Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ogp5wyl77idQHTh_27AjBK-H7so.roa
File: Ogp5wyl77idQHTh_27AjBK-H7so.roa (raw, json)
Hash identifier: Wfw7QSp7ritWdKrO5/+GeU+Br4hNxeWb0F5HqfUqfFk=
Subject key identifier: 3A:0A:79:C3:29:7B:EE:27:50:1D:38:7F:DB:B0:23:04:AF:87:EE:CA
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018A537F46220B850D2A5606D7A4AB86D350
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ogp5wyl77idQHTh_27AjBK-H7so.roa
Signing time: Sat 02 Sep 2023 01:26:04 +0000
ROA not before: Sat 02 Sep 2023 01:26:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208913
IP address blocks: 45.14.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:53:7f:46:22:0b:85:0d:2a:56:06:d7:a4:ab:86:d3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Sep 2 01:26:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a0a79c3297bee27501d387fdbb02304af87eeca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:c1:77:7a:d6:db:84:3b:c7:26:61:47:91:
4c:eb:de:50:aa:c1:56:87:02:5c:94:80:5c:5f:6c:
4c:69:cb:bb:cd:f8:8a:3d:04:80:f5:49:29:43:7d:
56:54:3e:eb:2b:62:7e:56:59:a0:15:05:51:97:1e:
49:01:50:5b:f7:27:9a:24:84:85:ad:95:9a:d3:d5:
f5:9c:5d:c5:3e:6e:5d:65:96:db:19:5e:55:b4:a1:
2a:5e:d3:3f:e2:0c:e0:e5:b0:a1:4a:ec:f5:ca:29:
cb:5f:7e:02:76:71:b7:48:65:6d:e2:52:f6:8f:e0:
c3:4f:ee:e2:cd:58:c8:b4:1e:17:83:60:c3:2a:aa:
6c:2c:10:c2:9e:40:b0:2c:34:e8:de:5b:ac:09:d6:
fc:5e:9b:70:ca:41:bd:ed:83:5a:64:ec:a7:dc:e8:
74:ef:2e:2f:72:36:88:31:71:a0:5a:66:1f:30:28:
d5:14:eb:69:83:13:09:01:24:72:43:20:b8:57:09:
13:f8:f1:61:05:f4:57:d7:6e:6e:b7:92:ef:77:1a:
0c:b0:f2:2d:7d:b2:31:6e:55:de:ef:de:11:bb:3f:
80:cf:39:f4:82:de:23:ca:13:fd:54:6c:e4:0d:d9:
6f:96:57:2a:e4:87:44:3f:66:0e:04:47:ae:5e:28:
7a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0A:79:C3:29:7B:EE:27:50:1D:38:7F:DB:B0:23:04:AF:87:EE:CA
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ogp5wyl77idQHTh_27AjBK-H7so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.76.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:8b:0d:f3:98:2c:77:96:95:c4:2d:48:8a:3c:38:48:d3:a6:
bf:25:33:8f:23:bc:3c:a7:bd:0a:cb:6b:52:11:4b:8f:c6:9d:
72:c2:fd:6a:02:f3:9c:1e:95:78:3c:e9:38:fa:6b:6e:cb:1e:
2b:ae:2c:b4:e3:6e:b4:78:a7:d9:78:37:c6:cb:b0:40:c9:b4:
87:9b:b5:a0:15:78:4a:20:5a:e1:e1:ab:8a:12:48:3d:47:fc:
2f:6a:98:28:5a:99:8a:41:da:10:61:a6:a2:76:c4:e5:f0:ce:
e5:64:41:89:7b:c7:59:d6:b5:c5:27:53:b2:e9:9d:5a:49:ec:
5d:19:57:54:a8:b8:4f:31:1b:13:54:bc:06:b2:c4:0c:99:f9:
61:87:7d:29:e5:7f:ee:02:35:8a:66:ce:5e:60:9f:c0:a1:01:
08:4e:b7:11:9e:f6:f5:7e:9a:1c:d9:bc:d3:1b:f2:4c:cc:09:
6a:3e:59:18:6a:2b:44:52:4a:43:c1:3b:02:9a:4e:66:bf:0b:
43:c4:3b:55:3c:89:ec:98:61:0b:e8:07:aa:23:3a:95:53:41:
24:df:57:ef:68:3a:48:19:88:20:5b:f2:4a:17:66:f6:89:37:
31:3a:bd:56:28:84:58:95:02:aa:95:fd:10:3f:6e:82:8a:ff:
d3:07:3b:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpTf0YiC4UNKlYG16SrhtNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwOTAyMDEyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBhNzljMzI5N2JlZTI3NTAxZDM4N2ZkYmIwMjMwNGFmODdlZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkrBd3rW24Q7xyZhR5FM695QqsFW
hwJclIBcX2xMacu7zfiKPQSA9UkpQ31WVD7rK2J+VlmgFQVRlx5JAVBb9yeaJISF
rZWa09X1nF3FPm5dZZbbGV5VtKEqXtM/4gzg5bChSuz1yinLX34CdnG3SGVt4lL2
j+DDT+7izVjItB4Xg2DDKqpsLBDCnkCwLDTo3lusCdb8XptwykG97YNaZOyn3Oh0
7y4vcjaIMXGgWmYfMCjVFOtpgxMJASRyQyC4VwkT+PFhBfRX125ut5LvdxoMsPIt
fbIxblXe794Ruz+Azzn0gt4jyhP9VGzkDdlvllcq5IdEP2YOBEeuXih6hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDoKecMpe+4nUB04f9uwIwSvh+7KMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvT2dwNXd5bDc3aWRRSFRoXzI3QWpCSy1IN3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ5MMA0G
CSqGSIb3DQEBCwUAA4IBAQA/iw3zmCx3lpXELUiKPDhI06a/JTOPI7w8p70Ky2tS
EUuPxp1ywv1qAvOcHpV4POk4+mtuyx4rriy04260eKfZeDfGy7BAybSHm7WgFXhK
IFrh4auKEkg9R/wvapgoWpmKQdoQYaaidsTl8M7lZEGJe8dZ1rXFJ1Oy6Z1aSexd
GVdUqLhPMRsTVLwGssQMmflhh30p5X/uAjWKZs5eYJ/AoQEITrcRnvb1fpoc2bzT
G/JMzAlqPlkYaitEUkpDwTsCmk5mvwtDxDtVPInsmGEL6AeqIzqVU0Ek31fvaDpI
GYggW/JKF2b2iTcxOr1WKIRYlQKqlf0QP26Civ/TBzvA
-----END CERTIFICATE-----
Generated at Tue May 13 11:21:19 2025 by rpki-client