Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/o1KbTt_Z7AAR-RaShYs6x64GVEY.roa
File: o1KbTt_Z7AAR-RaShYs6x64GVEY.roa (raw, json)
Hash identifier: UY2EcSzkTQBP5y4RqbiiB7Nh1FvkucEUOU+S8/aHgbM=
Subject key identifier: A3:52:9B:4E:DF:D9:EC:00:11:F9:16:92:85:8B:3A:C7:AE:06:54:46
Certificate issuer: /CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Certificate serial: 018CC2DB31BE29E9D1FE998E5C8A91608BE7
Authority key identifier: 98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/o1KbTt_Z7AAR-RaShYs6x64GVEY.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2852
IP address blocks: 147.251.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:31:be:29:e9:d1:fe:99:8e:5c:8a:91:60:8b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3529b4edfd9ec0011f91692858b3ac7ae065446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cf:b9:63:fc:59:47:47:7a:c2:15:39:4d:5f:
cb:ca:a3:e6:34:3a:ec:38:66:8e:8f:ee:a1:b9:2f:
39:b4:d0:04:0f:b8:72:28:52:f8:6e:6d:56:a9:a2:
27:21:ab:0a:ad:e4:85:47:a9:19:02:e0:5a:fb:3e:
9f:47:17:ad:5a:7a:ab:cb:3e:8c:45:21:6b:0f:51:
37:94:d1:39:8b:a9:8f:72:07:f8:cf:2e:0e:bc:09:
68:68:51:c3:d4:ef:1b:06:3f:9a:ef:70:53:fa:a3:
aa:6d:33:6d:ac:f9:d1:50:f2:68:e7:b6:68:61:62:
be:20:23:80:de:21:b1:e0:6a:7c:b2:6e:c1:2f:11:
ae:09:0c:89:96:07:43:f0:2c:5b:43:85:58:e0:3f:
da:4e:20:05:68:3b:b0:46:3b:60:09:87:da:7d:05:
70:00:0a:45:1b:3b:ce:bf:a7:8b:85:6d:06:95:62:
60:23:e2:7b:3e:e9:96:80:a7:6d:b8:cc:74:0a:c9:
87:80:57:06:97:1a:1d:a9:7f:ff:43:8c:bc:ab:2c:
f3:c6:82:77:60:c9:a7:33:07:48:7f:4b:25:cd:5d:
78:63:d1:4c:61:e2:26:6f:35:3e:7f:ca:72:18:8d:
34:80:ba:bb:12:02:25:d0:19:16:78:80:46:b1:72:
6c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:52:9B:4E:DF:D9:EC:00:11:F9:16:92:85:8B:3A:C7:AE:06:54:46
X509v3 Authority Key Identifier:
keyid:98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/o1KbTt_Z7AAR-RaShYs6x64GVEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/mBGGh_3W_4D7CYqe7vBt43f4XW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.251.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:22:e6:5c:a4:5d:e7:89:73:6f:6b:d5:95:9e:af:e3:60:d7:
77:72:8f:e0:a6:04:b0:cc:fc:3c:83:3e:5e:06:af:37:d0:fe:
0e:3a:83:c8:c9:76:38:cf:e0:23:2c:c6:6e:2b:93:ef:22:25:
09:83:d1:5e:04:21:e0:5f:40:94:c1:91:e9:cb:a1:c1:93:7b:
b2:8f:7b:38:de:1d:54:83:2e:bb:12:f5:90:ce:ee:48:e4:64:
2b:51:af:ca:37:71:16:2c:21:23:b7:45:20:43:21:64:98:57:
ec:6b:a8:18:a0:74:2c:1e:d3:2d:b9:d7:24:18:0f:00:b6:02:
f8:64:5e:e4:fd:a9:f3:18:7d:1e:48:8d:df:eb:de:03:42:f5:
1e:d1:97:97:d2:73:12:24:d4:e1:fc:0f:d1:08:b3:bd:cb:29:
1f:e9:bc:87:0e:b2:28:61:be:77:a5:9d:17:f5:75:a8:e1:29:
3c:79:ef:86:bc:ae:d2:66:bd:a7:56:09:75:ea:c5:b4:31:9a:
0c:8b:78:e8:15:75:be:34:80:d2:4d:fc:09:f4:d8:d8:00:82:
8f:32:55:3c:0b:9e:e6:7a:1d:83:be:6c:35:bb:56:d5:f2:47:
c9:fc:60:dd:b4:f4:8f:cb:d5:2b:33:bc:e1:98:86:f6:28:d7:
6b:14:4e:e6
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzC2zG+KenR/pmOXIqRYIvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTE4Njg3ZmRkNmZmODBmYjA5OGE5ZWVlZjA2ZGUzNzdm
ODVkNmUwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzUyOWI0ZWRmZDllYzAwMTFmOTE2OTI4NThiM2FjN2FlMDY1NDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0M+5Y/xZR0d6whU5TV/LyqPmNDrs
OGaOj+6huS85tNAED7hyKFL4bm1WqaInIasKreSFR6kZAuBa+z6fRxetWnqryz6M
RSFrD1E3lNE5i6mPcgf4zy4OvAloaFHD1O8bBj+a73BT+qOqbTNtrPnRUPJo57Zo
YWK+ICOA3iGx4Gp8sm7BLxGuCQyJlgdD8CxbQ4VY4D/aTiAFaDuwRjtgCYfafQVw
AApFGzvOv6eLhW0GlWJgI+J7PumWgKdtuMx0CsmHgFcGlxodqX//Q4y8qyzzxoJ3
YMmnMwdIf0slzV14Y9FMYeImbzU+f8pyGI00gLq7EgIl0BkWeIBGsXJsxQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKNSm07f2ewAEfkWkoWLOseuBlRGMB8GA1UdIwQY
MBaAFJgRhof91v+A+wmKnu7wbeN3+F1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYt
NjlhZjBhNmU5ODliLzEvbzFLYlR0X1o3QUFSLVJhU2hZczZ4NjRHVkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYtNjlhZjBhNmU5ODli
LzEvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk/swDQYJ
KoZIhvcNAQELBQADggEBABci5lykXeeJc29r1ZWer+Ng13dyj+CmBLDM/DyDPl4G
rzfQ/g46g8jJdjjP4CMsxm4rk+8iJQmD0V4EIeBfQJTBkenLocGTe7KPezjeHVSD
LrsS9ZDO7kjkZCtRr8o3cRYsISO3RSBDIWSYV+xrqBigdCwe0y251yQYDwC2Avhk
XuT9qfMYfR5Ijd/r3gNC9R7Rl5fScxIk1OH8D9EIs73LKR/pvIcOsihhvnelnRf1
dajhKTx574a8rtJmvadWCXXqxbQxmgyLeOgVdb40gNJN/An02NgAgo8yVTwLnuZ6
HYO+bDW7VtXyR8n8YN209I/L1SszvOGYhvYo12sUTuY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:27 2025 by rpki-client