Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/c14eaf-7b9a-4502-b645-2406da244ce8/1/oLXmZ2nlerfKm4KWQlZqhol8aVY.roa
File: oLXmZ2nlerfKm4KWQlZqhol8aVY.roa (raw, json)
Hash identifier: QNg0Wh1+B0uXFIOSs+1YTJ7iJx29zZdovJz1pNX7XqI=
Subject key identifier: A0:B5:E6:67:69:E5:7A:B7:CA:9B:82:96:42:56:6A:86:89:7C:69:56
Certificate issuer: /CN=de3f2c5f21530c8873b1fae57dd74c69cfb35dce
Certificate serial: 0A38014E
Authority key identifier: DE:3F:2C:5F:21:53:0C:88:73:B1:FA:E5:7D:D7:4C:69:CF:B3:5D:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3j8sXyFTDIhzsfrlfddMac-zXc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/c14eaf-7b9a-4502-b645-2406da244ce8/1/oLXmZ2nlerfKm4KWQlZqhol8aVY.roa
Signing time: Sat 01 Jan 2022 03:56:08 +0000
ROA not before: Sat 01 Jan 2022 03:56:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42010
IP address blocks: 185.135.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171442510 (0xa38014e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de3f2c5f21530c8873b1fae57dd74c69cfb35dce
Validity
Not Before: Jan 1 03:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0b5e66769e57ab7ca9b829642566a86897c6956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a6:eb:1d:6b:62:2d:17:8f:28:fa:89:18:eb:
48:7c:9d:4b:cc:5e:44:c0:98:e6:4b:48:19:0e:9f:
ec:3f:a1:4b:53:4b:64:d1:15:c4:b6:bc:7b:7f:b2:
91:77:b2:36:33:94:7c:7c:0b:bc:21:c2:9a:01:93:
a4:9c:8a:e6:bf:6f:8f:3d:e5:a1:79:4d:ce:c1:be:
bc:21:84:05:54:02:6c:30:c6:ff:6e:80:61:66:1d:
56:e8:9c:de:31:a1:cc:f9:0b:b0:b4:13:01:cf:80:
ec:66:1a:a3:0e:77:82:b0:d3:bb:8a:9e:7f:7e:23:
aa:0c:3b:ed:2e:1c:d2:21:0c:fe:a9:7e:44:45:97:
db:06:3d:fe:4f:ca:35:59:f8:cd:e1:c9:1f:49:1e:
14:a3:64:b3:10:ad:a1:5c:50:37:03:78:50:80:97:
dc:3c:57:68:57:54:6e:10:51:e1:5f:c5:3e:cd:7e:
a0:84:88:9d:61:b3:31:30:0e:43:03:0e:0f:0e:cf:
d0:2f:78:90:9a:9d:90:e0:41:24:24:99:c6:cd:53:
20:b1:46:d5:c1:83:5b:4d:a7:06:37:e2:b0:08:57:
02:30:53:30:4d:d4:1a:29:3b:61:38:39:ad:65:f1:
42:a6:03:b6:15:80:cb:cc:8b:7f:6c:2c:df:f2:67:
78:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B5:E6:67:69:E5:7A:B7:CA:9B:82:96:42:56:6A:86:89:7C:69:56
X509v3 Authority Key Identifier:
keyid:DE:3F:2C:5F:21:53:0C:88:73:B1:FA:E5:7D:D7:4C:69:CF:B3:5D:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3j8sXyFTDIhzsfrlfddMac-zXc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/c14eaf-7b9a-4502-b645-2406da244ce8/1/oLXmZ2nlerfKm4KWQlZqhol8aVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/c14eaf-7b9a-4502-b645-2406da244ce8/1/3j8sXyFTDIhzsfrlfddMac-zXc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.168.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:9f:f1:6a:ed:9c:c9:70:75:a6:a2:f0:0c:bb:82:7c:e7:11:
