Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/o0naTY2lU_XCKHCOD4HRfjiAS20.roa
File: o0naTY2lU_XCKHCOD4HRfjiAS20.roa (raw, json)
Hash identifier: ctUbEkyNdhuq/LnXlhlDp6xaZ2CRNDEI5dgg4y7saV4=
Subject key identifier: A3:49:DA:4D:8D:A5:53:F5:C2:28:70:8E:0F:81:D1:7E:38:80:4B:6D
Certificate issuer: /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial: 019427480E8DDE1C8D46696A531B411A520B
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/o0naTY2lU_XCKHCOD4HRfjiAS20.roa
Signing time: Thu 02 Jan 2025 13:50:21 +0000
ROA not before: Thu 02 Jan 2025 13:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201234
IP address blocks: 185.62.22.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:0e:8d:de:1c:8d:46:69:6a:53:1b:41:1a:52:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
Validity
Not Before: Jan 2 13:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a349da4d8da553f5c228708e0f81d17e38804b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:18:cd:7c:57:f7:aa:e9:3f:ed:cf:ea:b8:25:
c5:a2:08:8c:52:83:20:d5:27:62:b3:b7:99:32:1c:
f2:e1:83:1c:1d:3d:2f:7e:c5:3f:5a:be:f9:ba:58:
23:11:cf:72:bb:49:c8:f4:ae:bc:62:2d:8e:65:dc:
66:5a:42:57:61:9d:9c:c8:12:0e:04:9e:1c:46:86:
2f:53:ee:03:1d:2f:02:86:62:12:cd:b2:9e:c7:00:
8c:a9:ef:d1:39:8d:69:a8:f6:c6:f9:0e:c3:a2:be:
55:8f:ab:7e:e6:5b:52:59:6f:97:d7:e8:73:44:9e:
e2:38:ed:30:b1:67:8c:99:8d:d1:28:bf:28:12:70:
fd:bc:c7:43:8a:cc:48:1f:9d:e4:51:38:7b:92:7a:
50:62:fd:aa:aa:e3:d1:11:e8:e5:ac:44:63:45:40:
50:90:1f:eb:a8:5d:c9:26:f2:fb:d0:25:84:46:4b:
0f:22:29:bf:95:c3:3d:73:d7:f1:4c:17:25:42:c3:
b4:b1:7b:7a:fc:9b:d8:df:51:df:c1:06:67:69:21:
4c:a1:6a:97:51:59:2f:fd:7f:6e:ea:8a:d5:4d:1f:
74:2a:31:32:c1:70:18:0d:1e:c6:c7:2c:dc:a9:07:
85:db:f5:ce:5a:7a:a7:70:c2:8f:af:49:b9:37:b7:
ac:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:49:DA:4D:8D:A5:53:F5:C2:28:70:8E:0F:81:D1:7E:38:80:4B:6D
X509v3 Authority Key Identifier:
keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/o0naTY2lU_XCKHCOD4HRfjiAS20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.22.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:94:38:c1:6e:9d:12:c6:0f:58:fa:3c:28:81:6f:cc:43:6b:
6c:89:77:52:11:21:3b:0d:d9:48:19:fc:e2:12:0a:20:44:54:
9c:a5:7c:ec:c5:64:6f:3e:f4:43:95:ed:f3:1d:8f:1e:3d:83:
89:5e:44:8b:b4:a6:22:4f:e7:f9:3c:6c:d2:36:13:69:1b:a0:
86:b8:c3:e7:4b:18:bc:a7:07:1e:bb:8e:b4:64:d1:bb:ca:c6:
72:13:c4:7e:aa:d5:66:6c:fb:c9:64:7d:63:5b:16:39:43:b8:
0c:9f:29:bc:d7:00:24:17:0d:9c:70:2c:e0:86:b8:df:7e:33:
4a:2a:7e:b3:40:b1:bc:8f:56:2b:e9:a8:0a:08:9c:9d:b9:d2:
a3:7c:4e:40:d9:14:91:c9:c2:40:1b:3f:19:2f:52:1d:40:b5:
a4:94:8d:91:0b:1e:2a:c9:3f:51:df:03:39:6c:95:e1:85:52:
79:ec:df:5c:55:ac:52:57:9b:bd:bc:92:e7:bc:73:84:9b:ed:
2d:97:a1:63:8a:ba:5d:4e:dc:71:9d:d2:f9:a1:f7:70:58:3f:
27:af:a7:ae:31:15:2f:06:2d:29:f4:de:58:d2:0b:cb:1a:91:
68:b6:83:18:90:de:92:63:3d:94:d9:1b:16:a6:6f:0e:f2:6d:
b4:f1:fd:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSA6N3hyNRmlqUxtBGlILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjUwMTAyMTM1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ5ZGE0ZDhkYTU1M2Y1YzIyODcwOGUwZjgxZDE3ZTM4ODA0YjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RjNfFf3quk/7c/quCXFogiMUoMg
1Sdis7eZMhzy4YMcHT0vfsU/Wr75ulgjEc9yu0nI9K68Yi2OZdxmWkJXYZ2cyBIO
BJ4cRoYvU+4DHS8ChmISzbKexwCMqe/ROY1pqPbG+Q7Dor5Vj6t+5ltSWW+X1+hz
RJ7iOO0wsWeMmY3RKL8oEnD9vMdDisxIH53kUTh7knpQYv2qquPREejlrERjRUBQ
kB/rqF3JJvL70CWERksPIim/lcM9c9fxTBclQsO0sXt6/JvY31HfwQZnaSFMoWqX
UVkv/X9u6orVTR90KjEywXAYDR7GxyzcqQeF2/XOWnqncMKPr0m5N7esuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNJ2k2NpVP1wihwjg+B0X44gEttMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEvbzBuYVRZMmxVX1hDS0hDT0Q0SFJmamlBUzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuT4WMA0G
CSqGSIb3DQEBCwUAA4IBAQB9lDjBbp0Sxg9Y+jwogW/MQ2tsiXdSESE7DdlIGfzi
EgogRFScpXzsxWRvPvRDle3zHY8ePYOJXkSLtKYiT+f5PGzSNhNpG6CGuMPnSxi8
pwceu460ZNG7ysZyE8R+qtVmbPvJZH1jWxY5Q7gMnym81wAkFw2ccCzghrjffjNK
Kn6zQLG8j1Yr6agKCJydudKjfE5A2RSRycJAGz8ZL1IdQLWklI2RCx4qyT9R3wM5
bJXhhVJ57N9cVaxSV5u9vJLnvHOEm+0tl6FjirpdTtxxndL5ofdwWD8nr6euMRUv
Bi0p9N5Y0gvLGpFotoMYkN6SYz2U2RsWpm8O8m208f3r
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:42:17 2025 by rpki-client