Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/OTqu6ofFTyzK0xc5jrx6KgXbQ7M.roa
File: OTqu6ofFTyzK0xc5jrx6KgXbQ7M.roa (raw, json)
Hash identifier: McteydyUGW+LpPCexm+O1QefOp1oYc2XsREa8UjCVIA=
Subject key identifier: 39:3A:AE:EA:87:C5:4F:2C:CA:D3:17:39:8E:BC:7A:2A:05:DB:43:B3
Certificate issuer: /CN=bc31247f359a6d492dc9943ae0f00fc8be216c78
Certificate serial: 01941FFA22C877CBD771BC282BB7B4CEBEC4
Authority key identifier: BC:31:24:7F:35:9A:6D:49:2D:C9:94:3A:E0:F0:0F:C8:BE:21:6C:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDEkfzWabUktyZQ64PAPyL4hbHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/OTqu6ofFTyzK0xc5jrx6KgXbQ7M.roa
Signing time: Wed 01 Jan 2025 03:47:53 +0000
ROA not before: Wed 01 Jan 2025 03:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24961
IP address blocks: 185.19.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:22:c8:77:cb:d7:71:bc:28:2b:b7:b4:ce:be:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc31247f359a6d492dc9943ae0f00fc8be216c78
Validity
Not Before: Jan 1 03:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=393aaeea87c54f2ccad317398ebc7a2a05db43b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d2:c6:0d:e0:b5:9c:c3:df:85:ab:ce:1b:2c:
90:21:33:cd:f5:07:c0:a0:5d:be:65:49:48:95:9d:
a2:a0:7b:94:ca:04:43:d8:f7:8e:c8:f1:61:b2:bc:
e4:ce:c7:ab:aa:8f:f9:1a:6a:b5:8a:9f:99:9e:3a:
c6:09:af:b3:09:ea:31:95:5a:84:d5:7f:98:f6:1f:
76:9d:87:bb:9b:10:25:59:7b:c3:05:44:e0:dd:21:
ee:28:2e:eb:00:a6:50:8b:de:3c:85:60:d5:51:cd:
7b:ce:8a:b3:1d:2c:17:c5:ef:01:16:81:e8:76:83:
be:d0:24:f4:1b:d8:56:39:b1:ea:49:98:70:66:09:
8b:ad:c5:f6:e8:df:58:80:8e:44:e2:b5:e8:19:95:
b8:a8:6b:19:f4:13:d9:12:df:9d:ae:fb:65:b6:9f:
4f:16:04:75:cd:4e:4a:a3:10:ba:90:86:93:0e:b4:
b2:da:64:88:8e:e9:5c:ef:98:ed:ad:91:23:0d:93:
3e:cb:22:f1:cb:dc:31:5f:48:ed:6d:43:03:43:b7:
a8:2d:98:1b:e1:46:06:c2:6c:3c:c9:9d:9b:f4:70:
e4:47:a9:40:ae:e5:c6:6b:f9:28:f4:ed:f7:7c:ca:
3a:fe:cb:d1:b6:12:02:09:c1:03:1e:03:68:e5:6e:
43:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3A:AE:EA:87:C5:4F:2C:CA:D3:17:39:8E:BC:7A:2A:05:DB:43:B3
X509v3 Authority Key Identifier:
keyid:BC:31:24:7F:35:9A:6D:49:2D:C9:94:3A:E0:F0:0F:C8:BE:21:6C:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDEkfzWabUktyZQ64PAPyL4hbHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/OTqu6ofFTyzK0xc5jrx6KgXbQ7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/vDEkfzWabUktyZQ64PAPyL4hbHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.186.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f6:6f:5c:1b:3b:aa:0e:9a:1f:fa:28:27:e4:7e:7a:60:78:
