Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/aa06b6-e766-4ad9-aa7a-a4bbb1bc98c6/1/oKwOWzC9HWWBWs_OWMlhYoqOuLI.roa
File: oKwOWzC9HWWBWs_OWMlhYoqOuLI.roa (raw, json)
Hash identifier: 7BJb/Z+dm5ZAtTf7313Om/F3EX3zyO/E90vwZ4hPibE=
Subject key identifier: A0:AC:0E:5B:30:BD:1D:65:81:5A:CF:CE:58:C9:61:62:8A:8E:B8:B2
Certificate issuer: /CN=6ffe7b21b62183d5e3d4ae1b93ff00909282c912
Certificate serial: 0194F92CFF0658CEF4BC0E873E92FBC36240
Authority key identifier: 6F:FE:7B:21:B6:21:83:D5:E3:D4:AE:1B:93:FF:00:90:92:82:C9:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_57IbYhg9Xj1K4bk_8AkJKCyRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/aa06b6-e766-4ad9-aa7a-a4bbb1bc98c6/1/oKwOWzC9HWWBWs_OWMlhYoqOuLI.roa
Signing time: Wed 12 Feb 2025 08:01:03 +0000
ROA not before: Wed 12 Feb 2025 08:01:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197942
IP address blocks: 171.32.0.0/16 maxlen: 24
2a14:1480::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:2c:ff:06:58:ce:f4:bc:0e:87:3e:92:fb:c3:62:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ffe7b21b62183d5e3d4ae1b93ff00909282c912
Validity
Not Before: Feb 12 08:01:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0ac0e5b30bd1d65815acfce58c961628a8eb8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3e:15:f5:85:ca:b9:ca:5e:3a:3a:eb:6f:f5:
40:bd:6c:2b:21:79:4d:c4:00:94:92:0f:99:68:33:
ba:d1:33:49:c8:1c:dc:64:e4:c3:06:27:01:68:40:
e2:49:3b:32:1e:1c:15:5a:44:ed:25:c4:8c:ee:51:
18:07:8a:0d:80:6b:c1:4f:6d:d3:ce:fc:e1:2a:1c:
cf:01:b2:66:cf:7c:c1:a2:50:22:27:a3:a1:34:27:
3e:71:ff:ba:d9:3b:06:aa:31:00:81:22:d4:41:e5:
dd:fe:76:fc:82:eb:cd:fb:cc:97:00:0c:16:6f:f6:
60:b5:a6:2c:07:51:d0:66:5b:9b:22:9d:30:8e:e4:
07:6a:76:45:ac:a0:fd:27:0d:83:00:3b:d9:1a:62:
5e:d1:30:05:f9:c1:aa:2d:25:9b:e5:8c:dc:1d:ed:
55:34:4d:ae:d9:3e:61:67:cc:59:4d:02:2b:f3:96:
90:64:31:9e:08:c3:31:3f:dd:8e:9b:a1:b2:15:cb:
63:42:7d:df:96:ba:3a:6f:8c:f1:8a:78:b9:d8:69:
04:af:89:c5:44:f6:02:3b:26:0f:8c:ad:e6:4a:3b:
82:ee:73:ee:66:af:68:3d:45:8b:14:14:ae:30:2a:
71:e9:b9:f5:2d:1a:be:e1:cf:f9:10:cf:96:66:93:
10:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AC:0E:5B:30:BD:1D:65:81:5A:CF:CE:58:C9:61:62:8A:8E:B8:B2
X509v3 Authority Key Identifier:
keyid:6F:FE:7B:21:B6:21:83:D5:E3:D4:AE:1B:93:FF:00:90:92:82:C9:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_57IbYhg9Xj1K4bk_8AkJKCyRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/aa06b6-e766-4ad9-aa7a-a4bbb1bc98c6/1/oKwOWzC9HWWBWs_OWMlhYoqOuLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/aa06b6-e766-4ad9-aa7a-a4bbb1bc98c6/1/b_57IbYhg9Xj1K4bk_8AkJKCyRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.32.0.0/16
