Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2OuPE4Igi2VMH5rnG1UiXL08Wzk.roa
File: 2OuPE4Igi2VMH5rnG1UiXL08Wzk.roa (raw, json)
Hash identifier: bt1mGbw4jsCThdStOIRwBYdWATTcRoG2nJE19sK+ZcY=
Subject key identifier: D8:EB:8F:13:82:20:8B:65:4C:1F:9A:E7:1B:55:22:5C:BD:3C:5B:39
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274856003A841CA1DF779172C1670513
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2OuPE4Igi2VMH5rnG1UiXL08Wzk.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43289
IP address blocks: 192.121.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:56:00:3a:84:1c:a1:df:77:91:72:c1:67:05:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8eb8f1382208b654c1f9ae71b55225cbd3c5b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3a:91:b4:8b:b3:2b:d6:66:8c:7e:4e:c2:38:
86:28:e5:64:91:7b:d3:b7:e4:11:25:a6:0f:85:d3:
4a:6f:15:0f:d8:c0:81:7f:b0:a3:e4:23:ef:99:88:
be:1a:2c:e9:44:c7:b0:57:2f:87:09:17:b0:9b:de:
6e:57:8f:82:0b:c6:ec:30:0c:3a:b5:af:11:b3:cb:
ad:82:8b:9a:29:88:4f:fd:5d:6d:22:97:81:aa:d9:
7a:ee:1c:c0:2e:bc:fc:0c:74:b7:72:ad:a4:31:f8:
4f:05:3b:4b:0c:a4:95:28:f8:8c:2d:f8:40:c7:45:
53:b2:11:ae:e5:83:f7:b8:0b:98:5b:07:54:e4:a7:
53:69:37:f0:f3:43:2e:13:9b:b0:55:b0:0c:1e:bc:
04:9f:38:88:b4:2a:a2:26:1d:14:e6:e9:91:d9:ca:
10:a8:f5:50:9a:3c:c3:22:a2:42:94:6d:b6:6c:4e:
d4:98:fd:e5:91:af:1f:cd:03:d6:e4:b1:ae:55:3d:
cc:76:ba:68:ed:e6:0a:a4:f0:39:de:16:9b:f7:e7:
8f:8f:19:c2:02:fd:73:c5:49:e9:97:d4:eb:fa:db:
b1:20:84:ae:1a:e6:50:0a:7d:88:ad:54:90:e2:7b:
53:9c:7a:c3:8f:35:7f:70:a6:37:37:cb:d2:1b:ff:
85:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EB:8F:13:82:20:8B:65:4C:1F:9A:E7:1B:55:22:5C:BD:3C:5B:39
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2OuPE4Igi2VMH5rnG1UiXL08Wzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.87.0/24
Signature Algorithm: sha256WithRSAEncryption
11:e0:91:cc:86:3d:d4:c8:50:27:be:b5:9b:71:4e:9e:d7:65:
bb:6b:ac:71:5e:4a:8c:6b:6f:ce:45:87:a3:0a:e6:1f:87:2a:
47:7a:e7:7d:0f:ef:61:96:b0:7e:2b:e0:19:25:85:0c:d5:c0:
b0:b1:9e:77:f5:d4:81:df:9d:6b:8e:54:1e:eb:23:4e:7a:d3:
f5:7a:08:77:85:8f:0a:e6:52:a4:a3:24:92:4a:8d:62:7b:4c:
de:ea:8f:57:f1:93:f8:fd:8c:ad:31:a8:27:c8:34:5f:ca:24:
ae:44:fa:1d:35:1e:ed:40:2f:5b:22:e9:26:fb:f1:7e:9d:4a:
39:2b:34:80:14:73:8a:ff:b7:98:8c:4a:23:94:be:58:3f:8b:
8c:d8:46:ab:07:be:16:9a:a1:37:d8:ed:b4:e3:d0:76:c4:65:
92:9b:f1:4c:53:1b:ed:0f:2e:4c:de:f3:a9:70:3b:cb:6c:92:
8f:aa:59:78:40:1d:17:c8:46:da:4b:14:72:4a:f5:05:0c:38:
0b:63:83:ba:1f:e6:06:ad:71:33:da:f9:b0:c4:e0:0e:be:3e:
8b:11:92:1c:91:12:cc:c8:36:d4:ac:be:74:8d:0f:b8:58:66:
92:03:52:4e:44:30:c1:dc:e4:e3:22:2f:0d:51:04:17:a6:16:
86:31:b2:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFYAOoQcod93kXLBZwUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGViOGYxMzgyMjA4YjY1NGMxZjlhZTcxYjU1MjI1Y2JkM2M1YjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTqRtIuzK9ZmjH5OwjiGKOVkkXvT
t+QRJaYPhdNKbxUP2MCBf7Cj5CPvmYi+GizpRMewVy+HCRewm95uV4+CC8bsMAw6
ta8Rs8utgouaKYhP/V1tIpeBqtl67hzALrz8DHS3cq2kMfhPBTtLDKSVKPiMLfhA
x0VTshGu5YP3uAuYWwdU5KdTaTfw80MuE5uwVbAMHrwEnziItCqiJh0U5umR2coQ
qPVQmjzDIqJClG22bE7UmP3lka8fzQPW5LGuVT3Mdrpo7eYKpPA53hab9+ePjxnC
Av1zxUnpl9Tr+tuxIISuGuZQCn2IrVSQ4ntTnHrDjzV/cKY3N8vSG/+F7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjrjxOCIItlTB+a5xtVIly9PFs5MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMk91UEU0SWdpMlZNSDVybkcxVWlYTDA4V3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHlXMA0G
CSqGSIb3DQEBCwUAA4IBAQAR4JHMhj3UyFAnvrWbcU6e12W7a6xxXkqMa2/ORYej
CuYfhypHeud9D+9hlrB+K+AZJYUM1cCwsZ539dSB351rjlQe6yNOetP1egh3hY8K
5lKkoySSSo1ie0ze6o9X8ZP4/YytMagnyDRfyiSuRPodNR7tQC9bIukm+/F+nUo5
KzSAFHOK/7eYjEojlL5YP4uM2EarB74WmqE32O2049B2xGWSm/FMUxvtDy5M3vOp
cDvLbJKPqll4QB0XyEbaSxRySvUFDDgLY4O6H+YGrXEz2vmwxOAOvj6LEZIckRLM
yDbUrL50jQ+4WGaSA1JORDDB3OTjIi8NUQQXphaGMbI2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:03 2025 by rpki-client