df:a1:94:5c:88:75:88:7c:d8:ce:af:f2:26:e0:78:59:ca:bc:
01:12:d5:f0:2d:11:ac:d6:27:56:d0:55:df:9d:84:ea:59:3c:
ed:ab:99:58:7c:42:65:38:19:37:c8:45:3d:d8:be:e1:58:f2:
f5:ff:33:f4:08:b4:fb:23:90:cc:e2:ed:88:6d:cd:1b:e0:cd:
17:19:40:3d:2c:fd:b1:07:db:95:5c:e4:a4:a2:11:eb:c2:c4:
4f:c2:ec:c6:ba:94:63:af:26:8d:b1:00:1a:7b:95:de:14:d8:
5b:c4:87:82:eb:04:50:20:e3:2c:b8:36:65:f1:f8:a7:dc:33:
07:c5:91:30:9f:66:f0:af:a3:02:45:d7:9e:67:e3:d6:be:e5:
1b:61:77:8f:7a:31:a4:e1:58:43:ea:18:ab:d2:3a:12:5f:eb:
5b:1a:5d:9d:d5:de:f1:0d:d6:57:0a:3f:5e:27:bb:53:e5:eb:
63:fd:0f:cd:46:9c:cc:9d:5c:78:43:cf:a4:61:3a:ba:5e:81:
1d:4d:39:db:9c:96:e6:d4:07:2a:ac:90:98:99:de:8a:e9:08:
3b:2f:78:d6:82:c3:fb:fc:d2:1d:70:5f:b0:e7:f7:e6:ac:f8:
f0:69:ce:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+iLId8vXcbwoK7e0zr7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzEyNDdmMzU5YTZkNDkyZGM5OTQzYWUwZjAwZmM4YmUy
MTZjNzgwHhcNMjUwMTAxMDM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNhYWVlYTg3YzU0ZjJjY2FkMzE3Mzk4ZWJjN2EyYTA1ZGI0M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdLGDeC1nMPfhavOGyyQITPN9QfA
oF2+ZUlIlZ2ioHuUygRD2PeOyPFhsrzkzserqo/5Gmq1ip+ZnjrGCa+zCeoxlVqE
1X+Y9h92nYe7mxAlWXvDBUTg3SHuKC7rAKZQi948hWDVUc17zoqzHSwXxe8BFoHo
doO+0CT0G9hWObHqSZhwZgmLrcX26N9YgI5E4rXoGZW4qGsZ9BPZEt+drvtltp9P
FgR1zU5KoxC6kIaTDrSy2mSIjulc75jtrZEjDZM+yyLxy9wxX0jtbUMDQ7eoLZgb
4UYGwmw8yZ2b9HDkR6lAruXGa/ko9O33fMo6/svRthICCcEDHgNo5W5DKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk6ruqHxU8sytMXOY68eioF20OzMB8GA1UdIwQY
MBaAFLwxJH81mm1JLcmUOuDwD8i+IWx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRFa2Z6V2FiVWt0eVpRNjRQQVB5TDRoYkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zNDZiZWYtMGE1ZS00NDAwLTlmODQt
NTY4MDVjYTExYzMzLzEvT1RxdTZvZkZUeXpLMHhjNWpyeDZLZ1hiUTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zNDZiZWYtMGE1ZS00NDAwLTlmODQtNTY4MDVjYTExYzMz
LzEvdkRFa2Z6V2FiVWt0eVpRNjRQQVB5TDRoYkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRO6MA0G
CSqGSIb3DQEBCwUAA4IBAQBe9m9cGzuqDpof+ign5H56YHjfoZRciHWIfNjOr/Im
4HhZyrwBEtXwLRGs1idW0FXfnYTqWTztq5lYfEJlOBk3yEU92L7hWPL1/zP0CLT7
I5DM4u2Ibc0b4M0XGUA9LP2xB9uVXOSkohHrwsRPwuzGupRjryaNsQAae5XeFNhb
xIeC6wRQIOMsuDZl8fin3DMHxZEwn2bwr6MCRdeeZ+PWvuUbYXePejGk4VhD6hir
0joSX+tbGl2d1d7xDdZXCj9eJ7tT5etj/Q/NRpzMnVx4Q8+kYTq6XoEdTTnbnJbm
1AcqrJCYmd6K6Qg7L3jWgsP7/NIdcF+w5/fmrPjwac5s
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:34:53 2025 by rpki-client