Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/11cdf2-ca30-4718-ac80-f196fd0a497b/1/OTybeQSqUNtNYhW7lIqMu8Xbs9U.roa
File: OTybeQSqUNtNYhW7lIqMu8Xbs9U.roa (raw, json)
Hash identifier: qhQfPgHQL0RGn7gt2AnYjMV/XyhTZwosQOVt3JjZawg=
Subject key identifier: 39:3C:9B:79:04:AA:50:DB:4D:62:15:BB:94:8A:8C:BB:C5:DB:B3:D5
Certificate issuer: /CN=69d6048571d87eabc4bed1a7cdff83587fb89664
Certificate serial: 0194258E1F3033727402BC10DEB7ED19CF31
Authority key identifier: 69:D6:04:85:71:D8:7E:AB:C4:BE:D1:A7:CD:FF:83:58:7F:B8:96:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/adYEhXHYfqvEvtGnzf-DWH-4lmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/11cdf2-ca30-4718-ac80-f196fd0a497b/1/OTybeQSqUNtNYhW7lIqMu8Xbs9U.roa
Signing time: Thu 02 Jan 2025 05:47:38 +0000
ROA not before: Thu 02 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41543
IP address blocks: 195.95.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:1f:30:33:72:74:02:bc:10:de:b7:ed:19:cf:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69d6048571d87eabc4bed1a7cdff83587fb89664
Validity
Not Before: Jan 2 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=393c9b7904aa50db4d6215bb948a8cbbc5dbb3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:73:89:d4:e7:ea:fc:e5:ff:09:52:5f:90:fe:
3b:84:88:f1:59:77:2a:55:d8:95:8f:79:60:a5:27:
60:6b:5a:74:57:c2:f6:3d:a2:9f:fa:73:04:b4:6e:
cc:0f:b6:6c:92:e0:d8:4d:f4:78:b5:89:58:80:31:
10:e2:ab:cc:bd:43:93:69:11:cf:8c:56:ab:3a:2d:
d7:95:e6:3b:e3:27:61:6b:0c:f1:8f:37:9f:fe:9a:
88:20:cc:61:dd:1b:30:dc:5c:0f:65:f6:90:0d:ea:
c0:95:a9:dd:15:a3:5d:4b:11:ca:50:f1:07:f4:0b:
25:a0:c4:e3:22:c8:86:09:23:e1:39:42:8f:4c:69:
1d:b1:b3:a9:78:df:b7:6e:7b:de:c7:c5:3c:23:69:
91:e9:62:63:55:6b:97:9f:2c:fb:df:f3:19:9b:d7:
54:41:a5:3e:c1:ae:b8:d4:88:00:da:30:2c:19:5a:
09:64:29:90:b5:a9:67:1a:03:c4:b9:74:6a:ce:7a:
cb:65:91:61:1a:93:ec:6b:91:e4:27:61:c3:6a:bb:
5d:1f:c3:a4:04:7b:72:e7:7c:5c:bd:84:79:4a:e6:
c7:ea:73:d9:c8:d6:c9:0d:08:01:4f:b4:80:c7:46:
d7:85:b3:73:ee:1d:c7:c5:d0:53:cc:6a:8a:9d:76:
02:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3C:9B:79:04:AA:50:DB:4D:62:15:BB:94:8A:8C:BB:C5:DB:B3:D5
X509v3 Authority Key Identifier:
keyid:69:D6:04:85:71:D8:7E:AB:C4:BE:D1:A7:CD:FF:83:58:7F:B8:96:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/adYEhXHYfqvEvtGnzf-DWH-4lmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/11cdf2-ca30-4718-ac80-f196fd0a497b/1/OTybeQSqUNtNYhW7lIqMu8Xbs9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/11cdf2-ca30-4718-ac80-f196fd0a497b/1/adYEhXHYfqvEvtGnzf-DWH-4lmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.158.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b6:59:39:9a:d6:f5:b6:71:ea:e3:82:85:1d:2d:c1:bb:93:
