Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/O79Bxg0BR0VFMQ_a0ZyezMPMz0M.roa
File: O79Bxg0BR0VFMQ_a0ZyezMPMz0M.roa (raw, json)
Hash identifier: wV2tjiSpv38ZVgcsHYOWBKswr9oGmugpMMubTRaOGF4=
Subject key identifier: 3B:BF:41:C6:0D:01:47:45:45:31:0F:DA:D1:9C:9E:CC:C3:CC:CF:43
Certificate issuer: /CN=a49f6266f61a1eccd4dee094cc71c6db86bbb37b
Certificate serial: 019422201FFCEBE500E8D0B027842E559E2D
Authority key identifier: A4:9F:62:66:F6:1A:1E:CC:D4:DE:E0:94:CC:71:C6:DB:86:BB:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJ9iZvYaHszU3uCUzHHG24a7s3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/O79Bxg0BR0VFMQ_a0ZyezMPMz0M.roa
Signing time: Wed 01 Jan 2025 13:48:38 +0000
ROA not before: Wed 01 Jan 2025 13:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51269
IP address blocks: 185.149.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1f:fc:eb:e5:00:e8:d0:b0:27:84:2e:55:9e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a49f6266f61a1eccd4dee094cc71c6db86bbb37b
Validity
Not Before: Jan 1 13:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bbf41c60d01474545310fdad19c9eccc3cccf43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:76:c3:05:e9:70:3f:7a:a5:c5:42:01:9a:c4:
9b:80:10:09:7f:18:d6:8d:50:6a:3e:54:ed:bd:dd:
40:b5:cb:f8:fc:97:27:2d:54:eb:a1:28:18:b2:a4:
08:7d:98:b4:2e:c4:2f:31:9a:43:53:86:c4:b7:b9:
4f:7a:d8:31:03:22:f4:28:c9:e3:f4:1c:fd:29:92:
0a:3b:86:7d:b3:a1:24:95:a4:85:fa:f8:99:36:f9:
46:7a:af:36:23:93:d1:d2:c1:56:73:a9:2b:27:95:
e5:57:74:53:1e:f2:25:40:57:0f:a3:93:66:9b:e5:
c8:5c:e1:ee:21:e3:5a:5f:50:04:b8:c7:3c:bb:08:
32:d0:29:9d:37:f3:8f:2b:82:0d:88:c9:d3:41:02:
ac:63:2f:38:b2:fb:fe:f3:17:49:0c:0c:39:f5:a7:
55:18:46:ba:7f:4e:12:3a:9a:7b:13:aa:0b:4a:ee:
d6:4d:83:d0:c9:77:a5:d2:58:65:87:d9:3b:32:28:
f4:29:f5:a5:8c:c8:ad:4c:44:69:98:ca:6a:a4:a9:
bd:dc:44:06:a6:6a:f7:c2:23:a5:9e:db:ac:41:b4:
f9:7a:45:4b:8b:df:78:cc:0a:a4:31:a9:5b:fc:3b:
f4:f0:44:51:e0:02:20:9f:97:ce:d6:69:c6:9d:94:
b0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BF:41:C6:0D:01:47:45:45:31:0F:DA:D1:9C:9E:CC:C3:CC:CF:43
X509v3 Authority Key Identifier:
keyid:A4:9F:62:66:F6:1A:1E:CC:D4:DE:E0:94:CC:71:C6:DB:86:BB:B3:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJ9iZvYaHszU3uCUzHHG24a7s3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/O79Bxg0BR0VFMQ_a0ZyezMPMz0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/476253-2788-4519-beba-98be335f3c54/1/pJ9iZvYaHszU3uCUzHHG24a7s3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.68.0/24
