Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/OJWeAcVvcm4hJGFsh88mqrOzYg8.roa
File: OJWeAcVvcm4hJGFsh88mqrOzYg8.roa (raw, json)
Hash identifier: gtZdose772aLr0p2IMYrd5tb6JfcX4MYAh+SUZXoXhQ=
Subject key identifier: 38:95:9E:01:C5:6F:72:6E:21:24:61:6C:87:CF:26:AA:B3:B3:62:0F
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD4D07E2564E32488D4B6C98A3177F
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/OJWeAcVvcm4hJGFsh88mqrOzYg8.roa
Signing time: Thu 02 Jan 2025 07:49:04 +0000
ROA not before: Thu 02 Jan 2025 07:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 270
IP address blocks: 194.85.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4d:07:e2:56:4e:32:48:8d:4b:6c:98:a3:17:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38959e01c56f726e2124616c87cf26aab3b3620f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:74:e5:7f:39:77:87:7f:77:89:c6:71:3e:ed:
8c:3b:d6:77:f7:46:13:77:82:26:63:c9:55:52:b8:
73:b9:80:b1:4f:4a:c1:6e:96:a7:e0:46:d5:2f:c4:
3e:56:05:b7:83:3d:52:6f:ba:0c:e9:f0:4e:6c:a5:
dc:50:24:9e:5f:79:de:93:a9:41:35:b3:b4:cb:03:
e7:01:6f:3e:8b:1c:a3:72:d8:f5:06:98:fc:fa:0c:
dc:4f:4a:f8:93:b9:f5:cb:61:52:88:7f:fc:22:93:
47:85:29:96:33:6c:16:3c:cb:c7:c2:4b:34:59:68:
64:da:03:24:a3:5c:2a:cd:c4:84:4e:13:f4:38:1c:
78:6c:1c:fb:fb:86:dd:5f:47:2b:e0:e0:21:67:96:
15:df:65:30:cc:48:c4:df:b0:ce:a4:d6:2c:29:df:
1b:0c:76:25:cc:9b:67:b7:85:fa:28:8c:da:43:cd:
ac:3d:a3:19:f4:d9:3c:91:a3:bf:33:63:f2:e4:d3:
81:24:6b:0f:f8:53:2d:f2:13:56:c1:9a:40:b4:42:
f7:7a:78:ad:65:6b:1b:5e:74:d2:02:01:3a:ed:e8:
19:8a:ab:79:5e:43:6b:d1:b5:11:3a:66:89:88:f0:
ee:45:e8:e1:ef:f1:c3:eb:5d:1c:71:81:af:01:a0:
4e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:95:9E:01:C5:6F:72:6E:21:24:61:6C:87:CF:26:AA:B3:B3:62:0F
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/OJWeAcVvcm4hJGFsh88mqrOzYg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:75:9f:39:b2:49:09:0d:de:1a:df:38:85:74:eb:b0:68:f0:
bf:65:34:15:d5:b2:3f:da:ca:75:71:7e:ed:44:c0:4c:cb:53:
67:e2:d0:b9:95:b0:00:8d:d1:6a:d0:49:a1:94:16:11:2c:db:
4d:52:df:27:d9:43:f1:56:04:ae:7e:6f:51:a0:f5:7a:58:0a:
e8:e6:8e:cf:3e:39:c0:8c:fa:e1:21:c0:bb:54:1b:8f:55:9f:
6c:d6:a1:7f:55:8c:2e:32:83:a9:8f:c9:b9:60:58:b6:42:8c:
df:3b:0e:03:2c:97:f9:0b:af:5a:58:35:02:06:7d:14:33:ba:
7e:bf:64:93:4d:df:f0:31:f2:84:82:56:75:3b:f5:a2:b6:b6:
6e:49:01:e0:0a:8a:dd:6b:59:f6:5d:cb:16:fc:35:f4:21:bc:
b4:1f:95:65:dd:ab:5e:6c:bc:83:76:56:c8:c2:66:dd:57:25:
4f:b0:69:a0:1d:53:5e:f2:9b:c1:51:f2:1c:dc:21:31:47:b1:
70:95:d2:8d:20:18:de:e2:e0:5e:ff:42:91:02:75:0b:c6:e2:
54:7a:83:60:f7:ac:88:f1:cf:17:f3:4e:7a:73:11:e6:bc:42:
13:14:07:b5:d8:84:2a:51:b4:30:31:3f:cf:fc:62:11:a0:8b:
8b:4b:e7:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/U0H4lZOMkiNS2yYoxd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk1OWUwMWM1NmY3MjZlMjEyNDYxNmM4N2NmMjZhYWIzYjM2MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3Tlfzl3h393icZxPu2MO9Z390YT
d4ImY8lVUrhzuYCxT0rBbpan4EbVL8Q+VgW3gz1Sb7oM6fBObKXcUCSeX3nek6lB
NbO0ywPnAW8+ixyjctj1Bpj8+gzcT0r4k7n1y2FSiH/8IpNHhSmWM2wWPMvHwks0
WWhk2gMko1wqzcSEThP0OBx4bBz7+4bdX0cr4OAhZ5YV32UwzEjE37DOpNYsKd8b
DHYlzJtnt4X6KIzaQ82sPaMZ9Nk8kaO/M2Py5NOBJGsP+FMt8hNWwZpAtEL3enit
ZWsbXnTSAgE67egZiqt5XkNr0bUROmaJiPDuRejh7/HD610ccYGvAaBO0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDiVngHFb3JuISRhbIfPJqqzs2IPMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvT0pXZUFjVnZjbTRoSkdGc2g4OG1xck96WWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlUXMA0G
CSqGSIb3DQEBCwUAA4IBAQCOdZ85skkJDd4a3ziFdOuwaPC/ZTQV1bI/2sp1cX7t
RMBMy1Nn4tC5lbAAjdFq0EmhlBYRLNtNUt8n2UPxVgSufm9RoPV6WAro5o7PPjnA
jPrhIcC7VBuPVZ9s1qF/VYwuMoOpj8m5YFi2QozfOw4DLJf5C69aWDUCBn0UM7p+
v2STTd/wMfKEglZ1O/WitrZuSQHgCorda1n2XcsW/DX0Iby0H5Vl3atebLyDdlbI
wmbdVyVPsGmgHVNe8pvBUfIc3CExR7FwldKNIBje4uBe/0KRAnULxuJUeoNg96yI
8c8X8056cxHmvEITFAe12IQqUbQwMT/P/GIRoIuLS+es
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:51:38 2025 by rpki-client