Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/61fa3b-4724-4014-8817-bd71effb9b39/1/oXajxfRbk6N8eRRiT_ohkuBIZx0.roa
File: oXajxfRbk6N8eRRiT_ohkuBIZx0.roa (raw, json)
Hash identifier: pxyqg3KNDxfYN2gXtBCfn7xtRncbmC2U24gMFivJT6A=
Subject key identifier: A1:76:A3:C5:F4:5B:93:A3:7C:79:14:62:4F:FA:21:92:E0:48:67:1D
Certificate issuer: /CN=1ad6d2d40fb1d5b2cf95429bfb9319fc2b1cc24a
Certificate serial: 019421B1BC623A11BD10F87CEFE473611ABB
Authority key identifier: 1A:D6:D2:D4:0F:B1:D5:B2:CF:95:42:9B:FB:93:19:FC:2B:1C:C2:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtbS1A-x1bLPlUKb-5MZ_Cscwko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/61fa3b-4724-4014-8817-bd71effb9b39/1/oXajxfRbk6N8eRRiT_ohkuBIZx0.roa
Signing time: Wed 01 Jan 2025 11:48:03 +0000
ROA not before: Wed 01 Jan 2025 11:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205307
IP address blocks: 91.236.19.0/24 maxlen: 29
2001:678:ae8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:bc:62:3a:11:bd:10:f8:7c:ef:e4:73:61:1a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad6d2d40fb1d5b2cf95429bfb9319fc2b1cc24a
Validity
Not Before: Jan 1 11:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a176a3c5f45b93a37c7914624ffa2192e048671d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:49:b2:16:04:4e:91:63:12:eb:d1:67:57:73:
a7:48:8b:aa:7a:89:5b:d0:aa:4b:7e:82:c0:92:93:
70:c4:99:ca:ce:21:83:28:ab:1a:e8:e6:d3:d4:40:
30:84:86:ba:61:99:86:9b:e1:1d:cb:5f:60:42:e8:
21:4e:7e:4b:a4:fa:fb:1a:67:71:80:5a:8f:3b:f8:
56:4d:64:3c:71:d4:b7:f3:3b:d6:c2:54:65:5c:83:
ef:e8:3d:d5:ab:13:df:ba:bb:e6:48:35:49:70:9a:
f8:70:b8:a2:93:b4:fe:d7:36:19:16:a9:d6:3b:6f:
6f:91:f9:94:74:d8:8e:ec:cb:81:50:4e:d3:d0:86:
7d:19:d0:88:1a:eb:55:0f:9b:c4:6c:7b:d1:1a:96:
04:9f:ce:df:51:45:e7:1b:01:b7:f3:25:22:dc:eb:
3a:64:b5:38:5e:87:7b:51:b6:3c:b5:dd:dc:cc:4d:
26:75:eb:1a:d2:08:fe:6c:aa:a7:34:39:ba:19:cf:
e9:e6:e2:6d:91:76:29:7c:a8:8a:d2:eb:83:d4:6e:
61:1e:53:02:49:17:f7:29:db:1b:99:b8:b3:dd:13:
6f:76:bc:ab:93:9e:20:4b:b3:38:de:8c:0d:d7:6a:
ff:7a:4e:5f:ff:9a:8b:95:31:22:fb:ea:de:20:b8:
80:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:76:A3:C5:F4:5B:93:A3:7C:79:14:62:4F:FA:21:92:E0:48:67:1D
X509v3 Authority Key Identifier:
keyid:1A:D6:D2:D4:0F:B1:D5:B2:CF:95:42:9B:FB:93:19:FC:2B:1C:C2:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtbS1A-x1bLPlUKb-5MZ_Cscwko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/61fa3b-4724-4014-8817-bd71effb9b39/1/oXajxfRbk6N8eRRiT_ohkuBIZx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/61fa3b-4724-4014-8817-bd71effb9b39/1/GtbS1A-x1bLPlUKb-5MZ_Cscwko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.19.0/24
