Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/Ou48DrwJus08n3GsGbd-UDVpOCI.roa
File: Ou48DrwJus08n3GsGbd-UDVpOCI.roa (raw, json)
Hash identifier: bLCIdBEHgXrvByLARx4buUO2V5j3WD8Kgcv0zCDTM/o=
Subject key identifier: 3A:EE:3C:0E:BC:09:BA:CD:3C:9F:71:AC:19:B7:7E:50:35:69:38:22
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 019493794893058662F1E1B2752F4C5C8127
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/Ou48DrwJus08n3GsGbd-UDVpOCI.roa
Signing time: Thu 23 Jan 2025 14:03:06 +0000
ROA not before: Thu 23 Jan 2025 14:03:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212996
IP address blocks: 176.10.89.0/24 maxlen: 24
2a13:d8c0::/32 maxlen: 32
2a13:d8c1::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 32
2a13:d8c3::/32 maxlen: 32
2a13:d8c4::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:79:48:93:05:86:62:f1:e1:b2:75:2f:4c:5c:81:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jan 23 14:03:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aee3c0ebc09bacd3c9f71ac19b77e5035693822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:35:03:af:40:6b:b1:d2:13:6e:fe:37:e9:91:
43:e4:b3:50:8e:99:a1:f0:02:94:95:51:aa:05:49:
1a:64:df:52:c6:3a:79:0c:e5:78:49:8d:3b:9d:bc:
14:16:d4:d5:d0:0f:43:99:09:e4:89:c4:b6:54:c8:
50:85:6d:12:4c:5a:c0:41:15:ff:35:8b:b2:45:cf:
1c:98:f6:f4:13:ce:35:45:d6:b9:11:81:73:09:4b:
7a:0b:15:d9:d9:d3:52:e3:32:1b:91:43:f2:28:05:
88:25:73:aa:6c:3d:1d:cf:a2:37:cc:d3:48:1d:64:
34:aa:2d:f1:e2:9f:6c:ec:8d:d3:f0:54:f9:1e:a5:
31:de:ea:69:ee:d6:7b:bf:ee:3d:89:8f:4b:34:95:
cb:e2:54:5f:ff:00:8e:79:a6:d8:eb:2d:f4:d0:72:
5e:ca:87:cc:bc:d8:52:4e:ac:6a:9a:46:c8:d2:df:
60:8c:46:bc:32:3a:c0:74:3a:a6:18:eb:8e:b0:d2:
9a:81:9d:e6:c3:04:d1:47:d0:3e:1d:af:89:a6:8f:
7a:9b:7b:6d:5a:0c:48:3e:f1:36:bc:74:b7:86:0b:
ac:4b:2e:45:24:3f:b6:ee:b3:0b:6d:66:cf:dd:74:
bb:86:e4:01:b5:85:c0:72:13:09:06:a2:4b:0e:e0:
50:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EE:3C:0E:BC:09:BA:CD:3C:9F:71:AC:19:B7:7E:50:35:69:38:22
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/Ou48DrwJus08n3GsGbd-UDVpOCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.89.0/24
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:60:03:e4:f1:9c:eb:a7:fa:9c:24:01:81:f9:02:df:81:c4:
57:59:ac:47:8e:12:df:b3:99:3a:61:82:02:2b:3f:13:08:e1:
9b:58:60:e8:6b:fe:7c:ac:95:4d:db:0a:69:1d:2f:17:18:02:
21:8e:0e:00:d9:75:66:55:84:e1:5b:ea:21:94:d4:dd:6a:9a:
ae:72:82:94:bd:b3:5a:d4:35:02:5e:87:85:b5:df:22:15:47:
00:f5:df:11:02:23:5e:72:a2:f4:9c:24:57:9a:9a:89:84:87:
b4:f1:9b:5f:ed:42:47:ba:47:7d:c1:e3:7b:9b:0f:a6:45:24:
2e:75:27:72:bd:c4:73:5b:a7:af:9c:b7:35:74:65:cc:38:87:
60:23:55:f6:70:a0:2e:e4:3c:a2:30:8c:be:38:4c:70:71:d9:
84:b7:93:05:4e:4f:d8:c4:2f:4c:ab:18:77:14:6d:a9:46:26:
47:cb:49:c3:c9:71:37:f5:3c:6c:b7:f1:c7:97:5b:eb:dd:6f:
e9:0b:8e:26:b3:94:81:78:5f:3d:f7:85:aa:fa:b9:7e:f7:cb:
23:a0:3e:25:ee:51:e2:ec:c1:a1:c8:0e:7e:11:f1:d9:f0:45:
4b:a6:93:ca:fa:21:2c:07:6c:ed:0f:0e:b5:48:81:95:bd:59:
7d:bc:58:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSTeUiTBYZi8eGydS9MXIEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjUwMTIzMTQwMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWVlM2MwZWJjMDliYWNkM2M5ZjcxYWMxOWI3N2U1MDM1NjkzODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zUDr0BrsdITbv436ZFD5LNQjpmh
8AKUlVGqBUkaZN9Sxjp5DOV4SY07nbwUFtTV0A9DmQnkicS2VMhQhW0STFrAQRX/
NYuyRc8cmPb0E841Rda5EYFzCUt6CxXZ2dNS4zIbkUPyKAWIJXOqbD0dz6I3zNNI
HWQ0qi3x4p9s7I3T8FT5HqUx3upp7tZ7v+49iY9LNJXL4lRf/wCOeabY6y300HJe
yofMvNhSTqxqmkbI0t9gjEa8MjrAdDqmGOuOsNKagZ3mwwTRR9A+Ha+Jpo96m3tt
WgxIPvE2vHS3hgusSy5FJD+27rMLbWbP3XS7huQBtYXAchMJBqJLDuBQsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDruPA68CbrNPJ9xrBm3flA1aTgiMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvT3U0OERyd0p1czA4bjNHc0diZC1VRFZwT0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsApZMA0E
AgACMAcDBQMqE9jAMA0GCSqGSIb3DQEBCwUAA4IBAQCgYAPk8Zzrp/qcJAGB+QLf
gcRXWaxHjhLfs5k6YYICKz8TCOGbWGDoa/58rJVN2wppHS8XGAIhjg4A2XVmVYTh
W+ohlNTdapqucoKUvbNa1DUCXoeFtd8iFUcA9d8RAiNecqL0nCRXmpqJhIe08Ztf
7UJHukd9weN7mw+mRSQudSdyvcRzW6evnLc1dGXMOIdgI1X2cKAu5DyiMIy+OExw
cdmEt5MFTk/YxC9Mqxh3FG2pRiZHy0nDyXE39Txst/HHl1vr3W/pC44ms5SBeF89
94Wq+rl+98sjoD4l7lHi7MGhyA5+EfHZ8EVLppPK+iEsB2ztDw61SIGVvVl9vFj0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:20 2025 by rpki-client