04:80:45:20:8b:91:90:bb:d2:ed:99:b1:d5:3f:d8:d3:5b:fb:
9a:31:d2:d2:fb:6d:6f:29:be:b1:5c:ca:64:2d:e4:3f:70:0f:
ca:49:ce:aa:71:f2:5b:e5:9f:55:c9:d0:15:c2:74:02:40:c1:
e6:bd:51:43:da:e1:0a:3b:00:b0:d6:c9:7e:fe:ef:9f:9b:6e:
2c:6e:87:6e:cf:81:a4:9d:18:83:e6:0b:07:43:1a:a0:fe:a4:
da:dc:7b:35:f9:15:42:ea:1b:ac:8d:90:1e:8c:2e:00:cc:f6:
35:a8:00:f7:12:92:29:f3:92:1e:0b:b8:3b:2a:3c:78:46:e9:
da:1b:9f:af:08:4f:f7:19:0d:fc:d4:e7:4c:1d:58:9b:6b:55:
24:8d:ed:d0:3b:12:c1:18:2f:47:01:fb:3c:c6:28:34:50:5e:
8b:a4:74:b0:93:6b:78:1a:37:c8:57:64:1b:62:04:7d:b6:e0:
88:42:66:f1:bd:2b:a1:98:cb:40:8d:1e:b1:7c:ac:9c:19:c6:
c3:f3:27:e7:2a:72:61:b6:27:18:47:13:12:9e:b2:53:7b:1c:
7a:2a:33:6d:65:59:3c:c1:78:e0:a1:2f:ae:49:b2:af:01:0b:
86:75:b9:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljh8wM3J0ArwQ3rftGc8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZDYwNDg1NzFkODdlYWJjNGJlZDFhN2NkZmY4MzU4N2Zi
ODk2NjQwHhcNMjUwMTAyMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNjOWI3OTA0YWE1MGRiNGQ2MjE1YmI5NDhhOGNiYmM1ZGJiM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnOJ1Ofq/OX/CVJfkP47hIjxWXcq
VdiVj3lgpSdga1p0V8L2PaKf+nMEtG7MD7ZskuDYTfR4tYlYgDEQ4qvMvUOTaRHP
jFarOi3XleY74ydhawzxjzef/pqIIMxh3Rsw3FwPZfaQDerAlandFaNdSxHKUPEH
9AsloMTjIsiGCSPhOUKPTGkdsbOpeN+3bnvex8U8I2mR6WJjVWuXnyz73/MZm9dU
QaU+wa641IgA2jAsGVoJZCmQtalnGgPEuXRqznrLZZFhGpPsa5HkJ2HDartdH8Ok
BHty53xcvYR5SubH6nPZyNbJDQgBT7SAx0bXhbNz7h3HxdBTzGqKnXYCfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk8m3kEqlDbTWIVu5SKjLvF27PVMB8GA1UdIwQY
MBaAFGnWBIVx2H6rxL7Rp83/g1h/uJZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWRZRWhYSFlmcXZFdnRHbnpmLURXSC00bG1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xMWNkZjItY2EzMC00NzE4LWFjODAt
ZjE5NmZkMGE0OTdiLzEvT1R5YmVRU3FVTnROWWhXN2xJcU11OFhiczlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xMWNkZjItY2EzMC00NzE4LWFjODAtZjE5NmZkMGE0OTdi
LzEvYWRZRWhYSFlmcXZFdnRHbnpmLURXSC00bG1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+eMA0G
CSqGSIb3DQEBCwUAA4IBAQAotlk5mtb1tnHq44KFHS3Bu5MEgEUgi5GQu9LtmbHV
P9jTW/uaMdLS+21vKb6xXMpkLeQ/cA/KSc6qcfJb5Z9VydAVwnQCQMHmvVFD2uEK
OwCw1sl+/u+fm24sboduz4GknRiD5gsHQxqg/qTa3Hs1+RVC6husjZAejC4AzPY1
qAD3EpIp85IeC7g7Kjx4RunaG5+vCE/3GQ381OdMHViba1Ukje3QOxLBGC9HAfs8
xig0UF6LpHSwk2t4GjfIV2QbYgR9tuCIQmbxvSuhmMtAjR6xfKycGcbD8yfnKnJh
ticYRxMSnrJTexx6KjNtZVk8wXjgoS+uSbKvAQuGdbmn
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:24:45 2025 by rpki-client