IPv6:
2a14:1480::/32
Signature Algorithm: sha256WithRSAEncryption
29:6d:a0:9f:11:15:0a:da:28:56:6a:27:4a:b4:24:70:cf:51:
6e:a9:8a:29:a6:88:8c:86:05:88:74:c5:63:2c:0e:ef:8e:45:
cd:56:57:8c:2e:78:61:72:61:73:c2:af:47:3b:5b:79:46:2d:
af:90:a1:91:ad:02:0b:dc:b2:96:fe:ef:95:2b:1f:33:b3:d0:
90:71:e7:c1:57:9a:aa:d8:a6:fc:08:6a:bd:af:a2:57:a9:f1:
78:0e:a7:48:53:41:fb:ff:57:32:a5:31:48:cc:d3:94:9e:3e:
ba:ae:86:4a:13:64:c5:fb:59:48:36:5f:a0:c5:1a:79:bb:59:
bb:19:56:88:b2:cc:0d:dc:85:0a:6d:93:5e:61:6e:45:2c:4e:
16:59:4f:f3:0f:cd:32:38:46:d4:fc:b3:e2:f9:d8:b7:8e:77:
71:4b:b8:b0:2a:6c:e5:b5:a4:e2:4a:2d:ec:f3:03:68:da:52:
9c:4c:ed:2b:46:43:f2:4a:8a:d7:ee:15:ad:49:7d:aa:68:b6:
4c:6f:f5:b0:e4:87:58:20:5d:22:da:40:e1:11:9c:23:83:74:
f8:60:b0:7f:8b:1b:c2:85:a4:7a:b3:e0:5d:83:10:f7:51:1f:
78:d1:fc:d1:47:2d:f8:3c:ac:b3:51:d8:50:33:59:ff:3e:8a:
b1:db:b4:bd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZT5LP8GWM70vA6HPpL7w2JAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmU3YjIxYjYyMTgzZDVlM2Q0YWUxYjkzZmYwMDkwOTI4
MmM5MTIwHhcNMjUwMjEyMDgwMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGFjMGU1YjMwYmQxZDY1ODE1YWNmY2U1OGM5NjE2MjhhOGViOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj4V9YXKucpeOjrrb/VAvWwrIXlN
xACUkg+ZaDO60TNJyBzcZOTDBicBaEDiSTsyHhwVWkTtJcSM7lEYB4oNgGvBT23T
zvzhKhzPAbJmz3zBolAiJ6OhNCc+cf+62TsGqjEAgSLUQeXd/nb8guvN+8yXAAwW
b/ZgtaYsB1HQZlubIp0wjuQHanZFrKD9Jw2DADvZGmJe0TAF+cGqLSWb5YzcHe1V
NE2u2T5hZ8xZTQIr85aQZDGeCMMxP92Om6GyFctjQn3flro6b4zxini52GkEr4nF
RPYCOyYPjK3mSjuC7nPuZq9oPUWLFBSuMCpx6bn1LRq+4c/5EM+WZpMQrQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKCsDlswvR1lgVrPzljJYWKKjriyMB8GA1UdIwQY
MBaAFG/+eyG2IYPV49SuG5P/AJCSgskSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl81N0liWWhnOVhqMUs0YmtfOEFrSktDeVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hYTA2YjYtZTc2Ni00YWQ5LWFhN2Et
YTRiYmIxYmM5OGM2LzEvb0t3T1d6QzlIV1dCV3NfT1dNbGhZb3FPdUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hYTA2YjYtZTc2Ni00YWQ5LWFhN2EtYTRiYmIxYmM5OGM2
LzEvYl81N0liWWhnOVhqMUs0YmtfOEFrSktDeVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAqyAwDQQC
AAIwBwMFACoUFIAwDQYJKoZIhvcNAQELBQADggEBACltoJ8RFQraKFZqJ0q0JHDP
UW6piimmiIyGBYh0xWMsDu+ORc1WV4wueGFyYXPCr0c7W3lGLa+QoZGtAgvcspb+
75UrHzOz0JBx58FXmqrYpvwIar2volep8XgOp0hTQfv/VzKlMUjM05SePrquhkoT
ZMX7WUg2X6DFGnm7WbsZVoiyzA3chQptk15hbkUsThZZT/MPzTI4RtT8s+L52LeO
d3FLuLAqbOW1pOJKLezzA2jaUpxM7StGQ/JKitfuFa1Jfapotkxv9bDkh1ggXSLa
QOERnCODdPhgsH+LG8KFpHqz4F2DEPdRH3jR/NFHLfg8rLNR2FAzWf8+irHbtL0=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:55:29 2025 by rpki-client on console.sobornost.net