Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/AOgW4HEl00Bb2GAIq4VJDa8J7cI.roa
File: AOgW4HEl00Bb2GAIq4VJDa8J7cI.roa (raw, json)
Hash identifier: nrDlDKLo2xHMqH0sbQijcVAKwigZKzrR+zG7FOh3uSo=
Subject key identifier: 00:E8:16:E0:71:25:D3:40:5B:D8:60:08:AB:85:49:0D:AF:09:ED:C2
Certificate issuer: /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial: 0184CDF9A4D07393BDC8FECAAB3B8EB78C45
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/AOgW4HEl00Bb2GAIq4VJDa8J7cI.roa
Signing time: Thu 01 Dec 2022 13:56:40 +0000
ROA not before: Thu 01 Dec 2022 13:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212335
IP address blocks: 31.6.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:f9:a4:d0:73:93:bd:c8:fe:ca:ab:3b:8e:b7:8c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Validity
Not Before: Dec 1 13:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00e816e07125d3405bd86008ab85490daf09edc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:c4:0d:3c:3e:cd:03:c3:8a:5d:1b:54:35:
03:01:83:97:62:8e:9e:75:bb:c4:41:c4:05:b0:7c:
83:f6:ab:21:5e:5a:82:43:6c:a1:db:ce:39:ae:03:
05:d3:86:2f:79:58:0e:d8:70:86:1b:a8:cc:24:c7:
93:e3:a2:bf:c0:76:7d:26:