPv6:
2001:67c:380::/48
Signature Algorithm: sha256WithRSAEncryption
31:01:f9:be:04:26:85:5d:b3:b5:2a:7a:8d:9b:a2:a6:1a:a2:
39:f2:38:c0:dd:bf:87:3b:7b:a4:70:75:f1:78:bf:7e:e0:2e:
1d:50:35:0d:f5:86:c9:31:4d:b4:99:6c:9c:48:e3:fa:fa:53:
64:da:39:d6:4d:9a:68:ad:8b:2c:71:a4:d8:7d:67:b3:a1:9e:
a6:61:b0:34:2d:10:af:ff:4e:79:32:0d:e4:6c:02:4a:fd:9c:
ab:48:c1:67:ca:79:7e:3a:27:a1:ff:66:a8:bb:d4:88:97:78:
32:16:ba:e8:47:e8:df:10:bd:15:1e:b4:0b:8f:cf:82:bb:b2:
5f:c7:61:bc:94:83:9d:36:b2:e8:a4:3d:b4:7a:a8:5b:74:0b:
f4:c7:5a:45:a5:a0:88:32:38:ec:6f:ae:de:e0:c7:3f:45:76:
2b:a8:2e:a5:b9:fd:14:80:8f:c8:8f:5f:dc:4b:57:f9:c0:a9:
c0:b8:ed:f1:da:c2:0f:c1:e2:8a:7d:b2:3a:fd:24:44:82:7b:
80:13:8a:29:cf:34:6b:81:9f:73:cf:4d:44:7b:48:31:d0:f8:
d8:1e:ec:e6:29:d1:2e:9a:81:1e:65:91:05:80:5c:e7:9d:af:
e9:a4:d9:66:9a:7a:0a:f7:21:3f:ad:5f:49:13:9a:e7:a2:be:
8d:85:16:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi/D6kDIC8hsCLCk4B0cAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YTMxNjI4NTY1ODIwYjNhNWEzZTFjZmM4Nzc3M2UyODNm
Yjk1YzEwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmIyNGFmZDFlYTJhN2E4OTFkYjhlMmVjOWZkYzMwNjA0NGUxZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2O8XKj6gPq+yYkOFuKV9wPB75hic
BJ2c1cSe/jQcgIxP6HbO0aDgpnoXofbrUyMlCghFRCv8zr1ZSYYaaqU7VU5XjeL6
hn8YNQPgYPGdfENNcsj1djLVDrTFxvsav+6JEdJuWXscWIrF+kDlx2vBwAqnhvEo
m0osrfy3RGzEBaj/4zi3a1BTpXaMMCyIwAZetLl9lmXWpJaEiEyNml+yMIEiF+ib
Rg0qZoF9TfvJirxzInmFHnGb1tQC1Qn717w8/8pvWE2DXZiE7JeFxIaF+j60jKd4
kyuBJOUjZXfSLkg3t3be3+10fuzB3DFjKGD7fiw1kyiv8biCmIIbIBBMgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDuySv0eoqeokduOLsn9wwYETh3KMB8GA1UdIwQY
MBaAFMSjFihWWCCzpaPhz8h3c+KD+5XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEt
ZmIzMDdiYWRlYzRkLzEvTzdKS19SNmlwNmlSMjQ0dXlmM0RCZ1JPSGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83YTgwYWEtMDAwYS00NzE0LWEyZmEtZmIzMDdiYWRlYzRk
LzEveEtNV0tGWllJTE9sby1IUHlIZHo0b1A3bGNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwwP8MA8E
AgACMAkDBwAgAQZ8A4AwDQYJKoZIhvcNAQELBQADggEBADEB+b4EJoVds7Uqeo2b
oqYaojnyOMDdv4c7e6RwdfF4v37gLh1QNQ31hskxTbSZbJxI4/r6U2TaOdZNmmit
iyxxpNh9Z7OhnqZhsDQtEK//TnkyDeRsAkr9nKtIwWfKeX46J6H/Zqi71IiXeDIW
uuhH6N8QvRUetAuPz4K7sl/HYbyUg502suikPbR6qFt0C/THWkWloIgyOOxvrt7g
xz9FdiuoLqW5/RSAj8iPX9xLV/nAqcC47fHawg/B4op9sjr9JESCe4ATiinPNGuB
n3PPTUR7SDHQ+Nge7OYp0S6agR5lkQWAXOedr+mk2Waaegr3IT+tX0kTmueivo2F
Fko=
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:07:06 2025 by rpki-client