Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/oI0m6JBhMDS_eEyHOtg7vo158Js.roa
File: oI0m6JBhMDS_eEyHOtg7vo158Js.roa (raw, json)
Hash identifier: l4BG5WDsCRX9NtPnj37JkO0LvM0tJm7+HRwBv6mDOds=
Subject key identifier: A0:8D:26:E8:90:61:30:34:BF:78:4C:87:3A:D8:3B:BE:8D:79:F0:9B
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 019422FB361EF7A0A43BD17231E8071E6146
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/oI0m6JBhMDS_eEyHOtg7vo158Js.roa
Signing time: Wed 01 Jan 2025 17:47:56 +0000
ROA not before: Wed 01 Jan 2025 17:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51358
IP address blocks: 192.109.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:36:1e:f7:a0:a4:3b:d1:72:31:e8:07:1e:61:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 17:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a08d26e890613034bf784c873ad83bbe8d79f09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b1:53:1e:50:4f:64:e7:ee:88:f0:b5:2c:2d:
5c:7b:e3:94:cb:0a:a0:39:eb:b9:77:26:49:76:d0:
7c:bc:6b:5b:69:fd:01:57:02:11:a0:02:37:26:88:
64:0b:70:ff:21:88:fb:43:4e:a1:99:d1:8c:2a:d6:
a8:3a:3b:e3:a3:b7:e7:de:dc:d7:cf:f4:cb:91:dd:
35:7d:7c:7c:0e:cc:c8:95:31:58:41:09:ed:86:56:
ea:85:78:16:02:2c:14:c2:0e:c4:0f:b6:af:b8:bd:
cc:3f:89:38:1e:7f:2e:a9:16:b1:86:93:6e:78:f9:
4c:d6:47:7e:88:b0:24:7a:a8:e4:64:b3:aa:7c:9a:
b0:db:29:4e:1b:fb:94:3c:bc:ed:85:c5:37:51:61:
80:6a:75:65:22:0f:c8:6b:e8:f1:3a:13:c2:29:19:
0a:5c:99:9e:b0:e6:f0:f2:8c:83:27:82:27:85:02:
89:ae:95:a1:95:ab:d0:81:da:1c:22:be:64:ec:89:
06:90:0e:d3:77:ce:21:00:a1:e3:2a:cb:75:68:44:
70:0a:02:19:a1:90:9a:8a:11:db:67:05:8e:28:6e:
db:4a:aa:98:d7:38:e3:8d:ca:fc:9e:5a:fa:0a:94:
21:0b:5a:54:3f:56:d6:8c:dc:5e:36:ac:80:dd:c4:
e5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:8D:26:E8:90:61:30:34:BF:78:4C:87:3A:D8:3B:BE:8D:79:F0:9B
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/oI0m6JBhMDS_eEyHOtg7vo158Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.138.0/24
Signature Algorithm: sha256WithRSAEncryption
79:61:cb:bc:87:a8:43:77:c4:88:fc:85:2c:d7:73:be:d6:46:
8f:38:4b:8b:cd:9e:b8:df:53:b0:0d:63:a8:2f:09:cb:56:10:
16:19:8f:0a:96:42:a0:e8:95:06:df:a3:23:4f:67:b0:19:56:
a8:2b:68:6d:8f:8d:95:bf:41:67:0e:1f:8c:4e:6f:49:32:db:
63:85:30:0f:a5:c9:94:4e:71:a6:d9:99:95:85:47:bb:65:78:
55:b2:fb:eb:b4:4f:34:58:8e:91:a9:c1:3a:03:4d:81:b1:44:
70:ae:7c:e7:d8:5a:77:ae:f5:79:61:60:c6:11:0f:34:8b:9c:
f9:b0:8d:31:ab:16:11:85:63:99:f2:8a:e8:11:8a:3b:a5:8e:
e9:e5:96:95:b1:c9:73:9a:6c:f5:df:9a:88:d9:65:e5:bb:d9:
4d:2c:a5:e1:be:80:bf:f7:22:8e:43:27:cd:e2:c8:da:68:25:
97:8c:21:63:b8:23:c9:6a:7a:0f:ae:ba:57:16:cb:90:0c:92:
70:c4:c1:26:65:2e:6d:ce:4a:75:82:81:5b:21:10:5d:89:ea:
41:cc:61:65:9d:9c:9f:7b:60:da:ac:9d:8a:24:fd:82:ed:00:
b9:3f:f6:16:93:49:e5:e7:e8:e5:57:5e:c5:a9:f7:d5:8a:a7:
74:95:11:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zYe96CkO9FyMegHHmFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjUwMTAxMTc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDhkMjZlODkwNjEzMDM0YmY3ODRjODczYWQ4M2JiZThkNzlmMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LFTHlBPZOfuiPC1LC1ce+OUywqg
Oeu5dyZJdtB8vGtbaf0BVwIRoAI3JohkC3D/IYj7Q06hmdGMKtaoOjvjo7fn3tzX
z/TLkd01fXx8DszIlTFYQQnthlbqhXgWAiwUwg7ED7avuL3MP4k4Hn8uqRaxhpNu
ePlM1kd+iLAkeqjkZLOqfJqw2ylOG/uUPLzthcU3UWGAanVlIg/Ia+jxOhPCKRkK
XJmesObw8oyDJ4InhQKJrpWhlavQgdocIr5k7IkGkA7Td84hAKHjKst1aERwCgIZ
oZCaihHbZwWOKG7bSqqY1zjjjcr8nlr6CpQhC1pUP1bWjNxeNqyA3cTlAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCNJuiQYTA0v3hMhzrYO76NefCbMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvb0kwbTZKQmhNRFNfZUV5SE90Zzd2bzE1OEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2KMA0G
CSqGSIb3DQEBCwUAA4IBAQB5Ycu8h6hDd8SI/IUs13O+1kaPOEuLzZ6431OwDWOo
LwnLVhAWGY8KlkKg6JUG36MjT2ewGVaoK2htj42Vv0FnDh+MTm9JMttjhTAPpcmU
TnGm2ZmVhUe7ZXhVsvvrtE80WI6RqcE6A02BsURwrnzn2Fp3rvV5YWDGEQ80i5z5
sI0xqxYRhWOZ8oroEYo7pY7p5ZaVsclzmmz135qI2WXlu9lNLKXhvoC/9yKOQyfN
4sjaaCWXjCFjuCPJanoPrrpXFsuQDJJwxMEmZS5tzkp1goFbIRBdiepBzGFlnZyf
e2DarJ2KJP2C7QC5P/YWk0nl5+jlV17FqffViqd0lREd
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:31:39 2025 by rpki-client