Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/OTTrSlclWCrRRWM2xxMcTqVQjHg.roa
File: OTTrSlclWCrRRWM2xxMcTqVQjHg.roa (raw, json)
Hash identifier: WiU4r6HmQH1aEfbGFidApr+E2bNSyNZEaoF5S1MwslA=
Subject key identifier: 39:34:EB:4A:57:25:58:2A:D1:45:63:36:C7:13:1C:4E:A5:50:8C:78
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D658B2BC2BD7663A63D59FB54F9E0C
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/OTTrSlclWCrRRWM2xxMcTqVQjHg.roa
Signing time: Wed 01 Jan 2025 07:48:25 +0000
ROA not before: Wed 01 Jan 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24295
IP address blocks: 212.69.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:58:b2:bc:2b:d7:66:3a:63:d5:9f:b5:4f:9e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3934eb4a5725582ad1456336c7131c4ea5508c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ce:89:d0:ca:89:5b:0f:d4:da:88:ce:0c:8d:
fd:f6:aa:b6:0d:54:94:19:93:2e:fe:63:6e:27:e6:
54:96:6f:8f:14:05:08:0d:83:a6:13:3e:a0:99:45:
21:6d:4f:3c:a8:ff:e8:ec:00:79:ec:f6:2a:a3:b7:
86:9a:05:9c:29:ab:73:89:fa:be:ef:b2:c6:a7:86:
6f:81:44:52:88:53:71:57:4b:65:2b:98:e5:44:8c:
31:ca:7b:40:b4:4a:4d:a5:43:90:bf:91:a4:de:f9:
e7:d0:17:2f:97:c7:df:db:a4:d7:9c:3b:be:94:ed:
41:df:2c:f3:64:83:4f:ee:2e:e2:4a:e9:d2:d9:87:
89:9f:e2:34:e2:aa:8f:c2:29:08:d1:68:71:71:61:
b4:3a:d7:ef:fc:70:28:da:4b:2a:57:3c:ea:d6:36:
32:1c:9c:d5:36:1d:f9:83:49:85:17:81:f2:d3:68:
79:7d:47:26:96:6a:9b:e6:f7:80:68:81:e3:4e:b1:
50:81:1d:f7:d8:71:d0:ed:5b:82:e3:b6:d0:ee:4f:
78:e2:0f:a9:ab:49:9a:3e:0a:22:cb:74:ed:21:d5:
92:db:93:9b:fc:0c:ad:ad:f3:97:20:02:a2:4b:07:
a8:56:6f:7e:22:bb:b1:f4:c4:dc:07:ad:72:5b:04:
66:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:34:EB:4A:57:25:58:2A:D1:45:63:36:C7:13:1C:4E:A5:50:8C:78
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/OTTrSlclWCrRRWM2xxMcTqVQjHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.69.88.0/22
Signature Algorithm: sha256WithRSAEncryption
94:9a:e6:18:1b:be:97:d9:20:f8:9e:c7:10:b7:7b:55:62:88:
a6:da:50:3e:89:44:68:1d:64:0d:cd:30:e5:55:32:7d:96:56:
d8:06:d2:6e:1f:90:42:ec:17:dc:55:c4:3d:59:ed:c7:8d:d1:
69:65:ee:b5:8d:e5:88:9b:d2:51:a4:ab:21:77:e7:75:e4:b0:
65:cb:16:18:cb:4d:06:3a:16:e8:de:12:ce:f3:31:4f:51:d7:
f8:a2:72:41:c7:0c:05:33:d1:47:62:6b:ca:ab:a8:de:16:aa:
71:d6:b6:e3:fa:cd:eb:06:65:a3:77:14:b6:83:da:e8:63:cf:
c9:e7:d9:e0:4d:13:b2:8a:14:3f:c0:68:6b:dd:50:0b:12:b1:
03:7b:54:ed:a7:05:40:e2:d8:de:5f:fb:3e:d5:be:08:e0:54:
b9:74:6a:f0:e0:2e:df:79:d5:97:e4:07:f2:3e:d9:a0:ec:7f:
94:e1:49:2e:ad:e2:32:17:aa:4a:07:a9:48:8a:14:15:c9:7e:
d6:d3:5b:78:25:98:4a:de:2f:30:5c:26:2d:3a:df:2c:f0:3e:
74:c9:77:8c:22:4c:84:3d:ad:8f:40:61:a9:69:fe:81:ed:3a:
b9:6c:8c:f7:78:82:0f:64:34:46:80:50:0c:8b:44:3f:b3:1f:
9c:42:a0:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1liyvCvXZjpj1Z+1T54MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTM0ZWI0YTU3MjU1ODJhZDE0NTYzMzZjNzEzMWM0ZWE1NTA4Yzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc6J0MqJWw/U2ojODI399qq2DVSU
GZMu/mNuJ+ZUlm+PFAUIDYOmEz6gmUUhbU88qP/o7AB57PYqo7eGmgWcKatzifq+
77LGp4ZvgURSiFNxV0tlK5jlRIwxyntAtEpNpUOQv5Gk3vnn0Bcvl8ff26TXnDu+
lO1B3yzzZINP7i7iSunS2YeJn+I04qqPwikI0WhxcWG0Otfv/HAo2ksqVzzq1jYy
HJzVNh35g0mFF4Hy02h5fUcmlmqb5veAaIHjTrFQgR332HHQ7VuC47bQ7k944g+p
q0maPgoiy3TtIdWS25Ob/AytrfOXIAKiSweoVm9+Irux9MTcB61yWwRmlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk060pXJVgq0UVjNscTHE6lUIx4MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvT1RUclNsY2xXQ3JSUldNMnh4TWNUcVZRakhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1EVYMA0G
CSqGSIb3DQEBCwUAA4IBAQCUmuYYG76X2SD4nscQt3tVYoim2lA+iURoHWQNzTDl
VTJ9llbYBtJuH5BC7BfcVcQ9We3HjdFpZe61jeWIm9JRpKshd+d15LBlyxYYy00G
Ohbo3hLO8zFPUdf4onJBxwwFM9FHYmvKq6jeFqpx1rbj+s3rBmWjdxS2g9roY8/J
59ngTROyihQ/wGhr3VALErEDe1TtpwVA4tjeX/s+1b4I4FS5dGrw4C7fedWX5Afy
Ptmg7H+U4UkureIyF6pKB6lIihQVyX7W01t4JZhK3i8wXCYtOt8s8D50yXeMIkyE
Pa2PQGGpaf6B7Tq5bIz3eIIPZDRGgFAMi0Q/sx+cQqD9
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:43:41 2025 by rpki-client