Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ONgq3FmZl-QxdUscLuk5ckAqWTs.roa
File: ONgq3FmZl-QxdUscLuk5ckAqWTs.roa (raw, json)
Hash identifier: THu450MhZstVGYcnudg5PVUQ04asJJGv5Od6czHul/4=
Subject key identifier: 38:D8:2A:DC:59:99:97:E4:31:75:4B:1C:2E:E9:39:72:40:2A:59:3B
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194976DDB603EEDD4A032A4AF27FBDE3886
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ONgq3FmZl-QxdUscLuk5ckAqWTs.roa
Signing time: Fri 24 Jan 2025 08:29:06 +0000
ROA not before: Fri 24 Jan 2025 08:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 192.71.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:6d:db:60:3e:ed:d4:a0:32:a4:af:27:fb:de:38:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 24 08:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38d82adc599997e431754b1c2ee93972402a593b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8f:91:63:75:28:ba:35:d8:eb:78:3f:33:26:
29:b3:47:81:14:2d:04:98:50:6c:5d:bb:76:f8:97:
9e:1a:f8:91:c4:c1:75:a5:65:66:c6:e8:f4:a9:18:
e2:a5:0b:6c:31:fd:85:b2:fd:f5:e3:fb:b6:70:7c:
cf:ef:23:0c:1e:23:41:50:ff:79:1e:43:43:11:a8:
e1:5e:64:68:83:c1:cf:17:87:f6:15:c9:7e:b5:84:
1f:5d:c1:9c:13:14:c9:62:b3:8d:42:de:4c:81:2b:
3e:8a:c8:ce:f3:d1:c8:4d:a5:99:6e:a4:ec:d2:ad:
28:3f:5f:93:4b:cc:8b:3f:15:f1:2a:e4:bf:f5:1d:
35:31:7a:52:07:dd:33:3a:57:c0:b4:14:18:e0:26:
c0:52:56:a9:03:0f:bc:80:96:1a:5d:c2:7d:01:de:
e0:21:97:11:b3:88:25:19:53:78:ce:6f:da:be:5c:
e2:3b:a6:d8:7b:60:de:08:03:49:dc:be:82:1f:2d:
c8:fe:c8:56:d0:f8:f1:16:80:69:6a:c9:e3:f8:ee:
fd:3f:ec:98:dd:37:cd:2c:94:68:e8:37:c6:0e:56:
52:89:00:73:7e:52:d2:95:bd:ea:cd:6f:be:65:a7:
fa:47:80:09:bc:d8:94:52:4b:d4:ee:5c:12:0a:f4:
2f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D8:2A:DC:59:99:97:E4:31:75:4B:1C:2E:E9:39:72:40:2A:59:3B
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ONgq3FmZl-QxdUscLuk5ckAqWTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.82.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:71:46:47:3c:b0:d6:f9:c3:a3:aa:15:85:e0:05:ce:ad:de:
16:6a:0b:46:6d:b1:6e:74:69:68:aa:b3:b4:34:5c:dd:28:38:
c5:0d:0d:75:45:32:e0:51:93:f7:31:72:b1:6b:7d:a4:04:23:
2a:a0:87:45:ee:ab:48:d3:e6:24:64:82:12:88:35:68:78:ca:
14:19:c5:b4:36:fb:89:52:e2:ff:9a:9f:2f:0a:30:87:7e:0b:
e0:2c:59:a8:c6:c9:81:bf:96:2f:e9:ef:04:b3:b1:48:89:b1:
0d:05:4e:a5:76:97:3b:2c:1a:c1:2c:90:2f:01:34:5e:71:6d:
22:b5:b1:ae:00:a9:5d:b4:29:2a:c6:b8:4c:be:0f:2c:d8:e1:
fc:50:3b:23:e5:3d:c0:16:7b:fd:41:db:99:4a:3a:75:e8:ef:
57:a3:63:bd:58:cd:2d:04:1d:14:f6:c3:a1:05:e4:93:27:e8:
5d:9e:2d:5f:1a:2e:85:64:ae:c9:7c:43:63:f7:1d:7b:94:33:
16:0a:74:de:ff:3e:39:d2:28:b8:27:ea:67:2f:7e:ee:0c:ae:
7d:a6:6a:a5:cd:08:b9:b8:de:02:50:ef:40:c2:6e:1a:c7:83:
e0:1c:26:8f:f9:5a:b3:d9:a7:5c:6a:8b:f2:21:41:ac:03:89:
e9:3d:e8:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSXbdtgPu3UoDKkryf73jiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTI0MDgyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ4MmFkYzU5OTk5N2U0MzE3NTRiMWMyZWU5Mzk3MjQwMmE1OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY+RY3UoujXY63g/MyYps0eBFC0E
mFBsXbt2+JeeGviRxMF1pWVmxuj0qRjipQtsMf2Fsv314/u2cHzP7yMMHiNBUP95
HkNDEajhXmRog8HPF4f2Fcl+tYQfXcGcExTJYrONQt5MgSs+isjO89HITaWZbqTs
0q0oP1+TS8yLPxXxKuS/9R01MXpSB90zOlfAtBQY4CbAUlapAw+8gJYaXcJ9Ad7g
IZcRs4glGVN4zm/avlziO6bYe2DeCANJ3L6CHy3I/shW0PjxFoBpasnj+O79P+yY
3TfNLJRo6DfGDlZSiQBzflLSlb3qzW++Zaf6R4AJvNiUUkvU7lwSCvQvMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjYKtxZmZfkMXVLHC7pOXJAKlk7MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvT05ncTNGbVpsLVF4ZFVzY0x1azVja0FxV1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEdSMA0G
CSqGSIb3DQEBCwUAA4IBAQAacUZHPLDW+cOjqhWF4AXOrd4WagtGbbFudGloqrO0
NFzdKDjFDQ11RTLgUZP3MXKxa32kBCMqoIdF7qtI0+YkZIISiDVoeMoUGcW0NvuJ
UuL/mp8vCjCHfgvgLFmoxsmBv5Yv6e8Es7FIibENBU6ldpc7LBrBLJAvATRecW0i
tbGuAKldtCkqxrhMvg8s2OH8UDsj5T3AFnv9QduZSjp16O9Xo2O9WM0tBB0U9sOh
BeSTJ+hdni1fGi6FZK7JfENj9x17lDMWCnTe/z450ii4J+pnL37uDK59pmqlzQi5
uN4CUO9Awm4ax4PgHCaP+Vqz2adcaovyIUGsA4npPeil
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:17 2025 by rpki-client