Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/8cd3ba-9d72-434f-8f82-aab4bd8fce9d/1/oFJDhlIxFUNhw_-HBfRNlNTaZxk.roa
File: oFJDhlIxFUNhw_-HBfRNlNTaZxk.roa (raw, json)
Hash identifier: X5zMaPXKmmEjg88Z3XtKkZigQqgVKFsASLy1XTJf6Pw=
Subject key identifier: A0:52:43:86:52:31:15:43:61:C3:FF:87:05:F4:4D:94:D4:DA:67:19
Certificate issuer: /CN=e35a056c8242971d1a90b0bfa98b1b7a93052884
Certificate serial: 01941F8C37920C48863301B76942EAB27C27
Authority key identifier: E3:5A:05:6C:82:42:97:1D:1A:90:B0:BF:A9:8B:1B:7A:93:05:28:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/41oFbIJClx0akLC_qYsbepMFKIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/8cd3ba-9d72-434f-8f82-aab4bd8fce9d/1/oFJDhlIxFUNhw_-HBfRNlNTaZxk.roa
Signing time: Wed 01 Jan 2025 01:47:50 +0000
ROA not before: Wed 01 Jan 2025 01:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57672
IP address blocks: 192.146.137.0/24 maxlen: 24
2001:67c:26b4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:37:92:0c:48:86:33:01:b7:69:42:ea:b2:7c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e35a056c8242971d1a90b0bfa98b1b7a93052884
Validity
Not Before: Jan 1 01:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a05243865231154361c3ff8705f44d94d4da6719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4b:cb:ab:91:33:a6:d3:56:d7:0f:5f:d0:e4:
11:18:f2:3f:6f:0c:2c:04:e0:b0:9b:b8:e9:b8:3a:
c0:95:bf:06:ed:05:7d:97:74:c7:e6:34:6f:90:4e:
82:90:9a:36:01:94:fe:e3:82:c8:c3:07:32:d0:30:
62:54:60:70:d0:96:a5:f4:24:b1:79:16:a0:b6:0b:
0a:24:8d:37:3d:b9:f8:1d:a1:0e:6c:64:bb:f4:a2:
2f:9d:81:cb:45:de:54:17:2b:cf:34:27:5f:e3:d0:
47:af:05:38:91:ac:ad:9e:52:69:9b:8f:0b:d8:a9:
c7:d5:f5:b1:85:a2:25:7f:9b:6a:dd:70:91:a9:97:
85:c5:a0:5a:67:4d:61:75:2f:05:13:32:6a:10:d0:
fd:1f:fc:31:14:a6:f2:6d:2b:38:0f:c3:81:42:c3:
42:48:a8:d4:fd:6e:c4:47:c4:86:6c:7c:87:7c:18:
73:dd:56:ae:31:8c:21:25:50:ac:d9:66:ce:7b:d5:
fd:68:42:8a:e5:f8:50:4b:21:f2:bd:11:5a:32:65:
21:a2:74:50:5f:74:19:02:cd:78:54:c9:13:ee:3b:
eb:f4:bd:45:9f:d2:03:35:dc:2a:6a:6d:8d:99:ff:
84:a8:0a:37:2e:c9:33:f0:9e:89:0d:8e:14:39:63:
6f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:52:43:86:52:31:15:43:61:C3:FF:87:05:F4:4D:94:D4:DA:67:19
X509v3 Authority Key Identifier:
keyid:E3:5A:05:6C:82:42:97:1D:1A:90:B0:BF:A9:8B:1B:7A:93:05:28:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/41oFbIJClx0akLC_qYsbepMFKIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8cd3ba-9d72-434f-8f82-aab4bd8fce9d/1/oFJDhlIxFUNhw_-HBfRNlNTaZxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8cd3ba-9d72-434f-8f82-aab4bd8fce9d/1/41oFbIJClx0akLC_qYsbepMFKIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.146.137.0/24
