Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/OrmnaIv7Ykw3uSFBs-BQky_7bs4.roa
File: OrmnaIv7Ykw3uSFBs-BQky_7bs4.roa (raw, json)
Hash identifier: vkDAHcA+JuGp7WyKg9OyBQapexmqkZf8f/9s6IqTZIM=
Subject key identifier: 3A:B9:A7:68:8B:FB:62:4C:37:B9:21:41:B3:E0:50:93:2F:FB:6E:CE
Certificate issuer: /CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Certificate serial: 019420D61A04445D47E75E2ABBAF01AC6B8A
Authority key identifier: E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/OrmnaIv7Ykw3uSFBs-BQky_7bs4.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64447
IP address blocks: 188.119.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1a:04:44:5d:47:e7:5e:2a:bb:af:01:ac:6b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ab9a7688bfb624c37b92141b3e050932ffb6ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a9:8b:cc:88:41:d3:e8:85:e3:2b:d8:0a:df:
cb:cf:19:c0:06:e0:3e:7a:dd:3f:c6:95:95:76:38:
8c:28:81:e1:1d:29:f9:00:b2:b7:b6:99:23:4e:3b:
81:5e:ee:ce:13:56:fc:c7:0e:01:f1:5d:be:6c:34:
c9:5a:ad:b1:b2:7c:df:2b:96:d4:fa:5b:5b:6d:36:
36:a1:4f:7a:20:cf:e3:32:c6:7f:45:dd:5f:43:e3:
c7:3c:49:3f:42:27:04:ec:01:f8:c5:64:5c:0b:d8:
b9:a5:fc:00:a9:85:2f:25:92:63:17:89:c9:0d:08:
cc:1a:66:e2:fe:89:f4:a5:98:7e:e7:20:5b:f5:b8:
6f:b9:8c:bf:22:32:bb:8e:60:80:d9:5a:f8:3e:21:
74:1f:48:0a:25:ab:a7:15:c8:88:15:88:6c:70:b7:
7b:ab:04:b8:92:9f:86:44:2f:bb:48:48:bd:28:78:
b1:82:d8:54:00:2d:c7:be:ae:f2:0c:d1:26:92:6a:
5b:68:89:cd:9e:b9:e1:89:22:c1:fc:bc:42:bb:29:
16:c3:ec:e1:b1:18:6e:dd:57:18:d7:6c:e2:53:1e:
f7:4e:1c:39:86:4e:af:5f:dc:11:a2:6d:2d:82:8f:
01:73:4a:71:2a:71:4c:5d:29:66:01:0a:b5:3f:01:
01:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B9:A7:68:8B:FB:62:4C:37:B9:21:41:B3:E0:50:93:2F:FB:6E:CE
X509v3 Authority Key Identifier:
keyid:E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/OrmnaIv7Ykw3uSFBs-BQky_7bs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.29.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:87:6c:b9:7e:00:ba:f6:c5:27:2b:73:37:f4:02:8f:e4:ab:
d1:50:cd:77:7b:88:6a:d4:6d:c3:0e:d6:2b:bd:ac:83:16:33:
9d:10:20:bb:a0:f3:e0:a5:91:3c:3c:0c:1c:b1:c3:e7:65:24:
1f:8d:96:88:08:75:7c:24:5d:68:6c:9a:5d:bd:5a:db:be:5b:
db:16:80:96:e6:d0:3d:69:c3:0d:62:23:8a:60:5b:55:85:35:
5b:0b:0c:57:02:ad:c5:8e:69:aa:88:b0:0c:c0:77:18:ff:de:
03:92:e2:e8:4d:6f:4c:33:ce:60:97:d8:40:ad:46:63:b2:a7:
68:07:9c:ef:38:58:69:09:23:1e:e4:c1:15:13:ec:70:5c:1d:
30:8a:43:ae:7c:3a:d8:f0:4b:67:97:40:f5:9e:d3:f3:d9:c2:
42:7a:6b:78:8a:33:e3:c4:d6:dc:42:a3:aa:6a:39:62:ab:10:
a7:1f:e3:db:5b:f2:f2:1d:8c:27:01:e4:c2:82:dd:cc:06:c1:
71:07:9c:4d:f4:97:49:c9:90:b9:d6:01:05:dc:53:c9:ed:4f:
e0:43:59:5c:2b:4a:8b:2d:ce:a7:b2:a1:0b:a7:32:1d:a6:cb:
92:91:cc:99:76:94:47:4c:18:c2:96:9a:c3:a9:e4:b6:06:f2:
6a:e6:46:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hoERF1H514qu68BrGuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGQ1YzI5YTM0Mzk3MDNkODliNWFiZjAzYTc1ZDg2MTc3
MWJlZjQwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI5YTc2ODhiZmI2MjRjMzdiOTIxNDFiM2UwNTA5MzJmZmI2ZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvamLzIhB0+iF4yvYCt/LzxnABuA+
et0/xpWVdjiMKIHhHSn5ALK3tpkjTjuBXu7OE1b8xw4B8V2+bDTJWq2xsnzfK5bU
+ltbbTY2oU96IM/jMsZ/Rd1fQ+PHPEk/QicE7AH4xWRcC9i5pfwAqYUvJZJjF4nJ
DQjMGmbi/on0pZh+5yBb9bhvuYy/IjK7jmCA2Vr4PiF0H0gKJaunFciIFYhscLd7
qwS4kp+GRC+7SEi9KHixgthUAC3Hvq7yDNEmkmpbaInNnrnhiSLB/LxCuykWw+zh
sRhu3VcY12ziUx73Thw5hk6vX9wRom0tgo8Bc0pxKnFMXSlmAQq1PwEB8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDq5p2iL+2JMN7khQbPgUJMv+27OMB8GA1UdIwQY
MBaAFOENXCmjQ5cD2JtavwOnXYYXcb70MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWIt
ZTQyYTU4MDY0YTYzLzEvT3JtbmFJdjdZa3czdVNGQnMtQlFreV83YnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWItZTQyYTU4MDY0YTYz
LzEvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHcdMA0G
CSqGSIb3DQEBCwUAA4IBAQBMh2y5fgC69sUnK3M39AKP5KvRUM13e4hq1G3DDtYr
vayDFjOdECC7oPPgpZE8PAwcscPnZSQfjZaICHV8JF1obJpdvVrbvlvbFoCW5tA9
acMNYiOKYFtVhTVbCwxXAq3FjmmqiLAMwHcY/94DkuLoTW9MM85gl9hArUZjsqdo
B5zvOFhpCSMe5MEVE+xwXB0wikOufDrY8Etnl0D1ntPz2cJCemt4ijPjxNbcQqOq
ajliqxCnH+PbW/LyHYwnAeTCgt3MBsFxB5xN9JdJyZC51gEF3FPJ7U/gQ1lcK0qL
Lc6nsqELpzIdpsuSkcyZdpRHTBjClprDqeS2BvJq5kag
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:21:20 2025 by rpki-client