Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/O8qqC25tBrY6fAwwVTS8g19xy8U.roa
File: O8qqC25tBrY6fAwwVTS8g19xy8U.roa (raw, json)
Hash identifier: ODonhEuEWg8UnJ022o90Q1pI71HWytXF8jCGCBtrnqU=
Subject key identifier: 3B:CA:AA:0B:6E:6D:06:B6:3A:7C:0C:30:55:34:BC:83:5F:71:CB:C5
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427483A3D0E422A8319C02235B49C85CF
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/O8qqC25tBrY6fAwwVTS8g19xy8U.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2859
IP address blocks: 192.121.121.0/24 maxlen: 24
194.68.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3a:3d:0e:42:2a:83:19:c0:22:35:b4:9c:85:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bcaaa0b6e6d06b63a7c0c305534bc835f71cbc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c5:97:4d:ae:59:5c:6e:e4:36:c9:5a:9a:89:
b4:82:8f:25:95:cf:8b:fd:eb:a7:15:86:4d:2f:6a:
bb:e6:47:fc:19:ae:1d:70:dd:bc:bf:c5:fe:fd:16:
d6:f8:4c:17:25:79:af:08:03:83:e4:6e:68:8d:3a:
c5:68:f8:70:2c:9a:cf:56:ff:54:7d:2b:7d:d4:48:
28:8a:ac:b3:e6:f5:3a:f8:78:d6:7c:61:93:74:e1:
61:db:39:fb:45:91:ac:2c:0b:86:d1:82:52:90:62:
61:74:e1:c0:81:3e:37:97:31:09:66:d7:7f:d3:d9:
11:ca:25:79:f9:75:b5:62:69:df:13:dd:53:6b:28:
64:de:90:37:2e:a3:76:25:08:3b:15:0d:4e:d2:f4:
1b:3e:0f:c1:ee:3f:9c:9f:b2:37:62:76:9c:9c:a6:
dd:8c:e5:1e:e1:e7:73:17:51:b2:33:4c:0a:66:1b:
45:8e:a2:58:d1:0f:b7:51:e5:3b:11:a4:f0:61:a6:
6c:fc:a7:f4:b9:96:25:2f:6b:31:a8:71:60:59:1f:
c3:1d:48:07:c5:5c:3f:73:6f:9b:9a:78:9b:66:0d:
83:40:0b:1c:c2:4f:e8:83:e3:04:84:1b:3c:87:1b:
04:2b:69:01:4d:a7:b2:81:07:7d:33:25:4a:47:95:
69:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CA:AA:0B:6E:6D:06:B6:3A:7C:0C:30:55:34:BC:83:5F:71:CB:C5
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/O8qqC25tBrY6fAwwVTS8g19xy8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.121.0/24
194.68.230.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:c1:c0:36:99:f7:93:44:ad:4e:a3:05:b6:e7:49:2a:9e:2c:
f1:ed:73:a4:ec:27:98:5c:ae:cb:fb:50:8e:1d:d1:9c:e2:d4:
f7:65:26:9f:cc:bc:7c:22:31:f8:3c:05:5c:e9:f6:17:c0:cc:
f5:64:7d:02:53:c1:77:7d:f9:82:c1:3e:b9:12:b9:66:5f:fd:
44:7f:4b:eb:f6:dc:c4:8e:8a:1c:cd:ee:ef:31:74:3c:39:e0:
c3:c1:2f:7f:29:03:db:3f:38:1f:a6:08:09:9d:eb:fe:5c:bb:
05:56:39:a0:61:90:6c:18:52:fd:52:fd:5d:aa:fb:46:6f:0f:
7d:e9:e9:fd:51:64:8a:f6:d5:56:df:94:77:f8:52:47:d5:2c:
57:a6:f0:51:c6:6a:3a:3b:1b:c3:83:2c:ab:05:b5:07:b9:36:
06:15:23:93:16:a9:80:13:f6:09:7d:59:10:c2:53:4d:96:be:
34:8e:b6:b6:e6:74:f0:2e:d6:b4:e9:f2:cb:ac:85:cd:58:8b:
20:80:6b:30:30:e2:a5:bd:d8:92:ea:a0:c6:1a:49:0e:c4:77:
9c:52:f2:be:bb:92:a0:8c:22:f3:09:2c:7c:6d:2a:a5:61:8b:
16:4e:22:00:70:39:0f:0e:f4:34:b7:15:e9:5f:a8:8b:a0:e5:
a8:35:ed:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSDo9DkIqgxnAIjW0nIXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNhYWEwYjZlNmQwNmI2M2E3YzBjMzA1NTM0YmM4MzVmNzFjYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MWXTa5ZXG7kNslamom0go8llc+L
/eunFYZNL2q75kf8Ga4dcN28v8X+/RbW+EwXJXmvCAOD5G5ojTrFaPhwLJrPVv9U
fSt91Egoiqyz5vU6+HjWfGGTdOFh2zn7RZGsLAuG0YJSkGJhdOHAgT43lzEJZtd/
09kRyiV5+XW1YmnfE91Tayhk3pA3LqN2JQg7FQ1O0vQbPg/B7j+cn7I3YnacnKbd
jOUe4edzF1GyM0wKZhtFjqJY0Q+3UeU7EaTwYaZs/Kf0uZYlL2sxqHFgWR/DHUgH
xVw/c2+bmnibZg2DQAscwk/og+MEhBs8hxsEK2kBTaeygQd9MyVKR5VpwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDvKqgtubQa2OnwMMFU0vINfccvFMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTzhxcUMyNXRCclk2ZkF3d1ZUUzhnMTl4eThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHl5AwQA
wkTmMA0GCSqGSIb3DQEBCwUAA4IBAQC6wcA2mfeTRK1OowW250kqnizx7XOk7CeY
XK7L+1COHdGc4tT3ZSafzLx8IjH4PAVc6fYXwMz1ZH0CU8F3ffmCwT65ErlmX/1E
f0vr9tzEjoocze7vMXQ8OeDDwS9/KQPbPzgfpggJnev+XLsFVjmgYZBsGFL9Uv1d
qvtGbw996en9UWSK9tVW35R3+FJH1SxXpvBRxmo6OxvDgyyrBbUHuTYGFSOTFqmA
E/YJfVkQwlNNlr40jra25nTwLta06fLLrIXNWIsggGswMOKlvdiS6qDGGkkOxHec
UvK+u5KgjCLzCSx8bSqlYYsWTiIAcDkPDvQ0txXpX6iLoOWoNe3+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:46 2025 by rpki-client