Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/6b5064-8d5e-4c94-b5bd-050204532286/1/o3nfz0qPyoHeZ7QZgpyfuh3VEII.roa
File: o3nfz0qPyoHeZ7QZgpyfuh3VEII.roa (raw, json)
Hash identifier: Z7vtFpZz5Q9L6wA4avMeuFaOqLOX0o+KOJVRi4dDip4=
Subject key identifier: A3:79:DF:CF:4A:8F:CA:81:DE:67:B4:19:82:9C:9F:BA:1D:D5:10:82
Certificate issuer: /CN=391975ad57ceb765ad948be5eb4c382dc74844c0
Certificate serial: 0194228DE556DDC13CACF0AD75346D745337
Authority key identifier: 39:19:75:AD:57:CE:B7:65:AD:94:8B:E5:EB:4C:38:2D:C7:48:44:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORl1rVfOt2WtlIvl60w4LcdIRMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/6b5064-8d5e-4c94-b5bd-050204532286/1/o3nfz0qPyoHeZ7QZgpyfuh3VEII.roa
Signing time: Wed 01 Jan 2025 15:48:32 +0000
ROA not before: Wed 01 Jan 2025 15:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 185.243.24.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e5:56:dd:c1:3c:ac:f0:ad:75:34:6d:74:53:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391975ad57ceb765ad948be5eb4c382dc74844c0
Validity
Not Before: Jan 1 15:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a379dfcf4a8fca81de67b419829c9fba1dd51082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bb:57:d4:bc:62:b4:3d:53:9a:f7:cc:56:67:
c0:ce:7d:82:9b:5d:24:57:93:ff:68:7b:51:31:eb:
24:c9:d2:7b:8d:12:95:bb:6a:f2:72:31:c4:4f:5e:
0f:d4:fa:17:23:1d:d7:d2:43:86:b3:20:7a:bd:b7:
6c:e0:7b:9e:80:5a:b0:b7:85:c3:8d:f4:e4:b7:43:
11:f1:dd:eb:ce:54:f2:c4:35:e3:2d:1f:a5:e6:cc:
84:ad:c1:ca:b5:78:bd:ce:79:91:94:7d:10:44:a9:
21:b1:00:05:cd:c5:c4:88:cb:03:60:9c:73:46:0e:
3b:41:3f:98:48:ab:fd:6d:84:31:00:e6:ac:80:0a:
33:a2:1c:44:e6:c3:3a:3a:2b:09:7e:22:05:dd:48:
15:c6:a7:8a:25:22:8e:6b:cd:41:26:03:fb:3c:38:
08:3c:ba:96:ad:16:f2:76:f6:2e:9d:87:d2:61:56:
72:ea:65:14:27:15:4d:85:51:18:ba:b2:84:b4:af:
55:95:46:3a:c1:68:53:45:33:7a:9c:7a:38:80:00:
6a:90:2d:7a:9c:c6:4e:20:83:fe:0e:a1:56:f5:cd:
b6:81:ee:70:0d:21:4d:46:e8:e8:35:f1:bb:92:93:
e9:2a:e7:9b:a3:31:46:32:81:da:9d:cc:78:52:82:
6f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:79:DF:CF:4A:8F:CA:81:DE:67:B4:19:82:9C:9F:BA:1D:D5:10:82
X509v3 Authority Key Identifier:
keyid:39:19:75:AD:57:CE:B7:65:AD:94:8B:E5:EB:4C:38:2D:C7:48:44:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORl1rVfOt2WtlIvl60w4LcdIRMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/6b5064-8d5e-4c94-b5bd-050204532286/1/o3nfz0qPyoHeZ7QZgpyfuh3VEII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/6b5064-8d5e-4c94-b5bd-050204532286/1/ORl1rVfOt2WtlIvl60w4LcdIRMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.24.0/22
