Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/OJHrSjDn0A0xOyeisC7fOP_zy4g.roa
File: OJHrSjDn0A0xOyeisC7fOP_zy4g.roa (raw, json)
Hash identifier: 4mrlovUy+cBI29r4SEJkRQxz3HoEwjM6nDvfGvlxWBU=
Subject key identifier: 38:91:EB:4A:30:E7:D0:0D:31:3B:27:A2:B0:2E:DF:38:FF:F3:CB:88
Certificate issuer: /CN=dd0b663c45d7bc2724d168485087581e14448fb6
Certificate serial: 019424459EAB100BB7883F516DEFD62DABC2
Authority key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/OJHrSjDn0A0xOyeisC7fOP_zy4g.roa
Signing time: Wed 01 Jan 2025 23:48:49 +0000
ROA not before: Wed 01 Jan 2025 23:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61113
IP address blocks: 37.209.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9e:ab:10:0b:b7:88:3f:51:6d:ef:d6:2d:ab:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Validity
Not Before: Jan 1 23:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3891eb4a30e7d00d313b27a2b02edf38fff3cb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e4:19:be:4c:1b:c4:1d:9f:ee:29:80:90:fd:
66:e7:d6:35:2d:52:3a:fb:f2:8b:2c:f0:fa:ea:62:
d6:01:cc:46:2a:71:4f:f2:0a:f6:49:01:32:81:e4:
70:b1:8a:90:87:00:69:e6:57:9c:73:78:a8:79:52:
5a:22:55:5c:8c:a2:49:8d:2e:ac:43:a4:a9:b1:14:
be:9b:2e:ad:e4:66:72:17:f9:5f:b0:2c:23:d8:08:
80:c2:10:27:7a:42:ec:e7:29:0c:7e:7a:e0:33:78:
a2:c0:11:a4:12:6f:cd:b9:fd:6a:04:b7:11:2b:fe:
31:cd:7e:5d:7f:1a:71:34:1a:e3:4a:32:cf:34:e4:
37:b9:13:d7:38:36:33:93:b3:bc:16:b1:6e:a8:40:
e0:77:de:4f:98:a1:73:82:27:24:e4:45:62:9f:5a:
bf:09:f7:d9:ab:fd:27:99:93:ed:35:7d:45:6b:d8:
99:0c:f2:26:29:92:2f:6a:ce:2a:3b:92:03:1a:de:
31:ba:8b:4c:0c:d9:d3:d7:19:50:f7:76:c6:6d:7c:
6a:a1:30:86:59:47:cb:ad:fd:88:50:b0:ee:06:4b:
58:11:7f:38:ec:7d:33:b9:c6:9e:a6:94:cd:a9:cd:
1b:68:79:05:8b:75:2a:8f:fd:ea:d6:50:7f:80:8e:
ee:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:91:EB:4A:30:E7:D0:0D:31:3B:27:A2:B0:2E:DF:38:FF:F3:CB:88
X509v3 Authority Key Identifier:
keyid:DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/OJHrSjDn0A0xOyeisC7fOP_zy4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.251.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:77:8d:1d:eb:bc:c9:32:8e:6b:85:49:eb:e6:fd:fe:b5:c6:
91:02:0a:42:ff:76:97:8b:38:41:c0:56:b0:1f:37:63:6e:b4:
53:fb:14:5e:22:07:44:f9:80:23:79:35:b2:9c:f2:e8:63:2b:
d0:a9:4a:d3:c1:83:4b:48:d8:46:06:d4:1f:b1:42:aa:92:e8:
a6:5f:38:0b:2c:e8:68:87:fb:d7:83:7a:a4:a8:0e:42:a6:ac:
13:8f:89:b3:0f:a5:ff:06:73:4e:2e:86:a3:86:56:87:62:97:
5f:4f:a7:74:c1:d2:2c:fb:c9:ad:63:22:58:f9:1d:70:41:f7:
07:00:e2:14:61:84:99:48:4b:51:1b:32:cb:4d:b5:7c:c9:e8:
c6:6b:6f:e5:a0:ac:77:2d:55:e1:6d:a3:29:8c:79:e0:6f:92:
84:7e:19:d9:7a:e4:8e:d5:b8:3e:33:10:1f:52:8b:c6:28:ae:
c8:90:a2:9f:63:fe:99:a5:5c:7a:c9:c7:5c:91:9a:22:fe:49:
2d:b8:29:14:05:80:d7:8d:c7:4d:14:95:7c:16:85:4c:72:08:
4a:d8:47:7a:4b:4e:c1:96:c9:d7:fc:b7:7e:40:20:81:ea:8b:
41:1c:d7:8a:ad:20:1f:af:91:2e:ef:a1:f4:bc:9e:79:da:13:
68:96:d1:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRZ6rEAu3iD9Rbe/WLavCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI2NjNjNDVkN2JjMjcyNGQxNjg0ODUwODc1ODFlMTQ0
NDhmYjYwHhcNMjUwMTAxMjM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODkxZWI0YTMwZTdkMDBkMzEzYjI3YTJiMDJlZGYzOGZmZjNjYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseQZvkwbxB2f7imAkP1m59Y1LVI6
+/KLLPD66mLWAcxGKnFP8gr2SQEygeRwsYqQhwBp5lecc3ioeVJaIlVcjKJJjS6s
Q6SpsRS+my6t5GZyF/lfsCwj2AiAwhAnekLs5ykMfnrgM3iiwBGkEm/Nuf1qBLcR
K/4xzX5dfxpxNBrjSjLPNOQ3uRPXODYzk7O8FrFuqEDgd95PmKFzgick5EVin1q/
CffZq/0nmZPtNX1Fa9iZDPImKZIvas4qO5IDGt4xuotMDNnT1xlQ93bGbXxqoTCG
WUfLrf2IULDuBktYEX847H0zucaeppTNqc0baHkFi3Uqj/3q1lB/gI7u3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDiR60ow59ANMTsnorAu3zj/88uIMB8GA1UdIwQY
MBaAFN0LZjxF17wnJNFoSFCHWB4URI+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQt
M2I5ZTNjOGEyZmNhLzEvT0pIclNqRG4wQTB4T3llaXNDN2ZPUF96eTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQtM2I5ZTNjOGEyZmNh
LzEvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJdH7MA0G
CSqGSIb3DQEBCwUAA4IBAQBLd40d67zJMo5rhUnr5v3+tcaRAgpC/3aXizhBwFaw
HzdjbrRT+xReIgdE+YAjeTWynPLoYyvQqUrTwYNLSNhGBtQfsUKqkuimXzgLLOho
h/vXg3qkqA5CpqwTj4mzD6X/BnNOLoajhlaHYpdfT6d0wdIs+8mtYyJY+R1wQfcH
AOIUYYSZSEtRGzLLTbV8yejGa2/loKx3LVXhbaMpjHngb5KEfhnZeuSO1bg+MxAf
UovGKK7IkKKfY/6ZpVx6ycdckZoi/kktuCkUBYDXjcdNFJV8FoVMcghK2Ed6S07B
lsnX/Ld+QCCB6otBHNeKrSAfr5Eu76H0vJ552hNoltE5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:43 2025 by rpki-client on console.sobornost.net