Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/oJEvXpEBpuYbcFfcZPDBTEehGY8.roa
File: oJEvXpEBpuYbcFfcZPDBTEehGY8.roa (raw, json)
Hash identifier: b0SdOLZ2AbPJ+0i7CwF2Gja+/00y5/FVMUIAvNs5h1I=
Subject key identifier: A0:91:2F:5E:91:01:A6:E6:1B:70:57:DC:64:F0:C1:4C:47:A1:19:8F
Certificate issuer: /CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Certificate serial: 01941F8C9BE7F1EE132A23B3C7C0F20884F3
Authority key identifier: D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/oJEvXpEBpuYbcFfcZPDBTEehGY8.roa
Signing time: Wed 01 Jan 2025 01:48:16 +0000
ROA not before: Wed 01 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 185.175.30.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9b:e7:f1:ee:13:2a:23:b3:c7:c0:f2:08:84:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Validity
Not Before: Jan 1 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0912f5e9101a6e61b7057dc64f0c14c47a1198f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:ae:d5:f8:d4:f5:59:f6:27:15:b7:e4:9e:
86:ad:0f:86:85:60:a3:93:3c:80:8f:bb:10:b1:6b:
92:bb:75:f2:f1:cc:46:18:d2:ec:36:a7:41:68:98:
9e:92:88:f8:2b:ad:b5:53:5a:0a:82:96:e9:1f:e5:
d0:49:45:71:cb:f2:40:97:0d:c7:ee:bc:ac:80:c4:
50:16:7c:e7:5e:c1:c4:1b:cf:78:e5:d3:e1:8c:33:
f0:c0:46:05:c9:01:06:b2:f9:cc:07:e7:f9:e5:aa:
72:9d:ac:c8:d2:40:39:eb:3b:d8:13:fd:e3:5c:8a:
23:83:e5:2e:08:f8:7b:2f:ea:b4:04:f6:9c:d5:7a:
39:5d:f3:37:2f:ae:dc:4f:2e:48:e3:bb:b0:0e:66:
85:f0:9c:41:0c:5d:ce:86:2a:f2:9e:87:d3:fb:2e:
80:1a:9d:c9:7d:a0:7b:b0:8b:ec:00:6b:8e:50:6d:
a3:04:06:c1:a5:55:cb:0f:ce:73:20:63:29:1e:7e:
76:97:59:a7:50:d8:64:e0:da:54:0a:71:00:a7:2c:
e6:b6:4d:d3:43:0e:e6:00:92:5f:b8:42:f9:51:63:
4e:74:13:ba:0b:bc:2e:20:b3:4a:12:31:7b:a5:91:
5c:53:97:e9:10:7e:5c:60:a8:69:f4:6d:aa:76:b2:
19:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:91:2F:5E:91:01:A6:E6:1B:70:57:DC:64:F0:C1:4C:47:A1:19:8F
X509v3 Authority Key Identifier:
keyid:D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/oJEvXpEBpuYbcFfcZPDBTEehGY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.30.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:8e:65:ec:da:1c:f0:ff:92:6f:24:ca:0f:e1:9b:d4:27:e0:
65:fc:4c:15:e1:08:37:02:f1:cd:ad:ca:ae:48:50:f7:dd:d4:
7e:fc:70:22:01:77:6f:0f:cc:f3:2d:6b:d8:71:5a:4d:ea:be:
64:1c:d2:e8:87:ad:bc:9b:ab:5a:fb:e1:6d:1d:ad:b5:b3:57:
43:25:b8:8f:4c:17:be:8d:17:d6:92:42:a7:8b:7d:85:57:72:
40:4c:76:b6:22:44:4c:33:cf:fa:f3:f6:70:ea:9d:56:34:da:
b1:ea:5e:29:e8:b4:14:7e:75:e5:66:4b:89:0f:4f:17:31:2a:
1e:3b:6e:7f:c0:11:f0:a2:f8:53:19:21:9b:81:f7:38:df:65:
91:89:85:71:78:d6:d0:70:23:42:06:7f:52:4d:56:5e:f5:ad:
d3:f8:3d:40:3c:38:78:b7:06:f4:e8:22:7a:42:a0:bf:e8:2f:
58:76:ab:58:c6:da:b4:e6:ea:b2:58:b0:f3:d0:87:10:ad:52:
79:c2:ae:40:2e:c6:24:f0:81:8c:2a:a3:f1:4a:38:46:a0:f4:
8d:12:67:b6:b1:98:34:d1:2a:82:b4:ed:aa:52:ab:ee:74:87:
cb:06:7d:6e:e5:6a:0c:31:14:b1:9b:f9:72:04:a9:c1:87:ff:
a5:1c:7a:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJvn8e4TKiOzx8DyCITzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzVmOGZhYzcwNjJmNzdmMjRiOThjZDVjM2I1NGE4OWJh
ZDQ4MzgwHhcNMjUwMTAxMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkxMmY1ZTkxMDFhNmU2MWI3MDU3ZGM2NGYwYzE0YzQ3YTExOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqSu1fjU9Vn2JxW35J6GrQ+GhWCj
kzyAj7sQsWuSu3Xy8cxGGNLsNqdBaJiekoj4K621U1oKgpbpH+XQSUVxy/JAlw3H
7rysgMRQFnznXsHEG8945dPhjDPwwEYFyQEGsvnMB+f55apynazI0kA56zvYE/3j
XIojg+UuCPh7L+q0BPac1Xo5XfM3L67cTy5I47uwDmaF8JxBDF3OhirynofT+y6A
Gp3JfaB7sIvsAGuOUG2jBAbBpVXLD85zIGMpHn52l1mnUNhk4NpUCnEApyzmtk3T
Qw7mAJJfuEL5UWNOdBO6C7wuILNKEjF7pZFcU5fpEH5cYKhp9G2qdrIZrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCRL16RAabmG3BX3GTwwUxHoRmPMB8GA1UdIwQY
MBaAFNU1+PrHBi938kuYzVw7VKibrUg4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRYNC1zY0dMM2Z5UzVqTlhEdFVxSnV0U0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wOTdkYTEtN2NjOS00MzQzLTgwMjQt
YjMxMGQ3MWMyY2FkLzEvb0pFdlhwRUJwdVliY0ZmY1pQREJURWVoR1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8wOTdkYTEtN2NjOS00MzQzLTgwMjQtYjMxMGQ3MWMyY2Fk
LzEvMVRYNC1zY0dMM2Z5UzVqTlhEdFVxSnV0U0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBua8eMA0G
CSqGSIb3DQEBCwUAA4IBAQAujmXs2hzw/5JvJMoP4ZvUJ+Bl/EwV4Qg3AvHNrcqu
SFD33dR+/HAiAXdvD8zzLWvYcVpN6r5kHNLoh628m6ta++FtHa21s1dDJbiPTBe+
jRfWkkKni32FV3JATHa2IkRMM8/68/Zw6p1WNNqx6l4p6LQUfnXlZkuJD08XMSoe
O25/wBHwovhTGSGbgfc432WRiYVxeNbQcCNCBn9STVZe9a3T+D1APDh4twb06CJ6
QqC/6C9YdqtYxtq05uqyWLDz0IcQrVJ5wq5ALsYk8IGMKqPxSjhGoPSNEme2sZg0
0SqCtO2qUqvudIfLBn1u5WoMMRSxm/lyBKnBh/+lHHrv
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:24:59 2025 by rpki-client