Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/oslVCzjJDktKYJryYSyNdvUnSkk.roa
File: oslVCzjJDktKYJryYSyNdvUnSkk.roa (raw, json)
Hash identifier: SorYVglRqEFAzZq8qsgmev36Xx5W3U58FYVpLFp4hYs=
Subject key identifier: A2:C9:55:0B:38:C9:0E:4B:4A:60:9A:F2:61:2C:8D:76:F5:27:4A:49
Certificate issuer: /CN=4e4c1389a849ef5dccb8303703b898c91e63d14f
Certificate serial: 01942444D17AE4A6C1E91C9BA20BD1DB5D19
Authority key identifier: 4E:4C:13:89:A8:49:EF:5D:CC:B8:30:37:03:B8:98:C9:1E:63:D1:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TkwTiahJ713MuDA3A7iYyR5j0U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/oslVCzjJDktKYJryYSyNdvUnSkk.roa
Signing time: Wed 01 Jan 2025 23:47:57 +0000
ROA not before: Wed 01 Jan 2025 23:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48367
IP address blocks: 152.89.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d1:7a:e4:a6:c1:e9:1c:9b:a2:0b:d1:db:5d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e4c1389a849ef5dccb8303703b898c91e63d14f
Validity
Not Before: Jan 1 23:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2c9550b38c90e4b4a609af2612c8d76f5274a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9c:d2:12:ff:5e:73:2f:a9:71:c3:77:08:0e:
8c:1d:b3:6c:21:10:29:76:4b:92:6e:99:94:a3:cb:
67:29:a9:09:2a:90:e0:89:17:e1:1d:41:ca:5f:5a:
0d:09:39:99:5b:f2:76:9d:d2:01:6f:42:e3:a9:49:
e1:21:37:ae:b3:f0:c1:16:ad:c7:46:7a:a9:5d:6c:
54:3d:ec:c3:ae:8c:ac:eb:4c:92:ec:32:75:84:34:
bc:1e:67:b6:eb:a5:13:20:e2:7f:1c:d8:4a:f9:3f:
8a:b1:1e:ff:90:c4:8a:84:f9:79:f4:27:3f:2a:2e:
36:35:64:f9:79:eb:7c:c0:f3:c0:5d:3c:f9:d0:3a:
78:88:2e:5a:20:3d:06:c2:a3:83:49:2d:d4:5b:8e:
ae:2c:dc:c9:3e:06:2d:d9:3a:df:60:11:eb:f7:0c:
d4:4e:f8:03:ba:89:23:0d:89:fa:03:dd:19:f5:8e:
67:3b:a0:a9:3d:81:c5:e5:4d:72:53:2f:a2:d7:54:
ad:db:73:9a:c4:f4:54:a3:e2:8d:17:8c:59:1e:be:
38:31:a6:2b:79:36:fb:73:d5:1c:e1:02:30:4a:90:
a7:df:29:62:65:bc:fc:66:f4:d8:0e:c2:c0:c6:e6:
33:79:b4:99:5c:10:15:e5:50:7a:b4:f5:5c:1c:31:
a4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C9:55:0B:38:C9:0E:4B:4A:60:9A:F2:61:2C:8D:76:F5:27:4A:49
X509v3 Authority Key Identifier:
keyid:4E:4C:13:89:A8:49:EF:5D:CC:B8:30:37:03:B8:98:C9:1E:63:D1:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkwTiahJ713MuDA3A7iYyR5j0U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/oslVCzjJDktKYJryYSyNdvUnSkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3965b0-fee9-49bf-a54d-a8d838438d8a/1/TkwTiahJ713MuDA3A7iYyR5j0U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.220.0/22
