Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8ed018-08f3-4777-9dd4-de245af4facb/1/OCcJDhB4OQ1X-MIeEHbwYqPSbys.roa
File: OCcJDhB4OQ1X-MIeEHbwYqPSbys.roa (raw, json)
Hash identifier: bYb4Alf329H7/hgxf3+yXtwxwALKiQ1xJi7nvHZupTk=
Subject key identifier: 38:27:09:0E:10:78:39:0D:57:F8:C2:1E:10:76:F0:62:A3:D2:6F:2B
Certificate issuer: /CN=d10c88d82d2fac82203d42a242d6eb763d13bbf8
Certificate serial: 019420D61DCC57496C7C0430AF4DEA176F17
Authority key identifier: D1:0C:88:D8:2D:2F:AC:82:20:3D:42:A2:42:D6:EB:76:3D:13:BB:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QyI2C0vrIIgPUKiQtbrdj0Tu_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8ed018-08f3-4777-9dd4-de245af4facb/1/OCcJDhB4OQ1X-MIeEHbwYqPSbys.roa
Signing time: Wed 01 Jan 2025 07:48:10 +0000
ROA not before: Wed 01 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200742
IP address blocks: 185.97.124.0/22 maxlen: 22
185.97.124.0/24 maxlen: 24
185.97.125.0/24 maxlen: 24
185.97.126.0/24 maxlen: 24
185.97.127.0/24 maxlen: 24
2a06:600::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1d:cc:57:49:6c:7c:04:30:af:4d:ea:17:6f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10c88d82d2fac82203d42a242d6eb763d13bbf8
Validity
Not Before: Jan 1 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3827090e1078390d57f8c21e1076f062a3d26f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b5:ef:70:93:a8:23:16:65:12:3e:42:95:b4:
64:ce:03:0d:98:65:7b:e7:06:f0:e4:38:ab:9a:f6:
e9:67:90:de:8d:07:59:2e:2b:73:8d:83:2e:2a:80:
79:f1:79:06:af:ad:8f:39:3f:70:94:07:74:09:bc:
20:76:0b:54:7a:8b:53:78:1c:d5:fc:c3:4e:5e:bb:
49:b7:73:d9:38:5d:57:f6:f5:ab:b0:ea:18:ea:9e:
7f:a8:f9:af:04:9b:43:83:a6:a7:1d:2c:d6:95:91:
f2:3a:ed:b2:88:c9:12:af:cd:4f:08:30:64:f0:6d:
ba:27:a2:fd:4c:98:7f:20:26:28:38:0a:e6:e6:da:
4f:25:06:fb:13:b9:37:5c:a4:f8:70:da:3c:52:af:
f9:4c:71:91:b3:fe:90:14:0a:12:bc:8b:0a:72:8a:
40:6e:62:01:0c:93:38:5a:b6:4e:04:1f:92:d0:4e:
28:38:a6:2e:23:82:44:67:6c:2b:a8:bc:7f:31:6e:
75:28:64:8d:e5:b9:2f:34:ba:83:95:0e:28:ba:41:
7a:b5:35:bb:c4:75:75:32:99:73:5d:b8:08:ea:78:
7d:f5:23:f0:72:2c:e5:20:e6:50:0b:cd:01:01:fc:
0f:47:33:ec:c3:e1:9c:f8:aa:ae:fe:b5:91:86:28:
f8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:27:09:0E:10:78:39:0D:57:F8:C2:1E:10:76:F0:62:A3:D2:6F:2B
X509v3 Authority Key Identifier:
keyid:D1:0C:88:D8:2D:2F:AC:82:20:3D:42:A2:42:D6:EB:76:3D:13:BB:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QyI2C0vrIIgPUKiQtbrdj0Tu_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8ed018-08f3-4777-9dd4-de245af4facb/1/OCcJDhB4OQ1X-MIeEHbwYqPSbys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8ed018-08f3-4777-9dd4-de245af4facb/1/0QyI2C0vrIIgPUKiQtbrdj0Tu_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.124.0/22