70:e6:29:84:78:0e:4f:e2:86:4f:86:46:a2:94:a5:da:dc:70:
41:03:57:6d:fd:bb:00:53:5e:0a:99:89:53:1a:e4:4c:e8:5a:
9d:1a:ae:d2:e7:af:09:8a:19:dc:c2:24:84:47:38:ff:c4:b9:
f1:72:6c:ee:de:19:58:0d:84:d3:b5:b1:7b:ed:d3:55:d4:83:
db:49:64:14:eb:d7:1a:2e:dc:49:42:c3:0d:82:bc:39:e3:7e:
03:ba:ca:c7:33:2f:10:60:e8:1b:96:ae:18:7e:8b:e0:af:4d:
ee:6a:45:51:7e:63:d4:26:26:82:ab:31:e1:b7:8f:65:2c:bc:
63:af:a4:bb:f6:30:95:19:37:52:ca:d1:7c:c1:72:13:1e:22:
36:5e:1e:40:28:a8:4f:6c:36:9e:f2:53:b7:72:ed:db:ae:9e:
c9:eb:5d:db:11:75:24:73:7f:43:a2:cb:2b:17:06:14:38:82:
d4:6c:cc:60:33:d0:2d:c5:27:5d:4e:a8:c9:41:f9:2a:ab:c5:
f5:e3:42:35:db:9c:38:d3:5e:f9:9f:a4:b2:13:9e:e4:94:c4:
0a:b1:d5:64:3e:e7:40:79:ff:7a:94:5a:f6:84:99:ba:16:d0:
3c:42:1c:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECjgBTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTNmMmM1ZjIxNTMwYzg4NzNiMWZhZTU3ZGQ3NGM2OWNmYjM1ZGNlMB4XDTIyMDEw
MTAzNTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBiNWU2Njc2OWU1
N2FiN2NhOWI4Mjk2NDI1NjZhODY4OTdjNjk1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6m6x1rYi0Xjyj6iRjrSHydS8xeRMCY5ktIGQ6f7D+hS1NL
ZNEVxLa8e3+ykXeyNjOUfHwLvCHCmgGTpJyK5r9vjz3loXlNzsG+vCGEBVQCbDDG
/26AYWYdVuic3jGhzPkLsLQTAc+A7GYaow53grDTu4qef34jqgw77S4c0iEM/ql+
REWX2wY9/k/KNVn4zeHJH0keFKNksxCtoVxQNwN4UICX3DxXaFdUbhBR4V/FPs1+
oISInWGzMTAOQwMODw7P0C94kJqdkOBBJCSZxs1TILFG1cGDW02nBjfisAhXAjBT
ME3UGik7YTg5rWXxQqYDthWAy8yLf2ws3/JneG0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgteZnaeV6t8qbgpZCVmqGiXxpVjAfBgNVHSMEGDAWgBTePyxfIVMMiHOx
+uV910xpz7NdzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNqOHNYeUZUREloenNmcmxmZGRNYWMtelhjNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvYzE0ZWFmLTdiOWEtNDUwMi1iNjQ1LTI0MDZkYTI0NGNlOC8x
L29MWG1aMm5sZXJmS200S1dRbFpxaG9sOGFWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
YzE0ZWFmLTdiOWEtNDUwMi1iNjQ1LTI0MDZkYTI0NGNlOC8xLzNqOHNYeUZURElo
enNmcmxmZGRNYWMtelhjNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmHqDANBgkqhkiG9w0BAQsFAAOC
AQEAH5/xau2cyXB1pqLwDLuCfOcRcOYphHgOT+KGT4ZGopSl2txwQQNXbf27AFNe
CpmJUxrkTOhanRqu0uevCYoZ3MIkhEc4/8S58XJs7t4ZWA2E07Wxe+3TVdSD20lk
FOvXGi7cSULDDYK8OeN+A7rKxzMvEGDoG5auGH6L4K9N7mpFUX5j1CYmgqsx4beP
ZSy8Y6+ku/YwlRk3UsrRfMFyEx4iNl4eQCioT2w2nvJTt3Lt266eyetd2xF1JHN/
Q6LLKxcGFDiC1GzMYDPQLcUnXU6oyUH5KqvF9eNCNducONNe+Z+kshOe5JTECrHV
ZD7nQHn/epRa9oSZuhbQPEIcCQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:53:43 2025 by rpki-client