Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fa1a51-7a73-411c-971f-46dd2daddf80/1/3-X7CtJ6-nDl2RV2DceCp7iM47k.roa
File: 3-X7CtJ6-nDl2RV2DceCp7iM47k.roa (raw, json)
Hash identifier: Un4lCElE+ejDSann7RlzTPA5eXkCbygyyahT/80VvTg=
Subject key identifier: DF:E5:FB:0A:D2:7A:FA:70:E5:D9:15:76:0D:C7:82:A7:B8:8C:E3:B9
Certificate issuer: /CN=4b2d90122264719147a561e7c6c61f7cc1706c92
Certificate serial: 0185E6E3492A3AF112082F2099067520E2B5
Authority key identifier: 4B:2D:90:12:22:64:71:91:47:A5:61:E7:C6:C6:1F:7C:C1:70:6C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sy2QEiJkcZFHpWHnxsYffMFwbJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fa1a51-7a73-411c-971f-46dd2daddf80/1/3-X7CtJ6-nDl2RV2DceCp7iM47k.roa
Signing time: Wed 25 Jan 2023 03:05:33 +0000
ROA not before: Wed 25 Jan 2023 03:05:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60631
IP address blocks: 62.106.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e6:e3:49:2a:3a:f1:12:08:2f:20:99:06:75:20:e2:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b2d90122264719147a561e7c6c61f7cc1706c92
Validity
Not Before: Jan 25 03:05:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfe5fb0ad27afa70e5d915760dc782a7b88ce3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:05:97:98:6a:b3:e3:f7:13:36:32:fc:c8:82:
d3:57:51:35:e4:f9:16:8c:88:c8:25:ff:87:52:98:
86:21:f7:20:5e:f3:5f:5d:a3:df:f8:b3:4c:40:ab:
4a:8a:20:86:36:b3:3f:aa:10:0f:c3:ae:44:37:65:
17:61:2a:cf:7c:a1:cb:a6:71:05:1f:30:9d:da:e5:
01:9d:22:0d:1d:13:cf:93:a8:d8:3d:93:a5:dd:da:
c7:c5:41:f1:e5:24:81:ce:b9:ec:bf:44:1d:b4:f1:
f6:53:51:00:16:88:ec:c8:a1:3c:7f:c0:5f:1b:a3:
3e:78:50:bd:2b:56:d7:6b:88:84:7e:2f:f0:c9:42:
4c:2f:22:9f:a6:08:0d:79:16:22:a5:33:b5:5f:24:
ff:68:71:67:dd:0d:5a:f3:75:e3:57:43:ff:72:f5:
fe:02:39:0b:2e:cf:00:db:f9:40:0f:ba:99:79:f7:
2a:70:05:00:23:a2:f5:62:96:60:85:35:47:92:dd:
8f:56:2f:b5:1e:0a:3b:9c:f4:d5:20:f0:ae:d1:26:
2d:7e:c0:77:bb:9a:6e:52:f1:95:5b:03:17:20:6e:
07:27:cf:bd:02:01:c1:ee:7b:a0:a0:29:80:82:3a:
72:0e:83:54:38:ee:27:07:d2:40:4e:95:9c:32:f4:
0f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E5:FB:0A:D2:7A:FA:70:E5:D9:15:76:0D:C7:82:A7:B8:8C:E3:B9
X509v3 Authority Key Identifier:
keyid:4B:2D:90:12:22:64:71:91:47:A5:61:E7:C6:C6:1F:7C:C1:70:6C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sy2QEiJkcZFHpWHnxsYffMFwbJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fa1a51-7a73-411c-971f-46dd2daddf80/1/3-X7CtJ6-nDl2RV2DceCp7iM47k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fa1a51-7a73-411c-971f-46dd2daddf80/1/Sy2QEiJkcZFHpWHnxsYffMFwbJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.95.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a2:bc:d8:5c:c2:50:b6:bf:6d:5b:45:62:e5:68:30:a7:63:
b9:04:57:76:a1:cb:a7:10:6c:aa:6d:59:26:78:8b:a5:c6:cf:
83:07:0b:8e:f5:00:ac:4c:1a:10:d0:f1:e0:03:21:6e:89:1d:
57:44:c8:f3:81:83:00:4f:5b:d4:da:a2:e1:cb:87:44:b4:18:
c7:c1:ff:26:24:88:51:18:c0:27:e3:f6:6f:8d:ad:76:19:42:
2b:37:c2:9e:3f:77:b1:c3:0e:c2:f4:ca:08:96:48:af:76:bc:
13:04:b6:6f:28:78:fc:8e:7f:49:2e:8a:0b:06:46:4b:0e:62:
f3:81:ae:d6:47:e5:e6:50:15:7d:fa:ba:61:e6:fa:7f:15:f5:
6f:0e:37:25:fa:16:c2:0b:49:04:b1:78:30:45:18:c5:61:b6:
9f:38:5a:c8:8d:f3:17:df:26:9c:46:68:77:42:60:2f:e9:03:
04:71:4e:5a:47:5f:c2:90:76:71:43:d9:f3:f8:84:3d:0d:77:
f9:a6:d2:e0:7d:dc:98:32:f4:c8:f3:d8:bf:dd:7d:e1:b6:61:
fc:e7:48:07:91:9b:44:e7:ea:7b:6c:6f:4a:ac:ee:d1:46:55:
b3:c8:f7:cb:07:ff:29:39:00:7c:ce:dd:f6:43:d1:5f:65:58:
01:e0:1f:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXm40kqOvESCC8gmQZ1IOK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMmQ5MDEyMjI2NDcxOTE0N2E1NjFlN2M2YzYxZjdjYzE3
MDZjOTIwHhcNMjMwMTI1MDMwNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmU1ZmIwYWQyN2FmYTcwZTVkOTE1NzYwZGM3ODJhN2I4OGNlM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAWXmGqz4/cTNjL8yILTV1E15PkW
jIjIJf+HUpiGIfcgXvNfXaPf+LNMQKtKiiCGNrM/qhAPw65EN2UXYSrPfKHLpnEF
HzCd2uUBnSINHRPPk6jYPZOl3drHxUHx5SSBzrnsv0QdtPH2U1EAFojsyKE8f8Bf
G6M+eFC9K1bXa4iEfi/wyUJMLyKfpggNeRYipTO1XyT/aHFn3Q1a83XjV0P/cvX+
AjkLLs8A2/lAD7qZefcqcAUAI6L1YpZghTVHkt2PVi+1Hgo7nPTVIPCu0SYtfsB3
u5puUvGVWwMXIG4HJ8+9AgHB7nugoCmAgjpyDoNUOO4nB9JATpWcMvQPbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/l+wrSevpw5dkVdg3Hgqe4jOO5MB8GA1UdIwQY
MBaAFEstkBIiZHGRR6Vh58bGH3zBcGySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3kyUUVpSmtjWkZIcFdIbnhzWWZmTUZ3YkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYTFhNTEtN2E3My00MTFjLTk3MWYt
NDZkZDJkYWRkZjgwLzEvMy1YN0N0SjYtbkRsMlJWMkRjZUNwN2lNNDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYTFhNTEtN2E3My00MTFjLTk3MWYtNDZkZDJkYWRkZjgw
LzEvU3kyUUVpSmtjWkZIcFdIbnhzWWZmTUZ3YkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmpfMA0G
CSqGSIb3DQEBCwUAA4IBAQCUorzYXMJQtr9tW0Vi5Wgwp2O5BFd2ocunEGyqbVkm
eIulxs+DBwuO9QCsTBoQ0PHgAyFuiR1XRMjzgYMAT1vU2qLhy4dEtBjHwf8mJIhR
GMAn4/Zvja12GUIrN8KeP3exww7C9MoIlkivdrwTBLZvKHj8jn9JLooLBkZLDmLz
ga7WR+XmUBV9+rph5vp/FfVvDjcl+hbCC0kEsXgwRRjFYbafOFrIjfMX3yacRmh3
QmAv6QMEcU5aR1/CkHZxQ9nz+IQ9DXf5ptLgfdyYMvTI89i/3X3htmH850gHkZtE
5+p7bG9KrO7RRlWzyPfLB/8pOQB8zt32Q9FfZVgB4B9h
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:22:01 2025 by rpki-client