IPv6:
2a06:600::/29
Signature Algorithm: sha256WithRSAEncryption
b4:ef:d6:b6:62:d8:f9:84:ec:24:a0:d2:56:99:b2:55:a1:44:
27:44:f8:62:28:4a:6d:3e:cd:4d:20:fe:f3:10:10:a0:2f:7f:
71:23:12:04:85:cd:4f:da:e6:76:4e:f0:32:a5:c0:19:64:41:
d5:82:ce:31:d0:d0:7d:1c:14:2a:68:1c:2f:5d:a4:39:24:af:
73:99:34:85:55:78:2b:f3:86:21:dc:47:21:11:d6:59:38:ed:
c9:6b:e8:1c:7b:1d:c7:b0:db:7c:05:cc:38:ba:66:fc:06:3a:
51:b4:00:f9:f7:5c:f5:63:91:78:54:a9:2f:3e:84:3a:8a:71:
a7:3c:41:ee:c8:43:c6:8b:72:49:70:e2:89:b7:68:29:ff:8e:
f6:77:59:00:9e:ca:44:dd:be:58:ce:4f:47:e3:11:17:cd:21:
42:b8:b0:f1:1a:96:7d:f4:de:4b:27:b4:01:75:05:4e:d9:55:
19:c1:98:5d:e6:b0:e0:8f:4f:3e:ff:16:b5:8f:ab:da:42:64:
89:1d:c1:a4:21:80:83:62:3a:65:55:a1:cd:8a:7e:00:6d:b2:
35:31:86:44:fd:99:45:f4:c6:6b:fe:33:c7:21:47:3f:c7:e8:
09:cf:0e:5d:f7:1c:29:89:53:b0:8d:f5:ad:93:78:89:c4:e8:
f6:8f:47:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1h3MV0lsfAQwr03qF28XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMGM4OGQ4MmQyZmFjODIyMDNkNDJhMjQyZDZlYjc2M2Qx
M2JiZjgwHhcNMjUwMTAxMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI3MDkwZTEwNzgzOTBkNTdmOGMyMWUxMDc2ZjA2MmEzZDI2ZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LXvcJOoIxZlEj5ClbRkzgMNmGV7
5wbw5DirmvbpZ5DejQdZLitzjYMuKoB58XkGr62POT9wlAd0CbwgdgtUeotTeBzV
/MNOXrtJt3PZOF1X9vWrsOoY6p5/qPmvBJtDg6anHSzWlZHyOu2yiMkSr81PCDBk
8G26J6L9TJh/ICYoOArm5tpPJQb7E7k3XKT4cNo8Uq/5THGRs/6QFAoSvIsKcopA
bmIBDJM4WrZOBB+S0E4oOKYuI4JEZ2wrqLx/MW51KGSN5bkvNLqDlQ4oukF6tTW7
xHV1MplzXbgI6nh99SPwcizlIOZQC80BAfwPRzPsw+Gc+Kqu/rWRhij4oQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDgnCQ4QeDkNV/jCHhB28GKj0m8rMB8GA1UdIwQY
MBaAFNEMiNgtL6yCID1CokLW63Y9E7v4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFF5STJDMHZySUlnUFVLaVF0YnJkajBUdV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84ZWQwMTgtMDhmMy00Nzc3LTlkZDQt
ZGUyNDVhZjRmYWNiLzEvT0NjSkRoQjRPUTFYLU1JZUVIYndZcVBTYnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS84ZWQwMTgtMDhmMy00Nzc3LTlkZDQtZGUyNDVhZjRmYWNi
LzEvMFF5STJDMHZySUlnUFVLaVF0YnJkajBUdV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWF8MA0E
AgACMAcDBQMqBgYAMA0GCSqGSIb3DQEBCwUAA4IBAQC079a2Ytj5hOwkoNJWmbJV
oUQnRPhiKEptPs1NIP7zEBCgL39xIxIEhc1P2uZ2TvAypcAZZEHVgs4x0NB9HBQq
aBwvXaQ5JK9zmTSFVXgr84Yh3EchEdZZOO3Ja+gcex3HsNt8Bcw4umb8BjpRtAD5
91z1Y5F4VKkvPoQ6inGnPEHuyEPGi3JJcOKJt2gp/472d1kAnspE3b5Yzk9H4xEX
zSFCuLDxGpZ99N5LJ7QBdQVO2VUZwZhd5rDgj08+/xa1j6vaQmSJHcGkIYCDYjpl
VaHNin4AbbI1MYZE/ZlF9MZr/jPHIUc/x+gJzw5d9xwpiVOwjfWtk3iJxOj2j0d1
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:15:54 2025 by rpki-client