Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/oj3iDtlWEnyZOpJzAiAlB4UDFF4.roa
File: oj3iDtlWEnyZOpJzAiAlB4UDFF4.roa (raw, json)
Hash identifier: IfBN2GCeO47guRCeMpP/j/B8Qqw6117P1ZV2//+hOLA=
Subject key identifier: A2:3D:E2:0E:D9:56:12:7C:99:3A:92:73:02:20:25:07:85:03:14:5E
Certificate issuer: /CN=a7a538aac33778460e19701aab5952c7aa25f05c
Certificate serial: 01941F8C3E7DCDB5111BA4E14DA502966D53
Authority key identifier: A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/oj3iDtlWEnyZOpJzAiAlB4UDFF4.roa
Signing time: Wed 01 Jan 2025 01:47:52 +0000
ROA not before: Wed 01 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 266777
IP address blocks: 194.147.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:3e:7d:cd:b5:11:1b:a4:e1:4d:a5:02:96:6d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a538aac33778460e19701aab5952c7aa25f05c
Validity
Not Before: Jan 1 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a23de20ed956127c993a9273022025078503145e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c2:db:42:fb:a2:8e:c1:bf:00:85:0b:0c:5b:
ae:e3:71:e3:52:fb:08:04:83:99:d7:a0:e9:31:02:
52:45:4d:a2:c5:4a:f4:a3:ee:31:d7:9b:40:64:84:
e9:59:48:60:3e:85:f7:59:9a:01:0f:1b:44:e9:dd:
8f:ba:c1:06:8b:ab:2d:bc:1c:34:05:60:3c:54:3a:
28:61:32:7b:ce:52:9e:77:5e:65:45:08:c6:1d:7e:
31:e7:92:f1:2c:49:1f:cb:ad:bc:9e:47:fe:75:89:
b9:6d:18:25:a0:73:51:f0:5d:62:da:69:cf:99:a8:
5b:28:f5:8a:8a:b3:3e:9b:8f:52:31:84:81:83:a8:
3e:86:80:88:c0:4d:de:16:da:f1:4e:77:d9:fa:22:
b4:9a:25:81:08:1d:b7:9a:ce:1c:75:02:92:c3:9c:
12:b4:be:10:4e:8c:16:7f:9d:13:c2:da:8b:44:4d:
93:a4:5f:90:b5:25:4b:ca:ca:ac:45:57:90:3c:0a:
3e:f6:ed:e2:0d:90:e3:8d:ec:cb:aa:d4:9d:7a:2c:
37:ce:24:c2:01:b0:51:60:a6:a6:6b:c6:88:4e:25:
2b:48:65:07:60:c7:cf:3f:8f:99:45:d8:8a:96:fb:
b5:b5:eb:a5:13:e5:5f:d3:f5:b5:1b:43:13:fa:e2:
b4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3D:E2:0E:D9:56:12:7C:99:3A:92:73:02:20:25:07:85:03:14:5E
X509v3 Authority Key Identifier:
keyid:A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/oj3iDtlWEnyZOpJzAiAlB4UDFF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.32.0/24
Signature Algorithm: sha256WithRSAEncryption
54:93:09:9f:1b:3e:10:d4:f1:36:97:e2:88:97:ce:06:bd:e5:
10:74:67:6c:9e:81:2b:ca:81:8c:72:a8:10:8f:a3:1b:30:f8:
da:b1:b0:2e:3d:a8:35:71:93:7d:e0:55:e1:1b:bb:72:8a:cf:
83:b1:7e:82:42:2d:18:f1:58:75:66:86:94:75:d5:6a:21:66:
08:92:44:da:dd:d3:16:ef:06:d4:57:dd:84:7f:46:32:b6:b9:
fc:b1:e0:fa:cd:4a:b6:ca:9a:86:8c:94:c2:9d:66:42:0b:3a:
9d:cd:70:0c:f2:8c:90:ca:cc:d1:50:df:0d:15:c6:fd:db:74:
c5:20:56:1d:5a:07:55:15:67:9d:4a:f8:02:9f:72:ae:35:87:
52:c8:ff:d1:70:fa:23:ef:b7:36:3e:ad:96:84:5a:6c:db:5f:
c1:ab:f0:c4:f9:8f:1f:7b:1f:f3:fa:8c:8d:1c:92:a6:04:c0:
f3:1c:74:7c:2e:29:5e:a4:77:ae:14:64:dd:77:c4:de:4e:27:
2f:cb:7c:8f:74:1e:f5:ac:3f:51:f4:18:2e:c5:ab:50:c0:d3:
a9:b8:3f:32:4b:e2:99:f8:1e:ba:72:51:c6:e0:20:72:33:57:
8c:fb:5f:e5:6d:bb:bf:f8:9a:a0:1b:7c:49:6f:f9:02:82:f7:
7f:b2:5a:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjD59zbURG6ThTaUClm1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTUzOGFhYzMzNzc4NDYwZTE5NzAxYWFiNTk1MmM3YWEy
NWYwNWMwHhcNMjUwMTAxMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNkZTIwZWQ5NTYxMjdjOTkzYTkyNzMwMjIwMjUwNzg1MDMxNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8LbQvuijsG/AIULDFuu43HjUvsI
BIOZ16DpMQJSRU2ixUr0o+4x15tAZITpWUhgPoX3WZoBDxtE6d2PusEGi6stvBw0
BWA8VDooYTJ7zlKed15lRQjGHX4x55LxLEkfy628nkf+dYm5bRgloHNR8F1i2mnP
mahbKPWKirM+m49SMYSBg6g+hoCIwE3eFtrxTnfZ+iK0miWBCB23ms4cdQKSw5wS
tL4QTowWf50TwtqLRE2TpF+QtSVLysqsRVeQPAo+9u3iDZDjjezLqtSdeiw3ziTC
AbBRYKama8aITiUrSGUHYMfPP4+ZRdiKlvu1teulE+Vf0/W1G0MT+uK02QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKI94g7ZVhJ8mTqScwIgJQeFAxReMB8GA1UdIwQY
MBaAFKelOKrDN3hGDhlwGqtZUseqJfBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEt
ODdiMDEwZWE2MjM1LzEvb2ozaUR0bFdFbnlaT3BKekFpQWxCNFVERkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEtODdiMDEwZWE2MjM1
LzEvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpMgMA0G
CSqGSIb3DQEBCwUAA4IBAQBUkwmfGz4Q1PE2l+KIl84GveUQdGdsnoEryoGMcqgQ
j6MbMPjasbAuPag1cZN94FXhG7tyis+DsX6CQi0Y8Vh1ZoaUddVqIWYIkkTa3dMW
7wbUV92Ef0Yytrn8seD6zUq2ypqGjJTCnWZCCzqdzXAM8oyQyszRUN8NFcb923TF
IFYdWgdVFWedSvgCn3KuNYdSyP/RcPoj77c2Pq2WhFps21/Bq/DE+Y8fex/z+oyN
HJKmBMDzHHR8LilepHeuFGTdd8TeTicvy3yPdB71rD9R9BguxatQwNOpuD8yS+KZ
+B66clHG4CByM1eM+1/lbbu/+JqgG3xJb/kCgvd/slpr
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:39:51 2025 by rpki-client