Signature Algorithm: sha256WithRSAEncryption
48:ec:7e:ed:d4:ea:80:8e:11:3e:3b:d1:53:e7:c3:ab:16:09:
ee:aa:1e:07:a2:71:bd:00:84:1c:1a:26:97:19:ef:fa:30:f8:
4f:76:aa:83:7c:d9:0f:be:6f:0f:3c:1a:95:9f:78:8a:a6:f5:
e7:f4:aa:e9:47:43:7a:ee:94:1d:2c:d9:8a:46:98:a0:d7:8f:
0c:b3:f9:8e:59:16:19:93:e5:f1:a3:26:23:3e:c3:b5:c6:10:
e4:d7:b0:39:61:1b:6a:78:c1:14:22:b9:77:fd:dc:8b:47:ea:
6d:30:ce:e7:a1:e9:7c:46:ca:a8:de:0f:c4:47:46:7b:cb:b8:
d3:ed:5f:ec:7c:70:0b:8a:f5:61:56:aa:1e:f1:4c:61:12:d5:
84:9d:1e:0c:e0:14:b9:3f:b7:38:a4:41:1e:3d:4f:d9:01:b3:
b3:7e:94:12:e5:df:ea:7e:51:21:e1:46:db:ae:86:39:95:ba:
c2:62:25:04:9e:e5:c8:9c:29:bc:22:fa:e3:48:1e:21:0f:b6:
99:49:9d:6a:a4:f3:30:6e:cf:13:1d:d4:69:5e:c6:76:82:4c:
c2:09:c3:d5:3e:c3:8a:1c:65:30:16:b4:85:99:9d:f2:e0:a7:
00:3c:0c:0d:36:a7:40:87:3e:d9:4b:a5:1c:b7:d6:f1:71:3f:
f2:e8:0f:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijeVW3cE8rPCtdTRtdFM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTk3NWFkNTdjZWI3NjVhZDk0OGJlNWViNGMzODJkYzc0
ODQ0YzAwHhcNMjUwMTAxMTU0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc5ZGZjZjRhOGZjYTgxZGU2N2I0MTk4MjljOWZiYTFkZDUxMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybtX1LxitD1TmvfMVmfAzn2Cm10k
V5P/aHtRMeskydJ7jRKVu2rycjHET14P1PoXIx3X0kOGsyB6vbds4HuegFqwt4XD
jfTkt0MR8d3rzlTyxDXjLR+l5syErcHKtXi9znmRlH0QRKkhsQAFzcXEiMsDYJxz
Rg47QT+YSKv9bYQxAOasgAozohxE5sM6OisJfiIF3UgVxqeKJSKOa81BJgP7PDgI
PLqWrRbydvYunYfSYVZy6mUUJxVNhVEYurKEtK9VlUY6wWhTRTN6nHo4gABqkC16
nMZOIIP+DqFW9c22ge5wDSFNRujoNfG7kpPpKuebozFGMoHancx4UoJvNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKN5389Kj8qB3me0GYKcn7od1RCCMB8GA1UdIwQY
MBaAFDkZda1XzrdlrZSL5etMOC3HSETAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JsMXJWZk90Mld0bEl2bDYwdzRMY2RJUk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82YjUwNjQtOGQ1ZS00Yzk0LWI1YmQt
MDUwMjA0NTMyMjg2LzEvbzNuZnowcVB5b0hlWjdRWmdweWZ1aDNWRUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82YjUwNjQtOGQ1ZS00Yzk0LWI1YmQtMDUwMjA0NTMyMjg2
LzEvT1JsMXJWZk90Mld0bEl2bDYwdzRMY2RJUk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufMYMA0G
CSqGSIb3DQEBCwUAA4IBAQBI7H7t1OqAjhE+O9FT58OrFgnuqh4HonG9AIQcGiaX
Ge/6MPhPdqqDfNkPvm8PPBqVn3iKpvXn9KrpR0N67pQdLNmKRpig148Ms/mOWRYZ
k+XxoyYjPsO1xhDk17A5YRtqeMEUIrl3/dyLR+ptMM7noel8Rsqo3g/ER0Z7y7jT
7V/sfHALivVhVqoe8UxhEtWEnR4M4BS5P7c4pEEePU/ZAbOzfpQS5d/qflEh4Ubb
roY5lbrCYiUEnuXInCm8IvrjSB4hD7aZSZ1qpPMwbs8THdRpXsZ2gkzCCcPVPsOK
HGUwFrSFmZ3y4KcAPAwNNqdAhz7ZS6Uct9bxcT/y6A8e
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:29 2025 by rpki-client