Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/OnRHsiqDeR9lPOPphyyOmOlqHJI.roa
File: OnRHsiqDeR9lPOPphyyOmOlqHJI.roa (raw, json)
Hash identifier: sc+Pmya8TqVV8sQvDFxWsBcLjxza8djqPlBaIMjD3rA=
Subject key identifier: 3A:74:47:B2:2A:83:79:1F:65:3C:E3:E9:87:2C:8E:98:E9:6A:1C:92
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 01942444F057FD1B98ED4D9F0D705A8809C1
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/OnRHsiqDeR9lPOPphyyOmOlqHJI.roa
Signing time: Wed 01 Jan 2025 23:48:05 +0000
ROA not before: Wed 01 Jan 2025 23:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34262
IP address blocks: 82.141.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:f0:57:fd:1b:98:ed:4d:9f:0d:70:5a:88:09:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 23:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a7447b22a83791f653ce3e9872c8e98e96a1c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d8:a2:f8:f3:c5:ff:dd:76:37:b1:b4:d1:de:
c5:50:86:fe:cb:9b:cf:f7:f4:1b:c6:00:1e:d4:82:
54:70:d8:9c:6b:8d:ef:62:c8:6a:74:c5:19:27:b8:
94:04:52:55:9f:45:e2:20:46:3b:fb:e7:cb:bf:e5:
10:78:2f:60:32:6b:e8:31:e2:19:70:39:a7:36:4f:
ed:2f:d2:a0:9f:91:d1:7f:ba:2c:a1:af:ed:3a:d5:
4c:ae:c3:83:34:b3:da:ae:a4:b8:bf:09:90:e4:2f:
2c:49:71:cd:e2:f1:a2:3a:04:a3:47:33:7b:f3:fe:
5c:d4:96:c6:af:b7:f1:33:f3:62:f2:86:e9:74:11:
51:b8:82:9e:cc:9f:5e:d7:b7:8b:0c:e4:52:cb:58:
a1:84:85:fd:15:4a:d2:fe:df:34:77:28:78:84:72:
52:85:a4:a8:c3:04:3c:18:81:40:e1:a8:aa:bb:ff:
94:6e:ec:d7:ae:65:c0:ec:98:bb:7f:8c:ed:76:f9:
87:43:a3:37:10:e2:c0:b9:f1:31:2a:9a:53:ab:34:
5e:e2:bf:83:22:3b:a8:cc:0c:43:c0:e6:94:06:fb:
cf:b1:e9:ca:88:fc:2a:27:8c:80:7e:cb:99:97:83:
56:06:ea:f2:22:f6:92:81:2b:c2:50:2f:e1:8b:b8:
40:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:74:47:B2:2A:83:79:1F:65:3C:E3:E9:87:2C:8E:98:E9:6A:1C:92
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/OnRHsiqDeR9lPOPphyyOmOlqHJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.141.154.0/24
Signature Algorithm: sha256WithRSAEncryption
22:50:28:f9:b0:cf:37:17:a7:7d:03:6b:22:cd:f8:13:6c:0a:
19:3b:11:47:80:0b:74:c4:df:31:9f:71:18:e5:18:2b:5b:31:
d3:f4:ea:27:15:a1:83:05:99:f1:70:bc:e3:76:bc:21:ab:c6:
b4:1e:bf:3b:8e:2e:ad:28:27:d6:67:6d:65:f6:18:75:e0:82:
bd:63:e7:f2:03:3d:40:99:f4:d7:5e:93:65:95:42:52:67:23:
7d:a7:1b:b6:d5:ea:8d:bb:eb:81:ac:52:6e:08:07:23:ca:aa:
6e:e6:10:15:fc:c1:ff:fa:c7:68:ea:4d:ca:16:70:cb:57:63:
96:cc:ac:8f:62:60:8d:69:51:3d:00:b1:97:02:a7:47:6d:d6:
c6:71:70:80:6d:4d:c7:46:33:ab:50:88:50:71:9e:90:87:a2:
91:e7:fc:22:6a:38:34:e4:fa:7b:65:8a:3b:b7:4e:64:79:f8:
6f:36:fb:e3:12:82:c6:86:28:99:c3:18:05:e8:75:88:fb:d0:
5c:06:00:16:16:c7:64:78:16:82:97:3e:0f:0c:2d:cb:70:38:
26:e0:31:0f:57:ca:e6:65:80:50:82:71:ba:59:3a:eb:83:92:
23:07:60:04:a4:ea:43:7b:f2:3e:ff:17:19:52:96:bc:44:57:
d9:a5:3d:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRPBX/RuY7U2fDXBaiAnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjUwMTAxMjM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc0NDdiMjJhODM3OTFmNjUzY2UzZTk4NzJjOGU5OGU5NmExYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtii+PPF/912N7G00d7FUIb+y5vP
9/QbxgAe1IJUcNica43vYshqdMUZJ7iUBFJVn0XiIEY7++fLv+UQeC9gMmvoMeIZ
cDmnNk/tL9Kgn5HRf7osoa/tOtVMrsODNLParqS4vwmQ5C8sSXHN4vGiOgSjRzN7
8/5c1JbGr7fxM/Ni8obpdBFRuIKezJ9e17eLDORSy1ihhIX9FUrS/t80dyh4hHJS
haSowwQ8GIFA4aiqu/+UbuzXrmXA7Ji7f4ztdvmHQ6M3EOLAufExKppTqzRe4r+D
IjuozAxDwOaUBvvPsenKiPwqJ4yAfsuZl4NWBuryIvaSgSvCUC/hi7hACQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDp0R7Iqg3kfZTzj6YcsjpjpahySMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvT25SSHNpcURlUjlsUE9QcGh5eU9tT2xxSEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUo2aMA0G
CSqGSIb3DQEBCwUAA4IBAQAiUCj5sM83F6d9A2sizfgTbAoZOxFHgAt0xN8xn3EY
5RgrWzHT9OonFaGDBZnxcLzjdrwhq8a0Hr87ji6tKCfWZ21l9hh14IK9Y+fyAz1A
mfTXXpNllUJSZyN9pxu21eqNu+uBrFJuCAcjyqpu5hAV/MH/+sdo6k3KFnDLV2OW
zKyPYmCNaVE9ALGXAqdHbdbGcXCAbU3HRjOrUIhQcZ6Qh6KR5/wiajg05Pp7ZYo7
t05kefhvNvvjEoLGhiiZwxgF6HWI+9BcBgAWFsdkeBaClz4PDC3LcDgm4DEPV8rm
ZYBQgnG6WTrrg5IjB2AEpOpDe/I+/xcZUpa8RFfZpT36
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:04:48 2025 by rpki-client