Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/1-OsNCAIB8BtnJpCmSk5vs9AfqRw.roa
File: 1-OsNCAIB8BtnJpCmSk5vs9AfqRw.roa (raw, json)
Hash identifier: rov7VSnSSae/bJ4kPmKmJWJ9MKvyKBsrk/qcPi6/iFE=
Subject key identifier: F8:EB:0D:08:02:01:F0:1B:67:26:90:A6:4A:4E:6F:B3:D0:1F:A9:1C
Certificate issuer: /CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Certificate serial: 01942521863501D9359298AFBF3ABCA052BC
Authority key identifier: 6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/1-OsNCAIB8BtnJpCmSk5vs9AfqRw.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210247
IP address blocks: 192.166.36.0/22 maxlen: 22
192.166.36.0/24 maxlen: 24
192.166.38.0/24 maxlen: 24
192.166.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:86:35:01:d9:35:92:98:af:bf:3a:bc:a0:52:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8eb0d080201f01b672690a64a4e6fb3d01fa91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:77:bd:bf:53:10:3a:7e:91:a9:c3:4b:17:58:
80:c5:4a:21:53:56:f7:ab:03:e9:1f:72:03:f9:1b:
4c:6a:fa:95:0c:bc:23:cf:34:98:22:bd:c4:79:45:
9d:1f:83:64:e7:67:35:fa:83:d6:af:97:a7:26:eb:
05:57:42:01:c0:49:9b:e4:a4:2d:66:97:c6:65:b2:
24:4a:f4:71:4a:6b:ad:6e:83:6d:10:73:c6:ce:2d:
95:3b:63:16:82:18:94:a9:48:97:80:de:57:c7:fd:
9f:af:2d:0b:d3:e0:26:fa:1a:d2:91:70:e6:99:1d:
5d:51:85:0a:b6:e1:b1:ff:2d:ea:95:89:9c:99:1b:
43:62:b1:e4:ef:39:d1:6d:04:7c:22:f8:9e:e0:fc:
42:60:8c:85:af:2c:e0:fd:80:23:e2:40:b8:2e:9b:
bc:98:4e:c9:0e:02:51:c7:2b:f8:fc:18:1e:e0:91:
58:ac:d2:a4:19:92:48:66:46:b7:57:f5:bb:b3:9e:
89:a4:84:3a:11:f3:60:df:0a:0b:bc:4d:4a:30:56:
8f:2b:e3:1e:ff:cc:6d:59:9c:87:02:e0:6f:6f:5c:
2b:b8:f9:4c:40:cc:a9:5e:59:26:08:57:2d:95:a1:
bf:52:89:42:ba:f7:6f:e4:c2:24:aa:21:1d:2b:84:
ae:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EB:0D:08:02:01:F0:1B:67:26:90:A6:4A:4E:6F:B3:D0:1F:A9:1C
X509v3 Authority Key Identifier:
keyid:6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/1-OsNCAIB8BtnJpCmSk5vs9AfqRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/bkCd70qKicqI9XGCxS7W1w-5GXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.36.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:36:20:a9:ce:e5:60:82:9a:0a:e5:b1:3d:0e:97:6b:c5:79:
8c:55:b7:7c:60:a2:7d:0d:11:19:68:d4:d1:01:a6:6f:a9:f2:
3a:39:e8:bf:1c:e7:a7:45:03:ac:bf:a5:d6:e9:ad:d9:20:02:
48:39:44:72:88:2a:ef:f7:18:35:11:a6:f1:f4:94:44:7c:93:
1b:be:1a:c0:79:c8:f2:cd:ad:10:20:be:e7:be:1d:4a:6b:0b:
67:b8:df:ad:c1:30:e8:cd:b6:bd:3d:9d:45:1e:b2:b8:2c:1e:
bd:42:1f:6e:f4:2c:37:e7:07:ad:19:0c:fa:91:b4:31:6d:62:
d2:4b:e6:9b:aa:01:c9:4d:7c:d6:8d:b6:d4:a7:e7:dc:8a:b3:
22:a6:f1:8c:57:f0:19:cd:68:4e:11:25:c1:d6:8c:55:44:c9:
6c:f2:3d:a2:2b:9f:6f:36:61:c5:51:58:9b:d8:ec:45:79:40:
da:0e:93:f3:c8:ed:e4:a4:47:65:52:c1:db:e8:d5:a7:cf:46:
f4:39:77:37:83:7a:b7:b4:1a:d7:e3:bb:20:22:78:54:03:bd:
32:78:3d:b2:33:ac:50:94:b2:89:f3:56:a8:b4:ab:95:06:e0:
8b:0a:a3:2f:a9:c0:e2:52:06:f7:b1:f7:4d:fd:65:81:75:e1:
f9:2d:57:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIYY1Adk1kpivvzq8oFK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA5ZGVmNGE4YTg5Y2E4OGY1NzE4MmM1MmVkNmQ3MGZi
OTE5NzYwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGViMGQwODAyMDFmMDFiNjcyNjkwYTY0YTRlNmZiM2QwMWZhOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3e9v1MQOn6RqcNLF1iAxUohU1b3
qwPpH3ID+RtMavqVDLwjzzSYIr3EeUWdH4Nk52c1+oPWr5enJusFV0IBwEmb5KQt
ZpfGZbIkSvRxSmutboNtEHPGzi2VO2MWghiUqUiXgN5Xx/2fry0L0+Am+hrSkXDm
mR1dUYUKtuGx/y3qlYmcmRtDYrHk7znRbQR8Ivie4PxCYIyFryzg/YAj4kC4Lpu8
mE7JDgJRxyv4/Bge4JFYrNKkGZJIZka3V/W7s56JpIQ6EfNg3woLvE1KMFaPK+Me
/8xtWZyHAuBvb1wruPlMQMypXlkmCFctlaG/UolCuvdv5MIkqiEdK4SuHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjrDQgCAfAbZyaQpkpOb7PQH6kcMB8GA1UdIwQY
MBaAFG5Ane9KionKiPVxgsUu1tcPuRl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtDZDcwcUtpY3FJOVhHQ3hTN1cxdy01R1hZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wNTg4MWMtMmFhNS00MmU0LTg0Yjgt
N2FjM2NhMWYzNTdkLzEvMS1Pc05DQUlCOEJ0bkpwQ21TazV2czlBZnFSdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvMDU4ODFjLTJhYTUtNDJlNC04NGI4LTdhYzNjYTFmMzU3
ZC8xL2JrQ2Q3MHFLaWNxSTlYR0N4UzdXMXctNUdYWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsCmJDAN
BgkqhkiG9w0BAQsFAAOCAQEAajYgqc7lYIKaCuWxPQ6Xa8V5jFW3fGCifQ0RGWjU
0QGmb6nyOjnovxznp0UDrL+l1umt2SACSDlEcogq7/cYNRGm8fSURHyTG74awHnI
8s2tECC+574dSmsLZ7jfrcEw6M22vT2dRR6yuCwevUIfbvQsN+cHrRkM+pG0MW1i
0kvmm6oByU181o221Kfn3IqzIqbxjFfwGc1oThElwdaMVUTJbPI9oiufbzZhxVFY
m9jsRXlA2g6T88jt5KRHZVLB2+jVp89G9Dl3N4N6t7Qa1+O7ICJ4VAO9Mng9sjOs
UJSyifNWqLSrlQbgiwqjL6nA4lIG97H3Tf1lgXXh+S1XOw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:30:41 2025 by rpki-client