Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/824ccd-bc9b-4a82-be91-63104db6a7a5/1/ON3iIV_oOMJOwBGtDykVdsbeibU.roa
File: ON3iIV_oOMJOwBGtDykVdsbeibU.roa (raw, json)
Hash identifier: 9WvGCqlVAIcwLRzryj0uvMHkAzQLE90GQaNR429D0NE=
Subject key identifier: 38:DD:E2:21:5F:E8:38:C2:4E:C0:11:AD:0F:29:15:76:C6:DE:89:B5
Certificate issuer: /CN=adce3c2aafc7783cce8234551f3e9661d27eefbc
Certificate serial: 019420D5C0DF5E2A13301E3AC1ADE9A693A2
Authority key identifier: AD:CE:3C:2A:AF:C7:78:3C:CE:82:34:55:1F:3E:96:61:D2:7E:EF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rc48Kq_HeDzOgjRVHz6WYdJ-77w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/824ccd-bc9b-4a82-be91-63104db6a7a5/1/ON3iIV_oOMJOwBGtDykVdsbeibU.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12779
IP address blocks: 176.110.111.0/24 maxlen: 24
2a10:e140::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c0:df:5e:2a:13:30:1e:3a:c1:ad:e9:a6:93:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adce3c2aafc7783cce8234551f3e9661d27eefbc
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38dde2215fe838c24ec011ad0f291576c6de89b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:27:da:1e:39:dc:33:a3:88:03:f5:7c:b2:90:
11:e7:ef:52:85:96:e8:43:eb:98:05:d5:c2:32:81:
10:f7:cb:ea:52:de:7f:81:7d:ce:18:4e:3d:07:31:
d6:f3:78:57:f4:06:bc:fa:ff:fc:76:0a:13:b1:fd:
2b:81:9b:6f:fa:94:cc:a4:34:17:29:b1:72:f6:3e:
c3:31:6a:cf:fb:be:0b:1b:10:09:12:4d:f5:98:1a:
59:1c:8f:e2:14:f7:be:01:07:ff:34:2b:18:9e:ae:
c6:d1:e7:f6:62:10:06:e7:c4:57:25:d9:36:ea:fd:
bb:7e:7f:a7:0d:3f:d8:7b:4e:6c:2e:33:b8:8c:21:
b1:7c:1c:c0:cb:f1:10:e2:5a:c2:42:f7:08:38:77:
6f:d1:ae:c1:bf:69:fa:ed:76:f4:57:c1:e8:e6:84:
f7:ec:67:94:66:fd:61:66:bd:ce:0f:b0:8f:aa:04:
74:1c:cb:21:c6:7e:15:34:f0:a6:f5:18:f1:75:24:
e4:a8:5e:8d:c7:ed:a3:f7:bc:0e:19:79:b4:d2:e2:
53:9a:18:25:31:68:26:c4:55:7f:33:ae:f3:0b:53:
e4:2c:85:cc:7b:9b:d9:5b:2c:29:2f:db:44:92:71:
fc:fa:c9:78:58:ea:b5:02:22:5f:74:fa:7a:dd:fc:
85:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DD:E2:21:5F:E8:38:C2:4E:C0:11:AD:0F:29:15:76:C6:DE:89:B5
X509v3 Authority Key Identifier:
keyid:AD:CE:3C:2A:AF:C7:78:3C:CE:82:34:55:1F:3E:96:61:D2:7E:EF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rc48Kq_HeDzOgjRVHz6WYdJ-77w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/824ccd-bc9b-4a82-be91-63104db6a7a5/1/ON3iIV_oOMJOwBGtDykVdsbeibU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/824ccd-bc9b-4a82-be91-63104db6a7a5/1/rc48Kq_HeDzOgjRVHz6WYdJ-77w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.111.0/24
IPv6:
2a10:e140::/32
Signature Algorithm: sha256WithRSAEncryption
45:9a:73:19:0c:e5:89:81:3b:00:81:d8:ab:01:b4:a7:69:09:
e9:49:b2:f4:11:53:ac:67:ab:5b:10:1c:b5:3e:6c:3f:a1:b0:
79:74:03:0e:15:b2:76:58:8d:51:a2:7f:6f:e0:c9:9b:5a:fd:
d5:25:32:52:91:5b:30:c5:40:a4:0c:20:22:c6:4c:e0:a2:0e:
78:4f:8e:5c:f1:27:6c:1d:b3:09:6c:58:b7:38:5f:d3:ef:d7:
f6:08:0d:b2:12:f9:3c:23:03:57:08:9b:2f:f6:a8:ae:7c:9d:
5f:d0:f2:95:bf:a9:6f:4b:06:d7:18:f9:a9:5d:0e:79:31:70:
da:54:d2:58:b8:56:84:fe:d2:ff:43:a5:37:de:ea:6f:4a:91:
19:2f:37:f1:ae:c2:c5:d9:29:36:cc:b2:ac:f7:c3:c4:ff:76:
90:02:8b:0e:7c:31:e6:2b:49:4b:2d:67:e4:cd:cf:e7:6d:eb:
5d:92:f4:c8:30:ca:53:05:08:8b:ac:92:81:f3:98:6c:92:04:
6f:8a:e7:c9:fb:35:23:f9:36:4d:e8:4e:6c:23:86:03:55:03:
3f:53:45:4c:f9:15:7a:eb:9f:b7:aa:99:cd:44:72:a2:2c:69:
4d:87:e5:99:27:6a:a5:bc:36:1e:32:31:ab:2b:6d:c6:0c:9b:
16:e2:4c:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1cDfXioTMB46wa3pppOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkY2UzYzJhYWZjNzc4M2NjZTgyMzQ1NTFmM2U5NjYxZDI3
ZWVmYmMwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGRkZTIyMTVmZTgzOGMyNGVjMDExYWQwZjI5MTU3NmM2ZGU4OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SfaHjncM6OIA/V8spAR5+9ShZbo
Q+uYBdXCMoEQ98vqUt5/gX3OGE49BzHW83hX9Aa8+v/8dgoTsf0rgZtv+pTMpDQX
KbFy9j7DMWrP+74LGxAJEk31mBpZHI/iFPe+AQf/NCsYnq7G0ef2YhAG58RXJdk2
6v27fn+nDT/Ye05sLjO4jCGxfBzAy/EQ4lrCQvcIOHdv0a7Bv2n67Xb0V8Ho5oT3
7GeUZv1hZr3OD7CPqgR0HMshxn4VNPCm9RjxdSTkqF6Nx+2j97wOGXm00uJTmhgl
MWgmxFV/M67zC1PkLIXMe5vZWywpL9tEknH8+sl4WOq1AiJfdPp63fyFJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDjd4iFf6DjCTsARrQ8pFXbG3om1MB8GA1UdIwQY
MBaAFK3OPCqvx3g8zoI0VR8+lmHSfu+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmM0OEtxX0hlRHpPZ2pSVkh6NldZZEotNzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84MjRjY2QtYmM5Yi00YTgyLWJlOTEt
NjMxMDRkYjZhN2E1LzEvT04zaUlWX29PTUpPd0JHdER5a1Zkc2JlaWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84MjRjY2QtYmM5Yi00YTgyLWJlOTEtNjMxMDRkYjZhN2E1
LzEvcmM0OEtxX0hlRHpPZ2pSVkh6NldZZEotNzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsG5vMA0E
AgACMAcDBQAqEOFAMA0GCSqGSIb3DQEBCwUAA4IBAQBFmnMZDOWJgTsAgdirAbSn
aQnpSbL0EVOsZ6tbEBy1Pmw/obB5dAMOFbJ2WI1Ron9v4MmbWv3VJTJSkVswxUCk
DCAixkzgog54T45c8SdsHbMJbFi3OF/T79f2CA2yEvk8IwNXCJsv9qiufJ1f0PKV
v6lvSwbXGPmpXQ55MXDaVNJYuFaE/tL/Q6U33upvSpEZLzfxrsLF2Sk2zLKs98PE
/3aQAosOfDHmK0lLLWfkzc/nbetdkvTIMMpTBQiLrJKB85hskgRviufJ+zUj+TZN
6E5sI4YDVQM/U0VM+RV665+3qpnNRHKiLGlNh+WZJ2qlvDYeMjGrK23GDJsW4kzu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:08 2025 by rpki-client on console.sobornost.net