Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/OXpOSIrbmH8yOOjfbmJ_l1sc8rM.roa
File: OXpOSIrbmH8yOOjfbmJ_l1sc8rM.roa (raw, json)
Hash identifier: KzFFwLluE7Q/vSo2R6RQscKthTvMTeiKZrCSKiqkZvA=
Subject key identifier: 39:7A:4E:48:8A:DB:98:7F:32:38:E8:DF:6E:62:7F:97:5B:1C:F2:B3
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 01938F0ACD4D450D86149CCB950DBFC19812
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/OXpOSIrbmH8yOOjfbmJ_l1sc8rM.roa
Signing time: Wed 04 Dec 2024 00:21:10 +0000
ROA not before: Wed 04 Dec 2024 00:21:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29226
IP address blocks: 2a11:f840::/29 maxlen: 29
2a12:9c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8f:0a:cd:4d:45:0d:86:14:9c:cb:95:0d:bf:c1:98:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Dec 4 00:21:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=397a4e488adb987f3238e8df6e627f975b1cf2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ae:a4:f3:51:88:d7:a5:c1:9a:8b:9a:cc:51:
24:4f:73:da:38:c3:85:03:17:01:b3:c7:96:68:52:
b3:74:d1:1d:cc:50:cf:78:6a:cd:20:25:89:6c:81:
af:f8:52:3a:58:60:4a:0f:09:e3:fa:ad:5a:bf:96:
3a:47:d3:a7:6f:a5:33:89:b9:4c:e3:95:47:0f:33:
d2:7a:69:95:c7:b4:2f:ab:dd:3f:ba:f5:be:8f:aa:
3e:bf:d4:c2:01:3e:d6:fa:ec:4d:85:2e:53:8d:57:
33:3c:de:99:f8:60:99:cb:b5:5c:b7:82:ef:da:99:
eb:8a:6b:44:e3:d4:30:28:38:ef:25:c0:85:50:e9:
7c:f5:a8:1f:bf:b5:ee:a1:1b:cf:47:f3:16:ac:6e:
64:4e:ca:e6:94:de:db:48:28:b2:3b:6a:f2:2c:1d:
6f:75:06:83:ee:0d:c7:7f:3b:74:8f:94:2c:49:9b:
01:8e:4b:26:bd:82:d3:66:91:6d:a2:e9:b8:cc:14:
5a:61:31:36:fe:92:38:f1:06:d8:ea:84:db:d9:36:
81:d5:f8:bb:33:a5:ca:71:52:33:db:f4:36:30:a1:
73:13:52:58:e8:91:53:6b:b0:5a:d9:55:8e:f3:ee:
5a:75:b5:e9:a6:33:4b:97:84:01:57:4a:49:26:fd:
45:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7A:4E:48:8A:DB:98:7F:32:38:E8:DF:6E:62:7F:97:5B:1C:F2:B3
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/OXpOSIrbmH8yOOjfbmJ_l1sc8rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f840::/29
2a12:9c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:8f:60:d5:ac:01:9a:70:b2:e5:09:5f:e9:74:76:f8:4e:b3:
1f:0f:af:86:fd:e0:f5:4d:51:9a:39:f1:e9:89:f0:6a:7b:c7:
05:b6:06:c5:44:de:54:6e:02:d3:01:75:80:b8:c7:56:93:b4:
77:fd:71:b4:f7:3f:80:e9:63:6e:41:21:31:99:2f:51:d3:19:
fe:82:09:1e:30:c3:64:8f:e8:db:31:e7:df:89:93:74:75:65:
6b:93:bf:6d:27:a0:f5:8e:18:e2:20:6d:da:76:0b:7b:d3:21:
da:68:97:18:72:ce:18:6c:e3:71:2b:77:1c:08:d4:eb:45:c9:
82:26:28:3f:e0:68:72:7f:9a:2a:03:76:2d:95:57:9d:aa:a1:
9e:d8:a7:22:8b:94:ef:1d:e2:ee:0e:40:56:85:7c:b8:79:ff:
88:d0:6a:ee:b7:5f:ca:e9:2d:d7:9a:3d:d9:30:d3:95:d0:20:
b0:5d:4b:fd:35:b5:b4:20:f5:6d:fc:12:6c:ca:67:6f:f0:2f:
3d:df:79:c2:5f:bc:c3:17:27:1a:d8:0b:62:f3:19:bb:40:3c:
a3:da:34:08:cb:93:65:3b:ef:3a:6b:48:67:73:f8:6d:62:d5:
97:64:22:fa:c7:e1:40:41:7f:99:fe:2e:74:8a:82:da:0c:d7:
eb:87:ad:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZOPCs1NRQ2GFJzLlQ2/wZgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjQxMjA0MDAyMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdhNGU0ODhhZGI5ODdmMzIzOGU4ZGY2ZTYyN2Y5NzViMWNmMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz66k81GI16XBmouazFEkT3PaOMOF
AxcBs8eWaFKzdNEdzFDPeGrNICWJbIGv+FI6WGBKDwnj+q1av5Y6R9Onb6UziblM
45VHDzPSemmVx7Qvq90/uvW+j6o+v9TCAT7W+uxNhS5TjVczPN6Z+GCZy7Vct4Lv
2pnrimtE49QwKDjvJcCFUOl89agfv7XuoRvPR/MWrG5kTsrmlN7bSCiyO2ryLB1v
dQaD7g3Hfzt0j5QsSZsBjksmvYLTZpFtoum4zBRaYTE2/pI48QbY6oTb2TaB1fi7
M6XKcVIz2/Q2MKFzE1JY6JFTa7Ba2VWO8+5adbXppjNLl4QBV0pJJv1FCQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDl6TkiK25h/Mjjo325if5dbHPKzMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvT1hwT1NJcmJtSDh5T09qZmJtSl9sMXNjOHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhH4QAMF
AyoSCcAwDQYJKoZIhvcNAQELBQADggEBAG2PYNWsAZpwsuUJX+l0dvhOsx8Pr4b9
4PVNUZo58emJ8Gp7xwW2BsVE3lRuAtMBdYC4x1aTtHf9cbT3P4DpY25BITGZL1HT
Gf6CCR4ww2SP6Nsx59+Jk3R1ZWuTv20noPWOGOIgbdp2C3vTIdpolxhyzhhs43Er
dxwI1OtFyYImKD/gaHJ/mioDdi2VV52qoZ7YpyKLlO8d4u4OQFaFfLh5/4jQau63
X8rpLdeaPdkw05XQILBdS/01tbQg9W38EmzKZ2/wLz3fecJfvMMXJxrYC2LzGbtA
PKPaNAjLk2U77zprSGdz+G1i1ZdkIvrH4UBBf5n+LnSKgtoM1+uHrVI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:35:06 2025 by rpki-client