Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/40543e-195a-4332-a8ed-37374e396c7d/1/oDzw6scHjTvVUxNbd-QUot4DsM0.roa
File: oDzw6scHjTvVUxNbd-QUot4DsM0.roa (raw, json)
Hash identifier: wtt4piWURYUGaUVkeFPj0sScj6sbR4E+qyw2r+vT/ds=
Subject key identifier: A0:3C:F0:EA:C7:07:8D:3B:D5:53:13:5B:77:E4:14:A2:DE:03:B0:CD
Certificate issuer: /CN=09ef0b8e5bbab29a1330fa0e7493f2a179847bb2
Certificate serial: 019427487E2685A945825C87A541C8DFA965
Authority key identifier: 09:EF:0B:8E:5B:BA:B2:9A:13:30:FA:0E:74:93:F2:A1:79:84:7B:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ce8Ljlu6spoTMPoOdJPyoXmEe7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/40543e-195a-4332-a8ed-37374e396c7d/1/oDzw6scHjTvVUxNbd-QUot4DsM0.roa
Signing time: Thu 02 Jan 2025 13:50:49 +0000
ROA not before: Thu 02 Jan 2025 13:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198331
IP address blocks: 89.145.176.0/21 maxlen: 21
2a02:7b80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:7e:26:85:a9:45:82:5c:87:a5:41:c8:df:a9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09ef0b8e5bbab29a1330fa0e7493f2a179847bb2
Validity
Not Before: Jan 2 13:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a03cf0eac7078d3bd553135b77e414a2de03b0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:03:42:c3:d0:07:20:ac:00:f2:72:17:02:e2:
3b:d5:29:87:36:12:f1:61:77:2d:be:b1:33:1c:41:
34:64:98:3e:d6:0e:00:23:e9:58:68:e7:44:33:6d:
9c:14:a0:df:6f:82:95:35:78:7f:c7:3d:e1:e4:bf:
d2:e9:a6:90:b0:ac:cc:c0:2c:4d:d4:8c:3a:a4:25:
74:5a:01:a3:ff:92:84:6e:fb:17:c8:db:ac:1a:de:
27:aa:46:c4:5f:ce:07:00:6b:be:36:ad:3d:f2:12:
0b:cf:24:db:f9:d7:1d:ed:5d:5b:1d:f2:c0:76:cb:
b0:df:40:2b:61:ce:a4:f0:b1:92:a9:10:f9:e1:31:
60:ea:73:90:01:9c:fc:cb:c4:62:d7:f4:2c:79:e8:
6a:f5:b4:97:f0:5f:77:8e:77:0b:10:59:8e:4a:9f:
ed:bb:5e:55:6b:b4:e0:61:da:51:fe:d2:e7:5f:3e:
cb:45:da:c2:36:b3:ee:f4:82:db:e7:21:4b:45:47:
75:99:82:f4:07:67:17:90:39:31:7d:b1:94:43:a7:
0b:85:3e:23:23:95:79:8b:56:6a:f9:8b:41:bd:ba:
56:fe:a6:fa:ab:6a:e5:e6:62:13:71:72:20:f7:6c:
79:9f:7c:7a:5a:4f:fe:b8:8d:19:a6:2c:40:89:9e:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3C:F0:EA:C7:07:8D:3B:D5:53:13:5B:77:E4:14:A2:DE:03:B0:CD
X509v3 Authority Key Identifier:
keyid:09:EF:0B:8E:5B:BA:B2:9A:13:30:FA:0E:74:93:F2:A1:79:84:7B:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ce8Ljlu6spoTMPoOdJPyoXmEe7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/40543e-195a-4332-a8ed-37374e396c7d/1/oDzw6scHjTvVUxNbd-QUot4DsM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/40543e-195a-4332-a8ed-37374e396c7d/1/Ce8Ljlu6spoTMPoOdJPyoXmEe7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.145.176.0/21
