Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/OlpTwRewUUoYI7RfJhmlY-YBlzY.roa
File: OlpTwRewUUoYI7RfJhmlY-YBlzY.roa (raw, json)
Hash identifier: uli2QopUr/oh7N8p0+sVfdLGs2dH4jdqNFi2M9558Ko=
Subject key identifier: 3A:5A:53:C1:17:B0:51:4A:18:23:B4:5F:26:19:A5:63:E6:01:97:36
Certificate issuer: /CN=ffc381f53f25dbc2a0efabf889fca32419958dd0
Certificate serial: 01942826D3D63DE328B6B73AB9F6EC6EAF64
Authority key identifier: FF:C3:81:F5:3F:25:DB:C2:A0:EF:AB:F8:89:FC:A3:24:19:95:8D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_8OB9T8l28Kg76v4ifyjJBmVjdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/OlpTwRewUUoYI7RfJhmlY-YBlzY.roa
Signing time: Thu 02 Jan 2025 17:53:40 +0000
ROA not before: Thu 02 Jan 2025 17:53:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48254
IP address blocks: 212.78.75.0/24 maxlen: 24
212.78.76.0/23 maxlen: 24
212.78.78.0/24 maxlen: 24
212.78.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:d3:d6:3d:e3:28:b6:b7:3a:b9:f6:ec:6e:af:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffc381f53f25dbc2a0efabf889fca32419958dd0
Validity
Not Before: Jan 2 17:53:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a5a53c117b0514a1823b45f2619a563e6019736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:60:59:4d:ba:cb:cf:28:1d:bf:aa:1e:36:5d:
15:3e:cc:de:0b:0f:32:68:42:02:da:78:25:35:82:
ae:f7:e4:2a:54:b2:83:79:03:1c:31:90:99:9f:51:
94:f6:eb:c9:bc:dd:40:c7:01:db:39:6c:64:c5:a7:
bd:2c:b9:78:65:e6:23:14:0f:32:17:15:0e:9d:6d:
37:9b:3d:65:9d:3d:4a:b4:07:82:e1:8e:11:0a:03:
83:cf:bc:03:9a:1e:23:b3:0b:f7:63:74:5c:4c:53:
72:cc:ca:6d:7e:d8:a0:34:14:ac:20:41:c9:73:e5:
1f:dd:f4:ff:ac:07:ff:f5:49:10:f4:e6:a8:7d:31:
43:a1:12:36:50:a7:f0:f3:e1:f2:43:4c:c6:ac:67:
29:b4:86:d1:52:25:52:04:d3:88:6b:f5:7b:2f:da:
95:61:f7:12:ef:71:4b:e3:c6:a3:76:ff:cb:c8:bb:
74:db:eb:9c:82:03:35:88:7c:90:fd:94:72:f2:32:
4b:14:7c:cc:dd:23:a6:54:df:d1:cc:13:86:ad:95:
d3:76:f2:e2:0f:f2:05:f7:26:98:c0:d1:b0:9f:a2:
98:9a:1c:72:0d:3c:a9:f2:87:10:c8:c9:60:f0:f9:
1f:7f:db:cb:3d:3e:5e:b3:ee:5f:8b:2c:32:6f:90:
48:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5A:53:C1:17:B0:51:4A:18:23:B4:5F:26:19:A5:63:E6:01:97:36
X509v3 Authority Key Identifier:
keyid:FF:C3:81:F5:3F:25:DB:C2:A0:EF:AB:F8:89:FC:A3:24:19:95:8D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8OB9T8l28Kg76v4ifyjJBmVjdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/OlpTwRewUUoYI7RfJhmlY-YBlzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/_8OB9T8l28Kg76v4ifyjJBmVjdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.78.75.0-212.78.78.255
