Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/oTWQynDMuokVxgCC3scF41MPP1o.roa
File: oTWQynDMuokVxgCC3scF41MPP1o.roa (raw, json)
Hash identifier: g0Bup2p5b+SvxKWd8J3UiRUXUFS1Jebwoi2iOhjQxSI=
Subject key identifier: A1:35:90:CA:70:CC:BA:89:15:C6:00:82:DE:C7:05:E3:53:0F:3F:5A
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 01954B55A94C9096D54A6935043950DBFE09
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/oTWQynDMuokVxgCC3scF41MPP1o.roa
Signing time: Fri 28 Feb 2025 06:54:19 +0000
ROA not before: Fri 28 Feb 2025 06:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.55.1.0/24 maxlen: 24
84.55.3.0/24 maxlen: 24
84.55.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:55:a9:4c:90:96:d5:4a:69:35:04:39:50:db:fe:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Feb 28 06:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a13590ca70ccba8915c60082dec705e3530f3f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:af:ee:2e:4b:a8:5a:b4:c1:53:9e:fe:f2:6a:
19:99:25:26:cd:41:19:2e:79:75:57:ce:be:ad:7e:
e7:e1:0b:8e:0b:49:fe:5d:90:5e:f6:fd:57:dc:77:
49:45:61:7c:dc:91:58:44:27:33:d9:c8:f0:8b:bb:
24:d6:5e:bb:34:f8:23:43:a9:5f:70:1f:e1:d1:66:
5c:4e:ca:54:f8:47:19:72:d8:ef:b6:59:29:2f:1e:
7c:39:0f:d2:44:81:72:f1:0f:2c:b8:0f:09:56:e2:
90:50:b7:6c:17:10:df:72:ca:35:46:98:b8:6f:0c:
77:81:d5:e7:e1:a7:d4:a8:d4:6e:68:69:2d:04:cc:
c3:e0:a9:6f:74:84:21:05:52:04:d4:24:fc:51:f9:
48:30:16:81:2b:31:37:77:85:b5:2c:47:9d:cf:5e:
42:29:86:e6:b2:3c:b9:4e:48:b6:8e:63:c3:e3:fd:
23:ab:b2:f2:79:a3:b7:9e:4d:9a:01:06:b2:7a:a6:
16:38:45:0b:37:5b:71:22:d1:39:19:d2:b9:c7:71:
d7:f3:da:97:ab:f4:d2:e0:27:82:6b:f7:76:08:6b:
a4:b5:96:6f:28:0b:0a:f8:bf:28:f8:bb:24:c2:21:
03:52:df:c2:80:16:56:bd:df:0f:7a:55:0b:4f:0a:
d1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:35:90:CA:70:CC:BA:89:15:C6:00:82:DE:C7:05:E3:53:0F:3F:5A
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/oTWQynDMuokVxgCC3scF41MPP1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.1.0/24
84.55.3.0/24
84.55.8.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:03:78:bf:ab:4d:4a:33:e6:2a:f8:07:8c:23:d8:3a:11:f9:
c7:6d:56:90:8c:67:03:15:62:70:b2:d2:78:0e:7c:03:82:ef:
b4:6a:26:02:0c:30:b2:b1:f8:9f:be:f7:45:7f:bd:90:3a:9a:
62:1e:1f:0f:99:20:7c:34:7f:70:07:66:07:5c:c3:76:13:d5:
fc:f8:3d:a8:45:47:8f:a5:02:ce:7b:ea:43:4c:55:75:19:8a:
fe:8f:43:95:a9:84:51:8b:f9:45:61:75:95:10:ca:59:18:15:
c2:24:99:4c:44:19:67:47:d5:2d:a7:25:05:1f:9b:ff:09:12:
9b:99:f8:24:e2:20:fc:62:6b:13:1c:03:3b:2d:a2:54:de:25:
77:d1:aa:74:e8:14:0a:21:55:f0:2a:d6:a7:5c:b2:eb:9b:9b:
34:70:2b:df:d8:d1:ab:be:08:97:66:3a:f3:af:dd:69:79:d8:
24:06:64:9a:d9:3d:eb:a3:ad:41:03:81:ac:a3:93:45:67:36:
93:9d:86:2f:5e:06:51:e7:a2:22:62:8f:10:8a:14:68:3b:0b:
14:fc:eb:66:b8:ec:eb:d2:b5:a1:8e:9e:86:07:89:60:89:70:
22:2b:4f:5a:3d:80:cd:1e:69:81:aa:f0:0b:01:1c:5b:da:9f:
ff:27:2b:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVLValMkJbVSmk1BDlQ2/4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwMjI4MDY1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM1OTBjYTcwY2NiYTg5MTVjNjAwODJkZWM3MDVlMzUzMGYzZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvK/uLkuoWrTBU57+8moZmSUmzUEZ
Lnl1V86+rX7n4QuOC0n+XZBe9v1X3HdJRWF83JFYRCcz2cjwi7sk1l67NPgjQ6lf
cB/h0WZcTspU+EcZctjvtlkpLx58OQ/SRIFy8Q8suA8JVuKQULdsFxDfcso1Rpi4
bwx3gdXn4afUqNRuaGktBMzD4KlvdIQhBVIE1CT8UflIMBaBKzE3d4W1LEedz15C
KYbmsjy5Tki2jmPD4/0jq7LyeaO3nk2aAQayeqYWOEULN1txItE5GdK5x3HX89qX
q/TS4CeCa/d2CGuktZZvKAsK+L8o+LskwiEDUt/CgBZWvd8PelULTwrR+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKE1kMpwzLqJFcYAgt7HBeNTDz9aMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvb1RXUXluRE11b2tWeGdDQzNzY0Y0MU1QUDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVDcBAwQA
VDcDAwQCVDcIMA0GCSqGSIb3DQEBCwUAA4IBAQBrA3i/q01KM+Yq+AeMI9g6EfnH
bVaQjGcDFWJwstJ4DnwDgu+0aiYCDDCysfifvvdFf72QOppiHh8PmSB8NH9wB2YH
XMN2E9X8+D2oRUePpQLOe+pDTFV1GYr+j0OVqYRRi/lFYXWVEMpZGBXCJJlMRBln
R9UtpyUFH5v/CRKbmfgk4iD8YmsTHAM7LaJU3iV30ap06BQKIVXwKtanXLLrm5s0
cCvf2NGrvgiXZjrzr91pedgkBmSa2T3ro61BA4Gso5NFZzaTnYYvXgZR56IiYo8Q
ihRoOwsU/OtmuOzr0rWhjp6GB4lgiXAiK09aPYDNHmmBqvALARxb2p//Jyuz
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:47:52 2025 by rpki-client