Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/910bd4-7fda-4934-a403-b136fe40df4d/1/OevXGO9big2d2JK12PRdEUk2MPE.roa
File: OevXGO9big2d2JK12PRdEUk2MPE.roa (raw, json)
Hash identifier: FmOYT06hQMPm9dCUUJxlovK9qL/uV14wUJ4HLBabvxQ=
Subject key identifier: 39:EB:D7:18:EF:5B:8A:0D:9D:D8:92:B5:D8:F4:5D:11:49:36:30:F1
Certificate issuer: /CN=7698c999e7f0493ee36634e892b37c9f3bf9407d
Certificate serial: 019422FB752EF7602B76159FAE9B5561EBB2
Authority key identifier: 76:98:C9:99:E7:F0:49:3E:E3:66:34:E8:92:B3:7C:9F:3B:F9:40:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dpjJmefwST7jZjTokrN8nzv5QH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/910bd4-7fda-4934-a403-b136fe40df4d/1/OevXGO9big2d2JK12PRdEUk2MPE.roa
Signing time: Wed 01 Jan 2025 17:48:12 +0000
ROA not before: Wed 01 Jan 2025 17:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35627
IP address blocks: 195.160.166.0/23 maxlen: 24
195.160.166.0/24 maxlen: 24
2001:67c:5c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:75:2e:f7:60:2b:76:15:9f:ae:9b:55:61:eb:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7698c999e7f0493ee36634e892b37c9f3bf9407d
Validity
Not Before: Jan 1 17:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39ebd718ef5b8a0d9dd892b5d8f45d11493630f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b3:83:e6:0d:5d:eb:dd:9c:e0:ad:ca:fb:88:
3e:47:5b:36:0c:80:94:97:f8:8a:9a:d9:ca:76:c0:
2f:f7:e2:d6:ed:24:fc:16:e2:07:3c:60:ab:34:ee:
f0:5f:aa:e0:ed:ed:3a:08:e3:3d:ff:d0:bc:5f:32:
6e:9a:aa:18:f7:5b:df:1f:65:cd:fd:40:82:d0:85:
80:00:05:76:b9:40:d0:99:cb:cb:11:46:55:37:9c:
cc:e5:30:cd:5c:61:ff:d8:6d:db:2f:3a:c6:59:ff:
cb:a3:cc:6c:76:8f:6e:e6:6d:a5:80:ae:ce:46:89:
b7:1c:81:1d:eb:e3:a3:ab:32:2a:f4:f1:30:26:48:
e8:99:b8:0d:c5:e4:8d:b8:1c:10:9e:fe:f9:c2:04:
84:5e:90:b9:63:53:d9:26:e6:ae:c2:27:d8:4a:b2:
a9:4b:7d:e2:4e:05:e9:0e:6e:ca:43:35:65:96:ed:
cd:14:50:b2:5c:e0:b5:8a:4a:55:2f:7e:6f:dc:4f:
33:3c:f4:a4:a0:c0:90:8f:bf:17:05:15:6d:82:b5:
60:61:ae:be:f9:3f:f1:af:5d:fb:c2:dd:4a:c2:1d:
ab:7b:7c:cb:b7:09:4f:5e:9c:e6:fa:30:c1:41:0a:
72:a7:34:47:9f:51:c2:8c:cb:94:d1:c0:c3:b3:30:
6d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:EB:D7:18:EF:5B:8A:0D:9D:D8:92:B5:D8:F4:5D:11:49:36:30:F1
X509v3 Authority Key Identifier:
keyid:76:98:C9:99:E7:F0:49:3E:E3:66:34:E8:92:B3:7C:9F:3B:F9:40:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpjJmefwST7jZjTokrN8nzv5QH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/910bd4-7fda-4934-a403-b136fe40df4d/1/OevXGO9big2d2JK12PRdEUk2MPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/910bd4-7fda-4934-a403-b136fe40df4d/1/dpjJmefwST7jZjTokrN8nzv5QH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.166.0/23