IPv6:
2a02:7b80::/32
Signature Algorithm: sha256WithRSAEncryption
58:b6:f5:10:31:39:ba:37:87:49:84:d4:a5:4a:56:c7:c5:a2:
96:3e:49:46:0a:08:2c:f9:80:88:90:37:63:d8:12:9c:ff:e0:
5e:3d:51:8b:2f:d5:2a:16:a4:b4:a3:5e:ec:08:e9:80:69:43:
38:ee:33:1f:18:6e:dc:9b:d1:01:0b:20:c6:b7:ec:c6:a6:66:
1b:1a:5f:34:0d:66:40:01:9a:87:5c:44:23:ad:50:ca:67:73:
37:86:2d:e1:d8:12:d9:13:a8:f4:a0:d5:83:20:e9:57:39:be:
10:23:45:d7:7f:bb:9e:e3:47:84:ae:82:c2:98:14:4a:5e:f3:
3b:4d:04:c6:2c:f9:ff:9e:31:4e:09:58:2b:ac:63:88:af:4b:
a5:6d:d4:ee:71:57:e0:87:e7:31:fb:23:b7:a7:31:89:75:6a:
bb:85:24:2f:6f:4f:c9:41:d9:8b:4f:15:12:9f:71:aa:9c:0f:
eb:e0:4e:7a:a5:f9:ba:ca:59:b8:78:60:99:97:92:90:83:e8:
1e:5f:cd:99:49:fb:d2:54:02:12:1c:46:60:cb:b5:91:6f:f5:
7e:1d:bc:ad:c4:ec:c1:21:8e:60:54:fa:7f:f9:33:2d:31:f4:
02:2a:fd:7b:28:a9:25:a7:50:5b:9f:95:7c:44:8a:57:29:0b:
fa:3a:6b:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSH4mhalFglyHpUHI36llMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZWYwYjhlNWJiYWIyOWExMzMwZmEwZTc0OTNmMmExNzk4
NDdiYjIwHhcNMjUwMTAyMTM1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNjZjBlYWM3MDc4ZDNiZDU1MzEzNWI3N2U0MTRhMmRlMDNiMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwNCw9AHIKwA8nIXAuI71SmHNhLx
YXctvrEzHEE0ZJg+1g4AI+lYaOdEM22cFKDfb4KVNXh/xz3h5L/S6aaQsKzMwCxN
1Iw6pCV0WgGj/5KEbvsXyNusGt4nqkbEX84HAGu+Nq098hILzyTb+dcd7V1bHfLA
dsuw30ArYc6k8LGSqRD54TFg6nOQAZz8y8Ri1/Qseehq9bSX8F93jncLEFmOSp/t
u15Va7TgYdpR/tLnXz7LRdrCNrPu9ILb5yFLRUd1mYL0B2cXkDkxfbGUQ6cLhT4j
I5V5i1Zq+YtBvbpW/qb6q2rl5mITcXIg92x5n3x6Wk/+uI0ZpixAiZ5cqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKA88OrHB4071VMTW3fkFKLeA7DNMB8GA1UdIwQY
MBaAFAnvC45burKaEzD6DnST8qF5hHuyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2U4TGpsdTZzcG9UTVBvT2RKUHlvWG1FZTdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80MDU0M2UtMTk1YS00MzMyLWE4ZWQt
MzczNzRlMzk2YzdkLzEvb0R6dzZzY0hqVHZWVXhOYmQtUVVvdDREc00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80MDU0M2UtMTk1YS00MzMyLWE4ZWQtMzczNzRlMzk2Yzdk
LzEvQ2U4TGpsdTZzcG9UTVBvT2RKUHlvWG1FZTdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWZGwMA0E
AgACMAcDBQAqAnuAMA0GCSqGSIb3DQEBCwUAA4IBAQBYtvUQMTm6N4dJhNSlSlbH
xaKWPklGCggs+YCIkDdj2BKc/+BePVGLL9UqFqS0o17sCOmAaUM47jMfGG7cm9EB
CyDGt+zGpmYbGl80DWZAAZqHXEQjrVDKZ3M3hi3h2BLZE6j0oNWDIOlXOb4QI0XX
f7ue40eEroLCmBRKXvM7TQTGLPn/njFOCVgrrGOIr0ulbdTucVfgh+cx+yO3pzGJ
dWq7hSQvb0/JQdmLTxUSn3GqnA/r4E56pfm6ylm4eGCZl5KQg+geX82ZSfvSVAIS
HEZgy7WRb/V+HbytxOzBIY5gVPp/+TMtMfQCKv17KKklp1Bbn5V8RIpXKQv6Omue
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:15:44 2025 by rpki-client