Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8f2ef4-e161-4b10-a221-999f4f60f0af/1/O-ObgbnKFLnlu0CRG9yyUqD6xGY.roa
File: O-ObgbnKFLnlu0CRG9yyUqD6xGY.roa (raw, json)
Hash identifier: bF3QfNZf/Lpw5KTM4d/C9H7W81AgzTfcc6BjQf2ADQ4=
Subject key identifier: 3B:E3:9B:81:B9:CA:14:B9:E5:BB:40:91:1B:DC:B2:52:A0:FA:C4:66
Certificate issuer: /CN=22d7c11a449a4376c3a787c7f613c551aa611f91
Certificate serial: 018CC4250C22CB2A7C700603F31D77B06BC4
Authority key identifier: 22:D7:C1:1A:44:9A:43:76:C3:A7:87:C7:F6:13:C5:51:AA:61:1F:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItfBGkSaQ3bDp4fH9hPFUaphH5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/8f2ef4-e161-4b10-a221-999f4f60f0af/1/O-ObgbnKFLnlu0CRG9yyUqD6xGY.roa
Signing time: Mon 01 Jan 2024 08:30:11 +0000
ROA not before: Mon 01 Jan 2024 08:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56430
IP address blocks: 193.105.218.0/24 maxlen: 24
2a12:aec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0c:22:cb:2a:7c:70:06:03:f3:1d:77:b0:6b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22d7c11a449a4376c3a787c7f613c551aa611f91
Validity
Not Before: Jan 1 08:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3be39b81b9ca14b9e5bb40911bdcb252a0fac466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3e:fc:6f:4d:5e:e7:9e:b9:5f:e3:77:ca:f2:
06:e3:6d:d7:f4:f3:63:5d:c6:84:6c:d9:9c:5b:9a:
08:2f:ad:bd:d3:44:15:c0:de:b7:93:49:9b:54:db:
ba:af:e5:bf:9a:bc:9e:b3:c5:84:83:27:f8:51:2b:
b8:3d:e1:08:5d:d0:69:22:d6:76:0c:9a:1c:15:fa:
11:71:34:d4:59:ed:16:f2:a0:74:5d:b3:91:3f:3e:
3f:fa:07:8e:96:23:72:3a:03:cc:6d:52:df:32:3d:
a4:26:71:fc:ae:f8:8c:07:15:7c:96:07:b5:03:32:
8c:9c:cd:0a:7c:a4:83:ca:f3:ec:da:f4:78:28:31:
4d:2a:bb:a6:8d:36:8a:be:d9:18:d3:74:79:90:14:
e7:2a:95:e7:55:30:c9:d5:77:2a:b9:01:73:bd:8a:
ce:ba:c6:a5:4b:5b:92:f8:6d:fc:72:6b:77:d4:4a:
10:8d:1b:46:07:20:1d:26:55:73:f1:7d:a9:49:8d:
c2:f4:89:d9:e4:b7:54:ea:d2:8b:f1:d7:ba:e2:3c:
bf:d4:85:07:d5:65:39:22:67:84:35:60:42:42:0f:
46:93:29:c8:87:91:bc:97:f4:ef:3a:3a:55:c1:86:
cd:3f:48:21:32:c7:0a:32:ca:04:15:b0:ba:58:34:
94:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E3:9B:81:B9:CA:14:B9:E5:BB:40:91:1B:DC:B2:52:A0:FA:C4:66
X509v3 Authority Key Identifier:
keyid:22:D7:C1:1A:44:9A:43:76:C3:A7:87:C7:F6:13:C5:51:AA:61:1F:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItfBGkSaQ3bDp4fH9hPFUaphH5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8f2ef4-e161-4b10-a221-999f4f60f0af/1/O-ObgbnKFLnlu0CRG9yyUqD6xGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8f2ef4-e161-4b10-a221-999f4f60f0af/1/ItfBGkSaQ3bDp4fH9hPFUaphH5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.218.0/24