IPv6:
2001:67c:5c::/48
Signature Algorithm: sha256WithRSAEncryption
d0:3e:a8:b1:64:eb:52:92:a6:e9:59:cc:ff:e8:31:e7:71:f4:
a7:19:86:48:3d:28:14:21:e3:87:59:ad:71:78:45:61:e9:93:
e9:15:59:93:c9:1e:09:98:7d:ed:31:93:cd:89:79:fe:6a:0f:
18:82:68:07:84:30:8a:9f:0d:30:37:b4:6d:52:dc:d5:1c:8f:
66:c5:52:4f:17:cf:c2:36:6f:bd:1f:a7:69:5e:a3:b5:65:20:
fc:e1:d0:e1:5d:98:f1:30:dc:95:a3:1d:6b:d8:fb:43:bb:3d:
23:ee:9f:d9:c2:d9:45:a1:65:62:d0:8a:a8:98:30:fe:c7:b3:
3a:4f:5c:0a:8a:15:27:56:02:64:ab:48:ec:b5:90:68:e1:64:
0a:4c:dd:27:27:85:70:fe:79:2d:cc:93:d1:ab:02:65:14:c6:
24:2b:2b:1b:96:87:ef:6c:d5:e8:a8:35:eb:ed:41:76:0b:25:
2f:8f:56:90:b1:28:9c:4e:b0:c8:dd:a8:df:34:3c:2a:9c:50:
e0:b5:46:3d:0c:0c:9a:f9:f9:70:47:7a:7c:94:c4:63:bc:2f:
23:a5:bb:c0:01:cc:37:32:02:db:59:03:51:47:f4:39:2a:f1:
d3:66:b5:5d:42:bc:c1:2c:6e:69:e7:4a:29:f2:4b:0b:d2:47:
f5:5d:e7:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi+3Uu92ArdhWfrptVYeuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OThjOTk5ZTdmMDQ5M2VlMzY2MzRlODkyYjM3YzlmM2Jm
OTQwN2QwHhcNMjUwMTAxMTc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWViZDcxOGVmNWI4YTBkOWRkODkyYjVkOGY0NWQxMTQ5MzYzMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LOD5g1d692c4K3K+4g+R1s2DICU
l/iKmtnKdsAv9+LW7ST8FuIHPGCrNO7wX6rg7e06COM9/9C8XzJumqoY91vfH2XN
/UCC0IWAAAV2uUDQmcvLEUZVN5zM5TDNXGH/2G3bLzrGWf/Lo8xsdo9u5m2lgK7O
Rom3HIEd6+OjqzIq9PEwJkjombgNxeSNuBwQnv75wgSEXpC5Y1PZJuauwifYSrKp
S33iTgXpDm7KQzVllu3NFFCyXOC1ikpVL35v3E8zPPSkoMCQj78XBRVtgrVgYa6+
+T/xr137wt1Kwh2re3zLtwlPXpzm+jDBQQpypzRHn1HCjMuU0cDDszBtmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDnr1xjvW4oNndiStdj0XRFJNjDxMB8GA1UdIwQY
MBaAFHaYyZnn8Ek+42Y06JKzfJ87+UB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHBqSm1lZndTVDdqWmpUb2tyTjhuenY1UUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC85MTBiZDQtN2ZkYS00OTM0LWE0MDMt
YjEzNmZlNDBkZjRkLzEvT2V2WEdPOWJpZzJkMkpLMTJQUmRFVWsyTVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC85MTBiZDQtN2ZkYS00OTM0LWE0MDMtYjEzNmZlNDBkZjRk
LzEvZHBqSm1lZndTVDdqWmpUb2tyTjhuenY1UUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw6CmMA8E
AgACMAkDBwAgAQZ8AFwwDQYJKoZIhvcNAQELBQADggEBANA+qLFk61KSpulZzP/o
Medx9KcZhkg9KBQh44dZrXF4RWHpk+kVWZPJHgmYfe0xk82Jef5qDxiCaAeEMIqf
DTA3tG1S3NUcj2bFUk8Xz8I2b70fp2leo7VlIPzh0OFdmPEw3JWjHWvY+0O7PSPu
n9nC2UWhZWLQiqiYMP7HszpPXAqKFSdWAmSrSOy1kGjhZApM3ScnhXD+eS3Mk9Gr
AmUUxiQrKxuWh+9s1eioNevtQXYLJS+PVpCxKJxOsMjdqN80PCqcUOC1Rj0MDJr5
+XBHenyUxGO8LyOlu8ABzDcyAttZA1FH9Dkq8dNmtV1CvMEsbmnnSinySwvSR/Vd
50c=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:04:47 2025 by rpki-client