Signature Algorithm: sha256WithRSAEncryption
05:42:e9:78:75:26:3e:0c:53:b1:7e:56:5a:1c:85:34:2f:f5:
2a:90:d4:0c:0e:84:ad:32:d4:77:26:15:f9:b2:a3:fc:15:5e:
09:b8:8f:b4:49:1f:28:be:86:5c:14:9d:d3:3e:cd:f8:de:28:
cf:86:60:1f:68:2b:fe:9b:c2:73:6f:1b:cb:d2:68:44:d6:60:
93:a8:ab:bc:0d:eb:70:c1:2e:1b:5d:83:1c:d2:00:a0:47:c0:
71:ca:a6:9f:58:58:a6:3b:9c:6c:6c:36:20:92:14:1a:e8:50:
36:48:fd:67:4a:f5:0b:1f:bb:f3:2a:a6:de:1e:51:59:a7:18:
a4:63:2a:d9:2f:3c:40:34:11:00:61:cf:34:94:3d:b2:ac:5b:
bb:ab:da:82:83:f6:3c:d0:46:cd:c7:fc:ad:7f:4e:88:a7:9c:
f0:74:51:bc:1d:07:9a:20:90:9a:64:99:d6:d9:36:9b:bc:b3:
72:3c:75:bb:f1:65:7d:52:48:03:b9:45:8f:e8:73:c2:2f:ee:
18:24:48:06:73:d3:45:21:b2:fb:3f:3f:64:0a:f4:29:4f:ee:
00:6b:ae:ad:05:fc:82:fa:ba:15:d3:59:14:48:7a:3d:f5:b6:
69:27:3b:25:1d:99:43:8b:e3:62:83:24:00:45:dc:e0:45:02:
a8:e2:33:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIB/86+UA6NCwJ4QuVZ4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWY2MjY2ZjYxYTFlY2NkNGRlZTA5NGNjNzFjNmRiODZi
YmIzN2IwHhcNMjUwMTAxMTM0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJmNDFjNjBkMDE0NzQ1NDUzMTBmZGFkMTljOWVjY2MzY2NjZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3bDBelwP3qlxUIBmsSbgBAJfxjW
jVBqPlTtvd1Atcv4/JcnLVTroSgYsqQIfZi0LsQvMZpDU4bEt7lPetgxAyL0KMnj
9Bz9KZIKO4Z9s6EklaSF+viZNvlGeq82I5PR0sFWc6krJ5XlV3RTHvIlQFcPo5Nm
m+XIXOHuIeNaX1AEuMc8uwgy0CmdN/OPK4INiMnTQQKsYy84svv+8xdJDAw59adV
GEa6f04SOpp7E6oLSu7WTYPQyXel0lhlh9k7Mij0KfWljMitTERpmMpqpKm93EQG
pmr3wiOlntusQbT5ekVLi994zAqkMalb/Dv08ERR4AIgn5fO1mnGnZSwVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDu/QcYNAUdFRTEP2tGcnszDzM9DMB8GA1UdIwQY
MBaAFKSfYmb2Gh7M1N7glMxxxtuGu7N7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEo5aVp2WWFIc3pVM3VDVXpISEcyNGE3czNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80NzYyNTMtMjc4OC00NTE5LWJlYmEt
OThiZTMzNWYzYzU0LzEvTzc5QnhnMEJSMFZGTVFfYTBaeWV6TVBNejBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80NzYyNTMtMjc4OC00NTE5LWJlYmEtOThiZTMzNWYzYzU0
LzEvcEo5aVp2WWFIc3pVM3VDVXpISEcyNGE3czNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZVEMA0G
CSqGSIb3DQEBCwUAA4IBAQAFQul4dSY+DFOxflZaHIU0L/UqkNQMDoStMtR3JhX5
sqP8FV4JuI+0SR8ovoZcFJ3TPs343ijPhmAfaCv+m8JzbxvL0mhE1mCTqKu8Detw
wS4bXYMc0gCgR8BxyqafWFimO5xsbDYgkhQa6FA2SP1nSvULH7vzKqbeHlFZpxik
YyrZLzxANBEAYc80lD2yrFu7q9qCg/Y80EbNx/ytf06Ip5zwdFG8HQeaIJCaZJnW
2TabvLNyPHW78WV9UkgDuUWP6HPCL+4YJEgGc9NFIbL7Pz9kCvQpT+4Aa66tBfyC
+roV01kUSHo99bZpJzslHZlDi+NigyQARdzgRQKo4jPB
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:06:23 2025 by rpki-client