IPv6:
2a12:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:91:26:44:75:7b:eb:fb:59:2e:44:51:70:2f:91:c0:68:3f:
ba:9c:46:33:c3:ad:4a:91:81:c7:bd:41:92:3f:4d:f4:d7:e6:
75:f8:0f:3c:aa:05:c9:d7:e9:c7:2f:0d:07:dc:9c:1d:6b:dc:
fe:bc:bd:55:91:29:0e:a7:55:53:83:b7:56:59:04:94:c7:99:
47:d1:21:19:ba:fb:3c:df:32:ba:9a:da:c9:9f:f4:6c:1a:8f:
5c:7c:64:6a:e0:4a:7c:b4:1f:47:b3:e9:1e:59:a8:10:03:c8:
2c:cd:f4:22:dc:89:94:a8:59:1a:82:7d:e5:17:57:24:ec:4a:
52:85:34:95:0c:e0:0f:7e:97:04:19:4f:f4:df:a8:d7:75:94:
0b:92:8e:a8:f7:d0:f4:5f:38:df:0b:6c:cb:2c:4e:7c:4a:c6:
52:5d:f6:57:e6:d0:a6:d4:5b:62:b1:3d:31:f3:e0:1b:cb:6b:
15:f6:e4:8d:4f:1c:e6:59:b7:68:a3:94:48:f1:a4:7c:f5:e9:
42:08:40:6b:b2:bd:fa:8e:6c:79:58:cf:10:60:aa:46:9e:62:
f8:5b:a8:15:03:64:da:1f:82:74:d8:ea:5f:82:6a:3d:5b:44:
48:20:e2:b5:17:b4:16:56:22:24:22:50:b2:bf:68:42:24:8f:
e5:a7:76:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJQwiyyp8cAYD8x13sGvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZDdjMTFhNDQ5YTQzNzZjM2E3ODdjN2Y2MTNjNTUxYWE2
MTFmOTEwHhcNMjQwMTAxMDgzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUzOWI4MWI5Y2ExNGI5ZTViYjQwOTExYmRjYjI1MmEwZmFjNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz78b01e5565X+N3yvIG423X9PNj
XcaEbNmcW5oIL62900QVwN63k0mbVNu6r+W/mryes8WEgyf4USu4PeEIXdBpItZ2
DJocFfoRcTTUWe0W8qB0XbORPz4/+geOliNyOgPMbVLfMj2kJnH8rviMBxV8lge1
AzKMnM0KfKSDyvPs2vR4KDFNKrumjTaKvtkY03R5kBTnKpXnVTDJ1XcquQFzvYrO
usalS1uS+G38cmt31EoQjRtGByAdJlVz8X2pSY3C9InZ5LdU6tKL8de64jy/1IUH
1WU5ImeENWBCQg9GkynIh5G8l/TvOjpVwYbNP0ghMscKMsoEFbC6WDSU3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDvjm4G5yhS55btAkRvcslKg+sRmMB8GA1UdIwQY
MBaAFCLXwRpEmkN2w6eHx/YTxVGqYR+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXRmQkdrU2FRM2JEcDRmSDloUEZVYXBoSDVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZjJlZjQtZTE2MS00YjEwLWEyMjEt
OTk5ZjRmNjBmMGFmLzEvTy1PYmdibktGTG5sdTBDUkc5eXlVcUQ2eEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZjJlZjQtZTE2MS00YjEwLWEyMjEtOTk5ZjRmNjBmMGFm
LzEvSXRmQkdrU2FRM2JEcDRmSDloUEZVYXBoSDVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWnaMA0E
AgACMAcDBQMqEq7AMA0GCSqGSIb3DQEBCwUAA4IBAQC3kSZEdXvr+1kuRFFwL5HA
aD+6nEYzw61KkYHHvUGSP0301+Z1+A88qgXJ1+nHLw0H3Jwda9z+vL1VkSkOp1VT
g7dWWQSUx5lH0SEZuvs83zK6mtrJn/RsGo9cfGRq4Ep8tB9Hs+keWagQA8gszfQi
3ImUqFkagn3lF1ck7EpShTSVDOAPfpcEGU/036jXdZQLko6o99D0XzjfC2zLLE58
SsZSXfZX5tCm1FtisT0x8+Aby2sV9uSNTxzmWbdoo5RI8aR89elCCEBrsr36jmx5
WM8QYKpGnmL4W6gVA2TaH4J02Opfgmo9W0RIIOK1F7QWViIkIlCyv2hCJI/lp3ay
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:38 2025 by rpki-client