IPv6:
2001:678:ae8::/48
Signature Algorithm: sha256WithRSAEncryption
1a:3d:93:dd:5f:f4:54:71:81:71:b9:c9:ce:9a:5d:a4:b0:56:
4e:e1:96:cd:e1:d4:05:d7:f5:62:f2:77:da:e5:1d:d1:db:85:
45:1b:8e:0f:2b:37:2c:c1:df:23:10:48:7e:33:17:cf:9a:03:
5e:ab:90:2a:b2:42:90:2a:d4:8a:81:c7:b1:a1:d8:9a:66:1b:
7b:e3:2a:37:13:e3:0a:0b:71:36:66:ed:06:d0:0d:c2:60:66:
36:7f:55:16:ab:9e:b0:3e:51:87:4f:66:e1:60:64:71:9d:82:
46:9d:a4:b5:93:b6:fd:c2:8f:a0:0e:dd:aa:1e:9b:ac:f9:67:
73:b9:91:43:a2:63:f6:48:40:9b:07:9f:98:67:c1:cc:71:4c:
ea:af:ef:f3:88:df:40:3c:68:99:8d:06:59:4e:65:ac:2b:a8:
a4:5f:1a:05:52:d4:59:f0:b4:65:33:91:af:dd:19:8c:78:cf:
41:20:e4:08:2e:68:50:5c:70:3b:8a:ee:30:b0:e1:cb:26:88:
11:30:6f:cf:f7:53:8e:c8:fa:aa:f3:c1:e1:ec:83:13:64:9d:
08:a0:e1:26:39:2d:7f:ee:6a:81:e1:ac:98:80:19:c0:90:ee:
e0:cb:43:74:a1:e7:bf:bd:27:4d:93:83:75:64:7d:a6:ee:83:
c9:76:2d:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhsbxiOhG9EPh87+RzYRq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDZkMmQ0MGZiMWQ1YjJjZjk1NDI5YmZiOTMxOWZjMmIx
Y2MyNGEwHhcNMjUwMTAxMTE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTc2YTNjNWY0NWI5M2EzN2M3OTE0NjI0ZmZhMjE5MmUwNDg2NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10myFgROkWMS69FnV3OnSIuqeolb
0KpLfoLAkpNwxJnKziGDKKsa6ObT1EAwhIa6YZmGm+Edy19gQughTn5LpPr7Gmdx
gFqPO/hWTWQ8cdS38zvWwlRlXIPv6D3VqxPfurvmSDVJcJr4cLiik7T+1zYZFqnW
O29vkfmUdNiO7MuBUE7T0IZ9GdCIGutVD5vEbHvRGpYEn87fUUXnGwG38yUi3Os6
ZLU4Xod7UbY8td3czE0mdesa0gj+bKqnNDm6Gc/p5uJtkXYpfKiK0uuD1G5hHlMC
SRf3Kdsbmbiz3RNvdryrk54gS7M43owN12r/ek5f/5qLlTEi++reILiA7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKF2o8X0W5OjfHkUYk/6IZLgSGcdMB8GA1UdIwQY
MBaAFBrW0tQPsdWyz5VCm/uTGfwrHMJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RiUzFBLXgxYkxQbFVLYi01TVpfQ3Njd2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MWZhM2ItNDcyNC00MDE0LTg4MTct
YmQ3MWVmZmI5YjM5LzEvb1hhanhmUmJrNk44ZVJSaVRfb2hrdUJJWngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MWZhM2ItNDcyNC00MDE0LTg4MTctYmQ3MWVmZmI5YjM5
LzEvR3RiUzFBLXgxYkxQbFVLYi01TVpfQ3Njd2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+wTMA8E
AgACMAkDBwAgAQZ4CugwDQYJKoZIhvcNAQELBQADggEBABo9k91f9FRxgXG5yc6a
XaSwVk7hls3h1AXX9WLyd9rlHdHbhUUbjg8rNyzB3yMQSH4zF8+aA16rkCqyQpAq
1IqBx7Gh2JpmG3vjKjcT4woLcTZm7QbQDcJgZjZ/VRarnrA+UYdPZuFgZHGdgkad
pLWTtv3Cj6AO3aoem6z5Z3O5kUOiY/ZIQJsHn5hnwcxxTOqv7/OI30A8aJmNBllO
ZawrqKRfGgVS1FnwtGUzka/dGYx4z0Eg5AguaFBccDuK7jCw4csmiBEwb8/3U47I
+qrzweHsgxNknQig4SY5LX/uaoHhrJiAGcCQ7uDLQ3Sh57+9J02Tg3Vkfabug8l2
LYg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:08:41 2025 by rpki-client