Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/eaf286-ae94-4c46-a0a7-4dfd24607dbb/1/ONK87mida4LXX87gailCfoI1b8Y.roa
File: ONK87mida4LXX87gailCfoI1b8Y.roa (raw, json)
Hash identifier: QBCu5PF0VO/SVm73/KPj9NbrgIJuILrNgThOrk+l2bw=
Subject key identifier: 38:D2:BC:EE:68:9D:6B:82:D7:5F:CE:E0:6A:29:42:7E:82:35:6F:C6
Certificate issuer: /CN=9f766fbfe6d957100021380bb0555e0a3ba6d8e3
Certificate serial: 01941F8C71540B5C50DDAC333E69C267E684
Authority key identifier: 9F:76:6F:BF:E6:D9:57:10:00:21:38:0B:B0:55:5E:0A:3B:A6:D8:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n3Zvv-bZVxAAITgLsFVeCjum2OM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/eaf286-ae94-4c46-a0a7-4dfd24607dbb/1/ONK87mida4LXX87gailCfoI1b8Y.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197698
IP address blocks: 193.8.86.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:71:54:0b:5c:50:dd:ac:33:3e:69:c2:67:e6:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f766fbfe6d957100021380bb0555e0a3ba6d8e3
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38d2bcee689d6b82d75fcee06a29427e82356fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4b:04:ec:9f:c9:a9:47:86:4f:bd:b9:2b:63:
51:20:be:1c:bf:3b:66:cf:7e:18:3b:8b:a4:63:75:
66:6e:b8:56:53:1d:a0:54:0f:29:5e:88:a7:ca:32:
59:48:d4:04:9e:10:21:7a:10:f7:65:92:76:bd:15:
80:12:32:d4:1e:9d:5f:ed:fb:01:ac:7c:19:ef:1f:
2c:06:13:f1:65:1c:07:a8:3a:35:89:79:ff:1b:1d:
16:e2:cc:f3:01:a3:28:d7:9c:07:1b:4e:a1:3b:6e:
e3:53:84:4f:6c:8b:d8:29:fe:9f:e2:eb:ab:8f:90:
06:af:34:6b:58:e4:f5:68:d5:0f:6f:62:1f:a5:72:
14:36:10:d6:8b:30:a0:ce:f5:dd:48:ff:e9:c1:cf:
c5:6a:4b:78:73:c4:17:59:b9:da:89:df:19:fc:91:
07:27:e4:9a:30:8c:7e:65:76:51:eb:d2:ea:fe:eb:
9e:29:77:63:d5:41:99:2b:bb:cd:63:94:2f:0a:5c:
42:40:f1:ee:b8:16:21:13:cc:d4:51:49:a0:3b:14:
f0:c3:25:97:2a:71:16:c7:e1:79:8d:2d:e6:96:d7:
8a:b5:31:50:57:c7:f0:a1:99:14:2e:a3:24:1b:d6:
23:7c:f2:97:57:d8:f8:64:df:53:63:33:44:5e:62:
8f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D2:BC:EE:68:9D:6B:82:D7:5F:CE:E0:6A:29:42:7E:82:35:6F:C6
X509v3 Authority Key Identifier:
keyid:9F:76:6F:BF:E6:D9:57:10:00:21:38:0B:B0:55:5E:0A:3B:A6:D8:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n3Zvv-bZVxAAITgLsFVeCjum2OM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/eaf286-ae94-4c46-a0a7-4dfd24607dbb/1/ONK87mida4LXX87gailCfoI1b8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/eaf286-ae94-4c46-a0a7-4dfd24607dbb/1/n3Zvv-bZVxAAITgLsFVeCjum2OM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.86.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:84:1d:9c:1c:be:02:36:0b:0e:d2:a4:18:98:0e:98:9b:7d:
ee:19:08:2e:57:cf:d0:69:52:03:1f:3b:9d:30:65:36:91:e6:
40:b6:62:f3:bf:0f:7e:b2:83:0a:2e:2c:0a:42:ac:a8:0c:e1:
54:f1:a2:83:0b:5f:86:59:dc:7f:4b:0c:fc:06:49:90:98:79:
a2:8f:d2:57:ef:ac:9a:82:49:a2:94:07:91:94:e3:81:bd:1b:
ff:6c:68:85:dc:3f:d4:c9:55:54:65:8b:12:2e:b9:72:2b:0a:
d2:de:5f:40:d6:50:37:60:cd:a1:da:78:3c:cc:b6:00:d0:26:
f5:8d:0a:24:8f:b9:ca:ee:64:88:d5:89:8f:4a:c0:98:55:7e:
17:d3:72:0b:0e:f7:33:bd:b0:aa:16:89:5a:76:72:76:98:77:
35:8d:84:3a:e2:73:6d:b1:2f:c9:97:ce:3a:94:d2:ac:4c:9f:
ad:d2:2a:dc:8f:71:ca:90:96:a6:fb:15:59:1f:d1:26:f5:e2:
c9:d4:52:ce:8c:29:7d:8b:4b:9b:30:4c:36:12:7e:2b:82:16:
c0:a6:02:46:f5:2f:fa:18:0c:dd:c7:38:c5:70:46:2c:fb:a7:
1c:4b:0c:c7:81:59:cb:14:c1:92:63:7e:55:3f:c8:2b:9d:af:
94:f0:73:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHFUC1xQ3awzPmnCZ+aEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNzY2ZmJmZTZkOTU3MTAwMDIxMzgwYmIwNTU1ZTBhM2Jh
NmQ4ZTMwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQyYmNlZTY4OWQ2YjgyZDc1ZmNlZTA2YTI5NDI3ZTgyMzU2ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0sE7J/JqUeGT725K2NRIL4cvztm
z34YO4ukY3VmbrhWUx2gVA8pXoinyjJZSNQEnhAhehD3ZZJ2vRWAEjLUHp1f7fsB
rHwZ7x8sBhPxZRwHqDo1iXn/Gx0W4szzAaMo15wHG06hO27jU4RPbIvYKf6f4uur
j5AGrzRrWOT1aNUPb2IfpXIUNhDWizCgzvXdSP/pwc/Fakt4c8QXWbnaid8Z/JEH
J+SaMIx+ZXZR69Lq/uueKXdj1UGZK7vNY5QvClxCQPHuuBYhE8zUUUmgOxTwwyWX
KnEWx+F5jS3mlteKtTFQV8fwoZkULqMkG9YjfPKXV9j4ZN9TYzNEXmKPRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjSvO5onWuC11/O4GopQn6CNW/GMB8GA1UdIwQY
MBaAFJ92b7/m2VcQACE4C7BVXgo7ptjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjNadnYtYlpWeEFBSVRnTHNGVmVDanVtMk9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lYWYyODYtYWU5NC00YzQ2LWEwYTct
NGRmZDI0NjA3ZGJiLzEvT05LODdtaWRhNExYWDg3Z2FpbENmb0kxYjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lYWYyODYtYWU5NC00YzQ2LWEwYTctNGRmZDI0NjA3ZGJi
LzEvbjNadnYtYlpWeEFBSVRnTHNGVmVDanVtMk9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQhWMA0G
CSqGSIb3DQEBCwUAA4IBAQAuhB2cHL4CNgsO0qQYmA6Ym33uGQguV8/QaVIDHzud
MGU2keZAtmLzvw9+soMKLiwKQqyoDOFU8aKDC1+GWdx/Swz8BkmQmHmij9JX76ya
gkmilAeRlOOBvRv/bGiF3D/UyVVUZYsSLrlyKwrS3l9A1lA3YM2h2ng8zLYA0Cb1
jQokj7nK7mSI1YmPSsCYVX4X03ILDvczvbCqFoladnJ2mHc1jYQ64nNtsS/Jl846
lNKsTJ+t0ircj3HKkJam+xVZH9Em9eLJ1FLOjCl9i0ubMEw2En4rghbApgJG9S/6
GAzdxzjFcEYs+6ccSwzHgVnLFMGSY35VP8grna+U8HMk
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:17:59 2025 by rpki-client