Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/566ccf-04ee-4823-a7fc-3e6a14de2c47/1/oimw25gLGrg8VoA88DA5Qz6cbTs.roa
File: oimw25gLGrg8VoA88DA5Qz6cbTs.roa (raw, json)
Hash identifier: pg4JhqGSyuBLyWQkEY6EPIiPycbtpRjAMWZIyZYwiWM=
Subject key identifier: A2:29:B0:DB:98:0B:1A:B8:3C:56:80:3C:F0:30:39:43:3E:9C:6D:3B
Certificate issuer: /CN=b8943754e92345a8bbab3db2bc36d618e5ecc0e8
Certificate serial: 0194206801B73FA7BBDFE1FCDBD49F8CBB07
Authority key identifier: B8:94:37:54:E9:23:45:A8:BB:AB:3D:B2:BC:36:D6:18:E5:EC:C0:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uJQ3VOkjRai7qz2yvDbWGOXswOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/566ccf-04ee-4823-a7fc-3e6a14de2c47/1/oimw25gLGrg8VoA88DA5Qz6cbTs.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12843
IP address blocks: 194.156.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:01:b7:3f:a7:bb:df:e1:fc:db:d4:9f:8c:bb:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8943754e92345a8bbab3db2bc36d618e5ecc0e8
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a229b0db980b1ab83c56803cf03039433e9c6d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:f6:08:d1:b8:b2:66:43:0c:85:55:2a:7e:
b5:0a:46:22:44:bb:36:8b:4c:0f:ab:0f:59:38:c6:
51:73:e8:70:67:72:f2:2b:d9:0f:aa:50:2c:db:e0:
19:c0:16:0e:ee:33:e8:12:0d:a1:8b:b5:28:13:2b:
cd:4b:0d:16:6c:f1:c5:8b:54:82:e0:a7:89:3d:2f:
39:7d:63:81:c4:4d:4f:35:48:1b:b8:dc:24:87:53:
5f:3a:3e:99:f7:56:1c:d5:13:3a:b4:ba:e9:17:37:
ca:aa:3b:8c:5a:e6:1f:86:c1:34:df:fc:05:7c:fd:
10:35:b5:bc:e4:3f:44:28:07:78:88:88:32:08:e9:
02:ec:08:3a:dd:78:b5:85:fe:a2:38:fa:de:90:fc:
6d:ec:7c:7e:32:7f:25:c3:dd:a0:71:58:fd:06:e7:
70:ff:71:6a:e1:cb:43:83:39:cf:6c:67:f8:27:ff:
ef:6b:f2:c7:df:8a:67:f7:ae:1c:1d:1f:75:ec:d1:
90:be:71:41:12:92:7c:aa:3e:93:1c:7d:33:72:ae:
b8:da:2f:29:ae:f4:2f:46:6b:cf:9b:3f:68:08:43:
0a:00:65:73:1b:b7:d7:48:c6:ce:90:6d:7f:3b:1a:
a3:c1:a9:1d:32:00:2c:ad:22:7f:ba:f1:fe:3d:66:
e3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:29:B0:DB:98:0B:1A:B8:3C:56:80:3C:F0:30:39:43:3E:9C:6D:3B
X509v3 Authority Key Identifier:
keyid:B8:94:37:54:E9:23:45:A8:BB:AB:3D:B2:BC:36:D6:18:E5:EC:C0:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uJQ3VOkjRai7qz2yvDbWGOXswOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/566ccf-04ee-4823-a7fc-3e6a14de2c47/1/oimw25gLGrg8VoA88DA5Qz6cbTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/566ccf-04ee-4823-a7fc-3e6a14de2c47/1/uJQ3VOkjRai7qz2yvDbWGOXswOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.234.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f2:d4:bc:b0:2c:6b:22:67:33:e6:12:49:3c:d9:62:53:1c:
38:37:0b:b0:bd:fc:e7:00:fa:2e:3f:cb:bb:bd:f0:cd:b2:88:
97:dc:bd:15:8e:06:d6:49:93:9f:95:e0:04:d3:0c:e0:cf:b8:
d0:e7:0b:56:dd:a1:be:1d:02:9f:f0:d9:cb:28:34:35:e2:73:
f3:1f:c7:93:c1:af:2f:a0:6e:fe:5d:28:c0:d1:6b:e1:05:6a:
31:11:cb:86:e5:c7:06:37:57:fc:41:19:04:98:5f:61:1a:d4:
ac:8d:c4:b1:76:db:65:91:07:ce:13:cc:b7:4a:d6:03:9c:aa:
dc:be:c0:ff:fc:5f:61:dc:8e:9f:76:83:64:18:7e:a1:d1:60:
6b:38:6b:0b:85:6b:8b:1a:42:35:86:a0:fe:f0:c8:f2:09:2b:
e5:ce:3e:f6:47:0d:59:90:e4:4a:0a:0f:4c:9b:a3:e3:92:b4:
7a:47:0f:73:92:e2:03:5b:dc:92:ea:7d:6d:2f:e8:5f:28:a2:
94:2d:05:81:42:8b:3e:97:3e:d5:4b:c0:99:ab:41:ee:ab:f3:
f7:3d:3a:f6:a3:38:3f:0a:c0:37:c6:c0:51:6f:e1:9c:7b:15:
66:61:2d:cd:02:c9:c3:b3:45:03:31:71:1b:3d:41:85:6f:46:
25:92:e3:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaAG3P6e73+H829SfjLsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4OTQzNzU0ZTkyMzQ1YThiYmFiM2RiMmJjMzZkNjE4ZTVl
Y2MwZTgwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjI5YjBkYjk4MGIxYWI4M2M1NjgwM2NmMDMwMzk0MzNlOWM2ZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFv2CNG4smZDDIVVKn61CkYiRLs2
i0wPqw9ZOMZRc+hwZ3LyK9kPqlAs2+AZwBYO7jPoEg2hi7UoEyvNSw0WbPHFi1SC
4KeJPS85fWOBxE1PNUgbuNwkh1NfOj6Z91Yc1RM6tLrpFzfKqjuMWuYfhsE03/wF
fP0QNbW85D9EKAd4iIgyCOkC7Ag63Xi1hf6iOPrekPxt7Hx+Mn8lw92gcVj9Budw
/3Fq4ctDgznPbGf4J//va/LH34pn964cHR917NGQvnFBEpJ8qj6THH0zcq642i8p
rvQvRmvPmz9oCEMKAGVzG7fXSMbOkG1/OxqjwakdMgAsrSJ/uvH+PWbjlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIpsNuYCxq4PFaAPPAwOUM+nG07MB8GA1UdIwQY
MBaAFLiUN1TpI0Wou6s9srw21hjl7MDoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUpRM1ZPa2pSYWk3cXoyeXZEYldHT1hzd09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi81NjZjY2YtMDRlZS00ODIzLWE3ZmMt
M2U2YTE0ZGUyYzQ3LzEvb2ltdzI1Z0xHcmc4Vm9BODhEQTVRejZjYlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi81NjZjY2YtMDRlZS00ODIzLWE3ZmMtM2U2YTE0ZGUyYzQ3
LzEvdUpRM1ZPa2pSYWk3cXoyeXZEYldHT1hzd09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpzqMA0G
CSqGSIb3DQEBCwUAA4IBAQBe8tS8sCxrImcz5hJJPNliUxw4NwuwvfznAPouP8u7
vfDNsoiX3L0VjgbWSZOfleAE0wzgz7jQ5wtW3aG+HQKf8NnLKDQ14nPzH8eTwa8v
oG7+XSjA0WvhBWoxEcuG5ccGN1f8QRkEmF9hGtSsjcSxdttlkQfOE8y3StYDnKrc
vsD//F9h3I6fdoNkGH6h0WBrOGsLhWuLGkI1hqD+8MjyCSvlzj72Rw1ZkORKCg9M
m6PjkrR6Rw9zkuIDW9yS6n1tL+hfKKKULQWBQos+lz7VS8CZq0Huq/P3PTr2ozg/
CsA3xsBRb+GcexVmYS3NAsnDs0UDMXEbPUGFb0YlkuNB
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:08:15 2025 by rpki-client