Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ac410a-49a0-4e38-ae3b-5ca5bf67e69d/1/OMbZd0oMEm_QIjks--uRJGN4y5M.roa
File: OMbZd0oMEm_QIjks--uRJGN4y5M.roa (raw, json)
Hash identifier: 2C4hKYHL225DCtbyLF+lCQiryUKSF8Kh4U19sknSCVc=
Subject key identifier: 38:C6:D9:77:4A:0C:12:6F:D0:22:39:2C:FB:EB:91:24:63:78:CB:93
Certificate issuer: /CN=d3367dba3a220060e67d4ec680b0f99f247a872c
Certificate serial: 01856E38B095A1E3C34E8A9C8293A7572B4C
Authority key identifier: D3:36:7D:BA:3A:22:00:60:E6:7D:4E:C6:80:B0:F9:9F:24:7A:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0zZ9ujoiAGDmfU7GgLD5nyR6hyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ac410a-49a0-4e38-ae3b-5ca5bf67e69d/1/OMbZd0oMEm_QIjks--uRJGN4y5M.roa
Signing time: Sun 01 Jan 2023 16:44:46 +0000
ROA not before: Sun 01 Jan 2023 16:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 176.116.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:b0:95:a1:e3:c3:4e:8a:9c:82:93:a7:57:2b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3367dba3a220060e67d4ec680b0f99f247a872c
Validity
Not Before: Jan 1 16:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38c6d9774a0c126fd022392cfbeb91246378cb93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cb:0f:2f:d0:53:6f:64:1b:b3:0c:66:d9:95:
64:23:26:71:ab:98:ff:26:3d:54:a5:cb:45:ce:90:
7d:cb:d5:e8:3c:b7:2f:20:50:ba:85:d9:80:a2:47:
15:fd:ba:8d:4f:f5:c7:33:4a:9f:8f:a3:d2:94:d3:
25:8e:2b:c6:47:16:64:26:90:53:64:51:a5:ab:94:
4c:9c:2f:92:bf:5f:ef:3e:fe:5e:84:18:30:9b:8f:
54:14:f6:21:0f:04:5a:4d:84:c6:ff:42:41:db:ad:
bd:09:a2:ce:eb:6d:d1:f7:88:cf:43:fb:ab:b0:2d:
da:b9:e1:07:70:9f:8b:12:51:0f:d6:89:8c:01:63:
a2:97:92:8e:b7:03:a6:2a:45:20:3f:37:b5:2f:09:
bd:7f:e6:d0:93:6d:fa:5d:ac:d7:bd:d2:bd:f7:4f:
df:05:3c:44:28:4f:31:71:7e:a8:65:34:ca:0a:42:
7f:5f:2d:4b:9d:6e:24:1c:13:11:46:66:74:30:16:
ee:fb:f9:d9:4f:cd:61:67:8d:8c:8b:68:2c:33:a0:
3e:4f:1a:37:f6:d3:ef:7e:9f:27:87:51:ad:0e:27:
83:1b:82:fd:7d:e0:28:b5:55:29:89:d1:ec:0d:d9:
5e:5d:1e:26:96:1d:39:b7:e9:24:79:7f:96:54:26:
44:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C6:D9:77:4A:0C:12:6F:D0:22:39:2C:FB:EB:91:24:63:78:CB:93
X509v3 Authority Key Identifier:
keyid:D3:36:7D:BA:3A:22:00:60:E6:7D:4E:C6:80:B0:F9:9F:24:7A:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zZ9ujoiAGDmfU7GgLD5nyR6hyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ac410a-49a0-4e38-ae3b-5ca5bf67e69d/1/OMbZd0oMEm_QIjks--uRJGN4y5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ac410a-49a0-4e38-ae3b-5ca5bf67e69d/1/0zZ9ujoiAGDmfU7GgLD5nyR6hyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.21.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:93:7f:81:43:f8:02:c2:30:23:26:f8:55:84:9b:8d:2a:2e:
