Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/OjytKc3vmA-5dMSAs8jPw1yWziE.roa
File: OjytKc3vmA-5dMSAs8jPw1yWziE.roa (raw, json)
Hash identifier: bO4N1TXjWQ0imXHud/WPkAULkPIhMMNC3nNpSVP6iqg=
Subject key identifier: 3A:3C:AD:29:CD:EF:98:0F:B9:74:C4:80:B3:C8:CF:C3:5C:96:CE:21
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 0185708CD2897E845AD0498271AB3630271C
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/OjytKc3vmA-5dMSAs8jPw1yWziE.roa
Signing time: Mon 02 Jan 2023 03:35:55 +0000
ROA not before: Mon 02 Jan 2023 03:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207137
IP address blocks: 2a13:240:2::/48 maxlen: 48
2a13:240::/48 maxlen: 48
2a13:240:3::/48 maxlen: 48
2a13:240:1::/48 maxlen: 48
2a13:240:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d2:89:7e:84:5a:d0:49:82:71:ab:36:30:27:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: Jan 2 03:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a3cad29cdef980fb974c480b3c8cfc35c96ce21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c5:b1:5d:dc:0f:cc:11:1f:66:eb:68:9a:5c:
35:c3:50:e4:e3:d8:21:93:49:fd:17:0d:0e:43:71:
69:dc:89:71:ea:76:a1:ff:13:47:2d:2a:48:24:19:
d8:5e:62:4a:fd:e1:70:2b:14:5a:9d:d4:e6:4f:6b:
bc:a1:27:c3:79:70:f6:98:c6:4d:40:c0:52:3a:f3:
bb:69:ce:ed:13:58:ed:84:fb:86:b3:d7:08:14:74:
f3:09:e4:d6:36:fb:29:b8:fe:85:6e:ff:8f:82:ac:
88:73:5b:c5:d8:f6:2e:f3:e9:0b:51:31:d9:2e:09:
b5:fe:c9:5c:ae:61:28:8b:4a:92:89:4f:66:a7:28:
91:b5:24:28:04:8f:31:5b:8c:02:e9:ce:77:02:57:
be:fc:0d:3b:d8:39:3e:56:36:de:23:38:d2:04:b2:
7e:60:6b:92:32:b5:03:20:3d:84:b3:d6:33:a1:e4:
85:f4:9f:53:31:93:e6:c7:e6:ab:cc:a7:61:bf:c3:
78:c7:d7:77:ac:1e:dc:53:47:f5:ee:94:02:a8:0b:
b8:2a:66:c6:ac:0e:d3:57:31:97:e3:9f:72:9b:ef:
7e:9f:2e:29:08:b6:d5:0c:e5:f9:05:40:be:e1:ad:
72:06:15:3e:e5:b3:9f:58:00:30:cb:3a:bc:07:75:
a4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3C:AD:29:CD:EF:98:0F:B9:74:C4:80:B3:C8:CF:C3:5C:96:CE:21
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/OjytKc3vmA-5dMSAs8jPw1yWziE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:240::-2a13:240:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8b:8c:95:d8:f3:36:ea:1c:2d:c8:ee:6e:0b:23:1e:a5:a7:c2:
ad:69:5a:6c:50:3e:a7:5c:fc:05:66:33:d0:41:e6:e0:be:5d:
4d:70:e6:40:16:58:aa:10:03:08:ce:89:1f:ae:10:21:6b:1f:
ac:7e:36:2a:09:fa:00:ac:88:5f:14:76:ce:a4:1f:3a:28:f5:
a1:40:76:cc:0b:ec:28:01:58:60:c9:43:58:6a:f8:75:c6:67:
87:b6:5a:91:74:4a:5d:4e:7b:6c:52:7d:49:4d:12:91:2f:20:
49:97:73:b6:37:32:76:90:b3:42:cf:7b:9f:de:66:b2:c1:18:
1a:c1:12:27:3a:04:f5:1d:35:b2:fa:e2:55:ce:de:59:16:5a:
19:a2:d2:b0:d4:53:52:ef:d6:ca:36:28:f7:3d:cf:b5:46:24:
a3:70:a5:0b:95:07:4b:d9:40:a7:b9:f7:a1:e3:9c:dc:25:68:
5e:c5:a6:4a:b9:46:4d:6c:df:ce:74:61:4a:ff:6a:1f:9f:4a:
2d:4c:ed:ac:83:a4:83:fb:fd:ad:64:a1:5f:bf:87:54:24:eb:
84:b7:8c:38:c1:fe:cd:0b:eb:2b:e8:c5:49:a2:3e:1e:75:41:
96:f7:72:50:aa:d9:35:f7:f4:ca:21:8a:1b:44:9d:3c:bf:02:
89:42:1f:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwjNKJfoRa0EmCcas2MCccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjMwMTAyMDMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTNjYWQyOWNkZWY5ODBmYjk3NGM0ODBiM2M4Y2ZjMzVjOTZjZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8WxXdwPzBEfZutomlw1w1Dk49gh
k0n9Fw0OQ3Fp3Ilx6nah/xNHLSpIJBnYXmJK/eFwKxRandTmT2u8oSfDeXD2mMZN
QMBSOvO7ac7tE1jthPuGs9cIFHTzCeTWNvspuP6Fbv+PgqyIc1vF2PYu8+kLUTHZ
Lgm1/slcrmEoi0qSiU9mpyiRtSQoBI8xW4wC6c53Ale+/A072Dk+VjbeIzjSBLJ+
YGuSMrUDID2Es9YzoeSF9J9TMZPmx+arzKdhv8N4x9d3rB7cU0f17pQCqAu4KmbG
rA7TVzGX459ym+9+ny4pCLbVDOX5BUC+4a1yBhU+5bOfWAAwyzq8B3Wk2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDo8rSnN75gPuXTEgLPIz8Ncls4hMB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEvT2p5dEtjM3ZtQS01ZE1TQXM4alB3MXlXemlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqEwJA
AwcAKhMCQAAEMA0GCSqGSIb3DQEBCwUAA4IBAQCLjJXY8zbqHC3I7m4LIx6lp8Kt
aVpsUD6nXPwFZjPQQebgvl1NcOZAFliqEAMIzokfrhAhax+sfjYqCfoArIhfFHbO
pB86KPWhQHbMC+woAVhgyUNYavh1xmeHtlqRdEpdTntsUn1JTRKRLyBJl3O2NzJ2
kLNCz3uf3maywRgawRInOgT1HTWy+uJVzt5ZFloZotKw1FNS79bKNij3Pc+1RiSj
cKULlQdL2UCnufeh45zcJWhexaZKuUZNbN/OdGFK/2ofn0otTO2sg6SD+/2tZKFf
v4dUJOuEt4w4wf7NC+sr6MVJoj4edUGW93JQqtk19/TKIYobRJ08vwKJQh8O
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:35:54 2025 by rpki-client