212.78.85.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:3d:55:70:65:18:be:33:e9:50:03:0d:fb:a3:e1:47:2e:46:
73:79:0b:b7:ab:91:13:03:7c:45:56:93:d2:16:74:d0:2d:b0:
b8:e9:1b:bf:76:35:e7:82:2f:5f:1b:c1:8e:a3:fd:66:08:ac:
26:e1:3e:a5:61:bb:0f:e5:8b:bf:2b:9c:1c:08:5a:62:e0:35:
3f:e7:f6:dc:95:9d:8f:21:83:ad:7c:6f:3b:2f:ed:e2:a6:b4:
73:a6:85:90:f7:7c:ae:74:4c:02:02:43:ee:4f:af:54:0c:f7:
07:30:88:c9:8e:89:5c:46:5d:d5:2d:5f:d3:c0:84:ef:82:7d:
b3:f6:cf:03:dd:74:30:3d:66:d9:53:6c:9b:cb:18:83:f2:b7:
90:4c:48:49:c6:22:63:cd:02:a2:63:9a:b2:f5:6f:3a:ca:61:
ea:03:86:5d:af:be:21:d8:29:cd:5f:68:aa:9f:ec:ff:fa:2e:
c5:8c:55:be:d8:29:c4:fd:09:97:9c:54:06:84:6a:8e:bb:03:
f0:21:3b:40:96:fc:62:dd:28:71:4c:dd:13:10:0b:1f:2e:18:
f7:88:29:46:a6:b8:52:cc:da:73:0c:94:c3:9d:be:d7:f0:9b:
5b:f0:28:fa:0c:20:98:44:5f:70:bd:c9:4d:5f:d5:64:4b:65:
34:32:b0:53
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQoJtPWPeMotrc6ufbsbq9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYzM4MWY1M2YyNWRiYzJhMGVmYWJmODg5ZmNhMzI0MTk5
NThkZDAwHhcNMjUwMTAyMTc1MzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVhNTNjMTE3YjA1MTRhMTgyM2I0NWYyNjE5YTU2M2U2MDE5NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GBZTbrLzygdv6oeNl0VPszeCw8y
aEIC2nglNYKu9+QqVLKDeQMcMZCZn1GU9uvJvN1AxwHbOWxkxae9LLl4ZeYjFA8y
FxUOnW03mz1lnT1KtAeC4Y4RCgODz7wDmh4jswv3Y3RcTFNyzMptftigNBSsIEHJ
c+Uf3fT/rAf/9UkQ9OaofTFDoRI2UKfw8+HyQ0zGrGcptIbRUiVSBNOIa/V7L9qV
YfcS73FL48ajdv/LyLt02+ucggM1iHyQ/ZRy8jJLFHzM3SOmVN/RzBOGrZXTdvLi
D/IF9yaYwNGwn6KYmhxyDTyp8ocQyMlg8Pkff9vLPT5es+5fiywyb5BIhQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDpaU8EXsFFKGCO0XyYZpWPmAZc2MB8GA1UdIwQY
MBaAFP/DgfU/JdvCoO+r+In8oyQZlY3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzhPQjlUOGwyOEtnNzZ2NGlmeWpKQm1WamRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9iNjRlNDItYjlkZS00YzY2LTllZDkt
NmZlMzQ4MDVhNmM2LzEvT2xwVHdSZXdVVW9ZSTdSZkpobWxZLVlCbHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9iNjRlNDItYjlkZS00YzY2LTllZDktNmZlMzQ4MDVhNmM2
LzEvXzhPQjlUOGwyOEtnNzZ2NGlmeWpKQm1WamRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADUTksD
BADUTk4DBADUTlUwDQYJKoZIhvcNAQELBQADggEBAAw9VXBlGL4z6VADDfuj4Ucu
RnN5C7erkRMDfEVWk9IWdNAtsLjpG792NeeCL18bwY6j/WYIrCbhPqVhuw/li78r
nBwIWmLgNT/n9tyVnY8hg618bzsv7eKmtHOmhZD3fK50TAICQ+5Pr1QM9wcwiMmO
iVxGXdUtX9PAhO+CfbP2zwPddDA9ZtlTbJvLGIPyt5BMSEnGImPNAqJjmrL1bzrK
YeoDhl2vviHYKc1faKqf7P/6LsWMVb7YKcT9CZecVAaEao67A/AhO0CW/GLdKHFM
3RMQCx8uGPeIKUamuFLM2nMMlMOdvtfwm1vwKPoMIJhEX3C9yU1f1WRLZTQysFM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:24 2025 by rpki-client