Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/OR-q2mr40h2Mxz1GJNBEkMgDXfk.roa
File: OR-q2mr40h2Mxz1GJNBEkMgDXfk.roa (raw, json)
Hash identifier: OZOrHpvHdNdldGGtmy643oboyvE3QirCRL6jGNlpTTE=
Subject key identifier: 39:1F:AA:DA:6A:F8:D2:1D:8C:C7:3D:46:24:D0:44:90:C8:03:5D:F9
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 0194658D123C846DFD05B1F9D6CA2E8E360F
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/OR-q2mr40h2Mxz1GJNBEkMgDXfk.roa
Signing time: Tue 14 Jan 2025 16:02:11 +0000
ROA not before: Tue 14 Jan 2025 16:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57758
IP address blocks: 62.108.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:8d:12:3c:84:6d:fd:05:b1:f9:d6:ca:2e:8e:36:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Jan 14 16:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=391faada6af8d21d8cc73d4624d04490c8035df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c8:67:ab:ae:d9:27:d8:85:df:a7:3c:7d:ad:
32:9d:71:df:7f:f9:8c:5d:65:c3:ac:d5:f6:e4:24:
0b:da:b9:08:f1:ef:65:24:f5:2e:54:af:f8:eb:2a:
97:f8:a1:8e:a9:39:f1:9e:6d:50:13:62:5a:f7:4c:
b1:47:63:34:b8:ca:f1:33:87:96:1f:aa:94:8d:ce:
cf:75:11:41:1a:c2:19:9c:86:e3:d9:76:2e:e2:4b:
16:e8:3b:92:68:65:3b:da:18:c6:76:27:d8:d8:05:
21:7a:2e:25:82:00:a0:47:6a:a6:c1:8e:19:72:61:
a5:02:d3:d4:9d:94:3c:a7:7c:2a:bd:93:58:14:9e:
36:bd:c9:0a:35:f9:08:c3:51:ac:03:4d:c1:84:8d:
0d:31:3e:3f:3c:09:63:bb:d8:52:db:42:7c:c2:c7:
e5:15:02:c6:32:d3:29:b2:9d:78:b6:fc:a5:90:bc:
1e:a8:7c:0a:c0:f1:a5:3f:67:5a:a7:fc:c8:c5:a2:
21:f0:63:7d:40:fc:ee:9f:be:4b:ed:71:ef:01:9d:
5c:24:7c:35:5a:2f:a7:ff:d5:88:ad:bb:ad:45:8e:
f0:c3:2f:10:e4:a1:4a:d5:b5:e3:fc:de:81:e0:eb:
8d:cb:d9:3e:63:41:a3:4b:88:07:5b:49:17:4e:6e:
51:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1F:AA:DA:6A:F8:D2:1D:8C:C7:3D:46:24:D0:44:90:C8:03:5D:F9
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/OR-q2mr40h2Mxz1GJNBEkMgDXfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.34.0/24
Signature Algorithm: sha256WithRSAEncryption
49:d8:0e:92:42:da:7c:f8:f3:ba:59:93:5b:c1:71:17:02:5b:
ba:5c:a0:6a:cc:01:63:67:dd:45:46:0a:b5:69:d0:16:00:cb:
ba:c8:5e:b2:b9:50:a5:d7:43:07:10:50:93:b4:b0:bc:3a:e5:
6e:af:1e:a0:1b:54:66:15:fe:70:ae:70:18:a4:03:a5:8a:6c:
d8:72:51:19:e5:57:93:f0:cb:8c:7e:53:a9:58:e1:97:5d:33:
70:e8:c5:9b:14:d8:0f:de:1d:21:36:b0:54:74:b2:e6:d2:4c:
6c:f9:ad:c7:d7:7c:69:23:78:54:8c:95:da:fd:c6:a3:a7:ff:
a5:92:69:2f:42:c6:3f:f5:76:ca:10:b9:54:43:0f:a4:e1:c2:
5f:35:14:db:91:ac:11:35:46:9a:ca:21:18:99:dc:61:a4:ae:
af:a7:e7:e4:83:0c:96:bd:de:fb:3a:ed:14:3a:cc:32:de:f0:
12:44:da:f8:25:4a:7b:40:3c:bb:b0:50:cf:56:ea:8a:56:3d:
32:6d:e1:ec:ce:eb:82:d9:95:2e:18:ff:07:c6:f9:e4:f2:71:
c3:18:f1:b9:0d:30:6f:18:6c:3e:2d:ca:b9:f9:00:93:5b:c2:
70:32:f8:8b:bc:93:18:be:a2:f7:c4:20:39:60:0c:db:08:f2:
58:31:29:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRljRI8hG39BbH51soujjYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjUwMTE0MTYwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTFmYWFkYTZhZjhkMjFkOGNjNzNkNDYyNGQwNDQ5MGM4MDM1ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAushnq67ZJ9iF36c8fa0ynXHff/mM
XWXDrNX25CQL2rkI8e9lJPUuVK/46yqX+KGOqTnxnm1QE2Ja90yxR2M0uMrxM4eW
H6qUjc7PdRFBGsIZnIbj2XYu4ksW6DuSaGU72hjGdifY2AUhei4lggCgR2qmwY4Z
cmGlAtPUnZQ8p3wqvZNYFJ42vckKNfkIw1GsA03BhI0NMT4/PAlju9hS20J8wsfl
FQLGMtMpsp14tvylkLweqHwKwPGlP2dap/zIxaIh8GN9QPzun75L7XHvAZ1cJHw1
Wi+n/9WIrbutRY7wwy8Q5KFK1bXj/N6B4OuNy9k+Y0GjS4gHW0kXTm5RZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkfqtpq+NIdjMc9RiTQRJDIA135MB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvT1ItcTJtcjQwaDJNeHoxR0pOQkVrTWdEWGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmwiMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ2A6SQtp8+PO6WZNbwXEXAlu6XKBqzAFjZ91FRgq1
adAWAMu6yF6yuVCl10MHEFCTtLC8OuVurx6gG1RmFf5wrnAYpAOlimzYclEZ5VeT
8MuMflOpWOGXXTNw6MWbFNgP3h0hNrBUdLLm0kxs+a3H13xpI3hUjJXa/cajp/+l
kmkvQsY/9XbKELlUQw+k4cJfNRTbkawRNUaayiEYmdxhpK6vp+fkgwyWvd77Ou0U
Oswy3vASRNr4JUp7QDy7sFDPVuqKVj0ybeHszuuC2ZUuGP8Hxvnk8nHDGPG5DTBv
GGw+Lcq5+QCTW8JwMviLvJMYvqL3xCA5YAzbCPJYMSk6
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:13:27 2025 by rpki-client