Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Oy76tDsDmXBgEhG1oMG2RuySRQM.roa
File: Oy76tDsDmXBgEhG1oMG2RuySRQM.roa (raw, json)
Hash identifier: EGiybFgcd+LbmGH0QLddo2+9VYppjWAguhCXlVERXig=
Subject key identifier: 3B:2E:FA:B4:3B:03:99:70:60:12:11:B5:A0:C1:B6:46:EC:92:45:03
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01942823911E0BF8F73DAEC7B6B7EF740278
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Oy76tDsDmXBgEhG1oMG2RuySRQM.roa
Signing time: Thu 02 Jan 2025 17:50:06 +0000
ROA not before: Thu 02 Jan 2025 17:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 188.209.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:91:1e:0b:f8:f7:3d:ae:c7:b6:b7:ef:74:02:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 2 17:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b2efab43b039970601211b5a0c1b646ec924503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a8:0a:73:3f:58:bb:c9:6b:a1:f6:db:11:8f:
be:65:54:5b:70:ca:28:b4:a9:96:76:d3:9c:b5:fd:
4b:00:23:a4:12:b3:b6:f2:76:43:be:e5:b3:5d:c8:
e9:2d:b4:eb:f6:08:7c:26:dc:b6:ee:3a:a4:17:aa:
66:3d:a8:b9:69:4f:3f:60:3f:e6:c7:06:e0:6c:2c:
3f:96:fd:f1:0f:4b:88:e3:ab:de:38:ff:98:c9:df:
1f:e1:54:35:7f:8b:93:f1:89:af:3e:3b:29:41:83:
8b:4f:a2:de:d8:24:e9:12:6d:14:6a:58:57:3e:73:
e3:bf:25:bb:80:e8:00:4c:87:be:a2:9d:ee:f5:22:
fc:d9:13:87:6e:ff:0b:81:1e:57:48:56:f0:b6:bb:
d6:8d:b4:30:5b:66:28:df:bc:5a:c1:cb:d0:69:a7:
65:46:00:6b:1f:8b:1f:85:a5:04:80:ab:4f:45:37:
f8:86:e2:44:49:bd:e8:af:7d:76:d5:2f:bb:8a:c1:
60:1a:ad:57:60:c6:69:1c:19:11:70:c5:b9:09:2d:
e9:26:47:47:84:0c:97:ed:c4:a7:6f:d4:3b:c0:a7:
18:64:2c:6c:09:f7:14:d7:73:6b:d7:04:a5:0d:68:
ba:bb:eb:43:e8:ef:98:0a:75:e5:2d:9b:79:1d:f9:
21:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2E:FA:B4:3B:03:99:70:60:12:11:B5:A0:C1:B6:46:EC:92:45:03
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Oy76tDsDmXBgEhG1oMG2RuySRQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:2a:c1:7e:84:53:e9:5f:ca:32:66:36:9a:50:42:88:96:4a:
29:b5:b6:9f:45:ce:1b:4a:22:52:75:1e:ee:3e:1d:38:4e:d1:
1f:3d:13:46:64:84:7e:5b:3a:9f:30:6b:04:53:f2:16:2e:e9:
15:15:02:db:5e:ac:03:a6:e8:31:2c:d5:29:55:ba:37:3b:97:
ac:65:c1:f4:e2:cc:85:db:dc:24:b3:fe:e9:a6:50:20:dc:54:
b7:f6:cf:56:50:ca:0d:e2:7b:6d:14:6f:ad:b2:71:21:f8:a3:
72:69:3b:01:6e:cc:41:94:3d:68:aa:d0:f6:69:b9:ed:b2:d0:
89:42:10:aa:7b:f1:67:80:c3:39:32:be:f4:11:30:76:c2:d5:
a2:45:91:dc:ae:09:94:7b:de:c8:01:5f:6c:5e:a0:69:08:78:
1e:c5:cc:ac:e3:ba:be:90:2e:ae:d0:d3:4a:ee:70:f9:b4:9b:
e8:ed:95:8e:78:70:90:ad:26:48:24:8f:ce:90:5c:51:88:35:
ab:53:f5:f2:8d:e9:57:2f:f3:df:d2:05:47:6a:46:12:a2:50:
a2:1e:4f:12:af:a5:f7:52:d8:7e:e8:9e:3f:d6:fd:ab:64:98:
98:57:55:3c:a0:58:dc:47:ca:e3:b2:bf:d6:7f:7e:f7:5d:f2:
38:92:cc:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI5EeC/j3Pa7HtrfvdAJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjUwMTAyMTc1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjJlZmFiNDNiMDM5OTcwNjAxMjExYjVhMGMxYjY0NmVjOTI0NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvagKcz9Yu8lrofbbEY++ZVRbcMoo
tKmWdtOctf1LACOkErO28nZDvuWzXcjpLbTr9gh8Jty27jqkF6pmPai5aU8/YD/m
xwbgbCw/lv3xD0uI46veOP+Yyd8f4VQ1f4uT8YmvPjspQYOLT6Le2CTpEm0UalhX
PnPjvyW7gOgATIe+op3u9SL82ROHbv8LgR5XSFbwtrvWjbQwW2Yo37xawcvQaadl
RgBrH4sfhaUEgKtPRTf4huJESb3or3121S+7isFgGq1XYMZpHBkRcMW5CS3pJkdH
hAyX7cSnb9Q7wKcYZCxsCfcU13Nr1wSlDWi6u+tD6O+YCnXlLZt5HfkhNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsu+rQ7A5lwYBIRtaDBtkbskkUDMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvT3k3NnREc0RtWEJnRWhHMW9NRzJSdXlTUlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGGMA0G
CSqGSIb3DQEBCwUAA4IBAQCnKsF+hFPpX8oyZjaaUEKIlkoptbafRc4bSiJSdR7u
Ph04TtEfPRNGZIR+WzqfMGsEU/IWLukVFQLbXqwDpugxLNUpVbo3O5esZcH04syF
29wks/7pplAg3FS39s9WUMoN4nttFG+tsnEh+KNyaTsBbsxBlD1oqtD2abntstCJ
QhCqe/FngMM5Mr70ETB2wtWiRZHcrgmUe97IAV9sXqBpCHgexcys47q+kC6u0NNK
7nD5tJvo7ZWOeHCQrSZIJI/OkFxRiDWrU/XyjelXL/Pf0gVHakYSolCiHk8Sr6X3
Uth+6J4/1v2rZJiYV1U8oFjcR8rjsr/Wf373XfI4ksxE
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:48:17 2025 by rpki-client