Signature Algorithm: sha256WithRSAEncryption
52:c3:de:ea:e0:3b:00:bc:92:8c:63:bf:8f:8e:57:c3:7e:b5:
ba:21:a1:e1:a1:06:85:e7:0b:9a:9f:c2:70:44:98:99:a8:56:
09:a4:cb:cd:49:d8:91:5e:08:a0:cd:f6:a1:a7:31:16:77:85:
89:c7:cf:b3:78:ae:c7:a3:49:66:cd:6f:74:f6:6f:fc:22:18:
31:9f:e6:c1:90:e5:b6:68:1c:49:a7:45:00:db:84:54:11:5d:
dd:15:39:61:a4:22:9a:d2:0c:d6:69:bc:f8:47:75:42:c9:30:
f1:2d:00:af:35:8d:ad:12:9a:23:ad:88:48:27:1e:23:35:1f:
43:a2:58:51:0e:31:ee:7e:21:46:0f:de:0a:50:d3:7d:8f:1f:
be:af:1b:90:de:39:02:30:4e:8a:94:9c:1f:f4:98:7b:d0:7e:
41:72:0f:3c:56:a4:e1:2e:37:b7:bc:d4:26:ab:e7:b3:67:ee:
88:34:11:32:64:74:2e:b5:70:74:9f:1a:9d:94:07:e8:d3:da:
0e:5d:09:28:0f:2c:82:3f:a4:f8:0b:97:eb:51:3a:e6:57:dc:
db:fa:73:bd:f2:37:35:99:0b:91:a6:8d:b5:3f:38:1d:21:49:
0d:13:b6:a3:96:ac:c2:38:be:d7:cb:01:1f:03:ea:c0:c8:a6:
9c:7c:da:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNF65KbB6RybogvR210ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNGMxMzg5YTg0OWVmNWRjY2I4MzAzNzAzYjg5OGM5MWU2
M2QxNGYwHhcNMjUwMTAxMjM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmM5NTUwYjM4YzkwZTRiNGE2MDlhZjI2MTJjOGQ3NmY1Mjc0YTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JzSEv9ecy+pccN3CA6MHbNsIRAp
dkuSbpmUo8tnKakJKpDgiRfhHUHKX1oNCTmZW/J2ndIBb0LjqUnhITeus/DBFq3H
RnqpXWxUPezDroys60yS7DJ1hDS8Hme266UTIOJ/HNhK+T+KsR7/kMSKhPl59Cc/
Ki42NWT5eet8wPPAXTz50Dp4iC5aID0GwqODSS3UW46uLNzJPgYt2TrfYBHr9wzU
TvgDuokjDYn6A90Z9Y5nO6CpPYHF5U1yUy+i11St23OaxPRUo+KNF4xZHr44MaYr
eTb7c9Uc4QIwSpCn3yliZbz8ZvTYDsLAxuYzebSZXBAV5VB6tPVcHDGkCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLJVQs4yQ5LSmCa8mEsjXb1J0pJMB8GA1UdIwQY
MBaAFE5ME4moSe9dzLgwNwO4mMkeY9FPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGt3VGlhaEo3MTNNdURBM0E3aVl5UjVqMFU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTY1YjAtZmVlOS00OWJmLWE1NGQt
YThkODM4NDM4ZDhhLzEvb3NsVkN6akpEa3RLWUpyeVlTeU5kdlVuU2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTY1YjAtZmVlOS00OWJmLWE1NGQtYThkODM4NDM4ZDhh
LzEvVGt3VGlhaEo3MTNNdURBM0E3aVl5UjVqMFU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFncMA0G
CSqGSIb3DQEBCwUAA4IBAQBSw97q4DsAvJKMY7+PjlfDfrW6IaHhoQaF5wuan8Jw
RJiZqFYJpMvNSdiRXgigzfahpzEWd4WJx8+zeK7Ho0lmzW909m/8Ihgxn+bBkOW2
aBxJp0UA24RUEV3dFTlhpCKa0gzWabz4R3VCyTDxLQCvNY2tEpojrYhIJx4jNR9D
olhRDjHufiFGD94KUNN9jx++rxuQ3jkCME6KlJwf9Jh70H5Bcg88VqThLje3vNQm
q+ezZ+6INBEyZHQutXB0nxqdlAfo09oOXQkoDyyCP6T4C5frUTrmV9zb+nO98jc1
mQuRpo21PzgdIUkNE7ajlqzCOL7XywEfA+rAyKacfNpL
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:39:49 2025 by rpki-client