Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/wO5DmrwTSoyl76lHsJA2t5qAs9I.roa
File: wO5DmrwTSoyl76lHsJA2t5qAs9I.roa (raw, json)
Hash identifier: gFeojWx3JdvkiLn4u4KpLVd5bJnsp8Sl11CkVIEvvlw=
Subject key identifier: C0:EE:43:9A:BC:13:4A:8C:A5:EF:A9:47:B0:90:36:B7:9A:80:B3:D2
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 019425FD9D81A7520895348A47C3EA33125E
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/wO5DmrwTSoyl76lHsJA2t5qAs9I.roa
Signing time: Thu 02 Jan 2025 07:49:25 +0000
ROA not before: Thu 02 Jan 2025 07:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 87.236.165.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9d:81:a7:52:08:95:34:8a:47:c3:ea:33:12:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 2 07:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0ee439abc134a8ca5efa947b09036b79a80b3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a4:18:c3:ba:9c:15:a6:d9:20:41:33:4d:8a:
af:bd:e5:ff:e7:0f:cf:55:8b:e3:ec:3d:05:be:a6:
a0:42:dc:74:0e:c5:d9:78:ad:94:81:c7:3c:d9:08:
3f:a4:d9:5d:02:3f:1d:e3:9f:f4:6d:eb:13:a1:1c:
25:b5:9d:34:21:98:4e:84:01:cf:3d:03:91:24:ff:
d5:31:33:2e:9f:f6:06:ca:05:0f:6e:c9:55:5a:f1:
93:ff:eb:f4:83:2e:5e:74:2c:c3:ee:45:bc:bc:97:
fe:72:b0:e9:79:ab:d9:5d:93:e5:9c:8e:d3:28:23:
38:16:b9:40:2b:01:a9:fc:e0:5f:a7:dc:7b:ba:17:
61:1e:80:d9:c3:9a:d6:7a:b2:cc:11:4b:fa:a2:45:
1b:9a:db:cc:0a:d8:1b:31:c3:3b:7c:f7:1a:3b:de:
2f:13:fc:0e:34:d7:81:02:f6:a2:c1:99:b6:df:43:
b4:b8:8d:8e:26:2f:45:e0:cc:4f:51:4d:58:f2:1b:
14:f8:1c:c8:06:0c:ea:3f:38:8e:ee:e8:79:f3:c2:
e7:50:0a:c1:63:b3:10:15:1b:aa:04:89:36:ea:81:
b4:2d:39:3b:f3:ad:b6:0c:3c:65:36:04:5f:10:52:
e0:04:ad:fd:99:16:72:56:ff:4d:0e:b9:1c:e8:f8:
81:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:EE:43:9A:BC:13:4A:8C:A5:EF:A9:47:B0:90:36:B7:9A:80:B3:D2
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/wO5DmrwTSoyl76lHsJA2t5qAs9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.165.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:dc:c2:09:60:29:99:70:af:41:5f:17:a4:25:2d:d5:59:ea:
99:2b:08:01:e6:e5:06:79:79:a6:90:7a:07:b0:73:9a:b1:24:
48:4c:58:61:c3:1b:6d:70:5f:9a:69:65:f0:38:fe:cd:84:72:
99:94:d9:74:4c:69:25:8a:42:32:a9:45:e8:e8:67:c4:81:59:
9c:c9:61:25:c6:70:5e:3a:91:f7:b0:80:1b:e5:85:e1:a8:7c:
c0:d9:88:c3:a5:d9:5a:5d:9f:56:93:34:d8:fe:dc:24:51:a2:
5e:98:ae:ce:a3:e1:a8:17:35:e4:c2:32:73:17:d0:5e:32:b9:
a3:aa:b8:13:cd:43:7f:c9:7a:db:d6:ef:7d:20:df:cd:2e:f9:
fc:07:b6:4c:6a:6e:c3:e7:e7:16:05:e2:2f:69:12:09:6d:56:
85:60:c7:4b:ca:62:89:43:05:25:ee:e6:d8:fa:22:cb:3d:9b:
4f:19:ce:a6:6c:3c:b3:0d:e9:d4:eb:c9:51:0c:39:2f:6e:d0:
a1:a1:ab:60:90:50:07:21:f2:a5:54:a9:c8:6d:79:37:d6:8d:
c1:6d:08:30:93:8f:09:99:cf:6c:41:52:2d:4b:d6:f5:06:d0:
0c:0e:ff:17:2a:6e:82:b8:e4:04:ac:e0:a8:58:01:f1:22:1e:
75:5c:d9:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/Z2Bp1IIlTSKR8PqMxJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjUwMTAyMDc0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGVlNDM5YWJjMTM0YThjYTVlZmE5NDdiMDkwMzZiNzlhODBiM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26QYw7qcFabZIEEzTYqvveX/5w/P
VYvj7D0FvqagQtx0DsXZeK2Ugcc82Qg/pNldAj8d45/0besToRwltZ00IZhOhAHP
PQORJP/VMTMun/YGygUPbslVWvGT/+v0gy5edCzD7kW8vJf+crDpeavZXZPlnI7T
KCM4FrlAKwGp/OBfp9x7uhdhHoDZw5rWerLMEUv6okUbmtvMCtgbMcM7fPcaO94v
E/wONNeBAvaiwZm230O0uI2OJi9F4MxPUU1Y8hsU+BzIBgzqPziO7uh588LnUArB
Y7MQFRuqBIk26oG0LTk78622DDxlNgRfEFLgBK39mRZyVv9NDrkc6PiBEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDuQ5q8E0qMpe+pR7CQNreagLPSMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvd081RG1yd1RTb3lsNzZsSHNKQTJ0NXFBczlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+ylMA0G
CSqGSIb3DQEBCwUAA4IBAQAq3MIJYCmZcK9BXxekJS3VWeqZKwgB5uUGeXmmkHoH
sHOasSRITFhhwxttcF+aaWXwOP7NhHKZlNl0TGklikIyqUXo6GfEgVmcyWElxnBe
OpH3sIAb5YXhqHzA2YjDpdlaXZ9WkzTY/twkUaJemK7Oo+GoFzXkwjJzF9BeMrmj
qrgTzUN/yXrb1u99IN/NLvn8B7ZMam7D5+cWBeIvaRIJbVaFYMdLymKJQwUl7ubY
+iLLPZtPGc6mbDyzDenU68lRDDkvbtChoatgkFAHIfKlVKnIbXk31o3BbQgwk48J
mc9sQVItS9b1BtAMDv8XKm6CuOQErOCoWAHxIh51XNmE
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:55:45 2025 by rpki-client