a5:85:fc:6a:26:d1:26:8e:95:03:bc:08:e6:37:8d:2e:2d:9f:
ce:3e:c6:8f:ca:b9:c2:61:36:58:16:15:5d:57:31:92:80:f6:
62:a4:18:b0:ba:66:7d:de:ae:be:3e:69:88:c8:dd:76:01:9f:
ae:91:38:63:2b:5d:89:54:37:0a:7b:ba:df:c5:68:d4:41:e9:
03:b9:06:3f:53:cc:c6:c4:03:0c:fe:05:bc:ea:76:32:3c:3d:
d0:be:65:59:df:75:83:32:70:71:ba:0d:1c:40:6c:40:31:56:
28:7f:8d:f7:d3:82:7d:1d:c0:82:dc:88:4b:0f:10:84:12:f1:
fd:c9:7c:7d:3f:e7:44:bf:35:2a:3c:a7:62:2b:3b:cd:11:85:
43:bc:30:99:19:41:12:74:51:40:64:0c:fc:6d:c9:72:6f:1b:
80:d7:54:eb:5f:4b:a1:30:4d:2a:5e:95:3a:a3:6e:cc:7a:8d:
b9:78:5e:01:37:c2:13:0d:3b:76:eb:63:26:46:75:24:b2:c1:
23:cc:2c:61:3f:1b:29:57:bd:42:99:ff:32:0c:22:f1:88:d1:
e9:49:f4:bf:26:9f:88:70:81:bb:7d:81:5c:83:e0:54:f2:4b:
c1:ed:83:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOLCVoePDToqcgpOnVytMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMzY3ZGJhM2EyMjAwNjBlNjdkNGVjNjgwYjBmOTlmMjQ3
YTg3MmMwHhcNMjMwMTAxMTY0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM2ZDk3NzRhMGMxMjZmZDAyMjM5MmNmYmViOTEyNDYzNzhjYjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMsPL9BTb2Qbswxm2ZVkIyZxq5j/
Jj1UpctFzpB9y9XoPLcvIFC6hdmAokcV/bqNT/XHM0qfj6PSlNMljivGRxZkJpBT
ZFGlq5RMnC+Sv1/vPv5ehBgwm49UFPYhDwRaTYTG/0JB2629CaLO623R94jPQ/ur
sC3aueEHcJ+LElEP1omMAWOil5KOtwOmKkUgPze1Lwm9f+bQk236XazXvdK990/f
BTxEKE8xcX6oZTTKCkJ/Xy1LnW4kHBMRRmZ0MBbu+/nZT81hZ42Mi2gsM6A+Txo3
9tPvfp8nh1GtDieDG4L9feAotVUpidHsDdleXR4mlh05t+kkeX+WVCZEsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjG2XdKDBJv0CI5LPvrkSRjeMuTMB8GA1UdIwQY
MBaAFNM2fbo6IgBg5n1OxoCw+Z8keocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHpaOXVqb2lBR0RtZlU3R2dMRDVueVI2aHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hYzQxMGEtNDlhMC00ZTM4LWFlM2It
NWNhNWJmNjdlNjlkLzEvT01iWmQwb01FbV9RSWprcy0tdVJKR040eTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hYzQxMGEtNDlhMC00ZTM4LWFlM2ItNWNhNWJmNjdlNjlk
LzEvMHpaOXVqb2lBR0RtZlU3R2dMRDVueVI2aHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQVMA0G
CSqGSIb3DQEBCwUAA4IBAQAOk3+BQ/gCwjAjJvhVhJuNKi6lhfxqJtEmjpUDvAjm
N40uLZ/OPsaPyrnCYTZYFhVdVzGSgPZipBiwumZ93q6+PmmIyN12AZ+ukThjK12J
VDcKe7rfxWjUQekDuQY/U8zGxAMM/gW86nYyPD3QvmVZ33WDMnBxug0cQGxAMVYo
f43304J9HcCC3IhLDxCEEvH9yXx9P+dEvzUqPKdiKzvNEYVDvDCZGUESdFFAZAz8
bclybxuA11TrX0uhME0qXpU6o27Meo25eF4BN8ITDTt262MmRnUkssEjzCxhPxsp
V71Cmf8yDCLxiNHpSfS/Jp+IcIG7fYFcg+BU8kvB7YNF
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:51:36 2025 by rpki-client