IPv6:
2001:67c:26b4::/48
Signature Algorithm: sha256WithRSAEncryption
90:b1:99:af:77:63:3a:41:fa:df:1d:78:08:22:99:53:88:1a:
eb:17:c3:dd:47:f9:66:34:9b:72:ba:2c:2d:ed:b5:e8:76:b4:
fc:2c:5a:3c:2f:27:7a:b3:65:b9:3e:22:b9:bb:6e:66:2a:8b:
fe:de:5e:f2:b8:aa:e9:1b:58:cb:a0:a6:c8:31:08:03:f1:05:
c8:82:42:05:04:c5:a1:75:6d:db:70:79:c2:a5:7d:4a:b2:6c:
c7:fe:4b:1f:10:64:4e:6f:b6:45:c1:e7:a7:e3:cd:57:29:fb:
eb:6a:e2:1d:a1:2f:96:b7:82:70:00:f7:58:1d:de:d6:ca:90:
a9:71:86:5b:39:11:30:c4:e6:07:48:3f:f4:54:7b:05:d1:43:
06:5a:91:ae:ce:5c:de:d2:e0:96:a1:ee:a4:6e:9e:89:80:68:
2b:01:26:ac:01:86:78:97:a7:97:a6:c9:cf:b1:55:3b:85:3f:
76:2b:9c:74:6a:2b:1c:13:a9:3f:07:0d:74:b8:ec:67:01:e8:
fc:f6:74:67:02:dd:e0:26:c6:16:1f:79:7b:ef:f7:66:42:86:
c2:c4:9b:55:7e:b8:97:da:ce:89:ce:0c:f7:a4:3e:37:c1:14:
1d:11:30:86:02:d9:fa:bf:9b:7b:d5:9a:26:3a:e3:04:f6:08:
37:97:04:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjDeSDEiGMwG3aULqsnwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNWEwNTZjODI0Mjk3MWQxYTkwYjBiZmE5OGIxYjdhOTMw
NTI4ODQwHhcNMjUwMTAxMDE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUyNDM4NjUyMzExNTQzNjFjM2ZmODcwNWY0NGQ5NGQ0ZGE2NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUvLq5EzptNW1w9f0OQRGPI/bwws
BOCwm7jpuDrAlb8G7QV9l3TH5jRvkE6CkJo2AZT+44LIwwcy0DBiVGBw0Jal9CSx
eRagtgsKJI03Pbn4HaEObGS79KIvnYHLRd5UFyvPNCdf49BHrwU4kaytnlJpm48L
2KnH1fWxhaIlf5tq3XCRqZeFxaBaZ01hdS8FEzJqEND9H/wxFKbybSs4D8OBQsNC
SKjU/W7ER8SGbHyHfBhz3VauMYwhJVCs2WbOe9X9aEKK5fhQSyHyvRFaMmUhonRQ
X3QZAs14VMkT7jvr9L1Fn9IDNdwqam2Nmf+EqAo3Lskz8J6JDY4UOWNveQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKBSQ4ZSMRVDYcP/hwX0TZTU2mcZMB8GA1UdIwQY
MBaAFONaBWyCQpcdGpCwv6mLG3qTBSiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDFvRmJJSkNseDBha0xDX3FZc2JlcE1GS0lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84Y2QzYmEtOWQ3Mi00MzRmLThmODIt
YWFiNGJkOGZjZTlkLzEvb0ZKRGhsSXhGVU5od18tSEJmUk5sTlRhWnhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84Y2QzYmEtOWQ3Mi00MzRmLThmODItYWFiNGJkOGZjZTlk
LzEvNDFvRmJJSkNseDBha0xDX3FZc2JlcE1GS0lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwJKJMA8E
AgACMAkDBwAgAQZ8JrQwDQYJKoZIhvcNAQELBQADggEBAJCxma93YzpB+t8deAgi
mVOIGusXw91H+WY0m3K6LC3tteh2tPwsWjwvJ3qzZbk+Irm7bmYqi/7eXvK4qukb
WMugpsgxCAPxBciCQgUExaF1bdtwecKlfUqybMf+Sx8QZE5vtkXB56fjzVcp++tq
4h2hL5a3gnAA91gd3tbKkKlxhls5ETDE5gdIP/RUewXRQwZaka7OXN7S4Jah7qRu
nomAaCsBJqwBhniXp5emyc+xVTuFP3YrnHRqKxwTqT8HDXS47GcB6Pz2dGcC3eAm
xhYfeXvv92ZChsLEm1V+uJfazonODPekPjfBFB0RMIYC2fq/m3vVmiY64wT2CDeX
BIc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:21:08 2025 by rpki-client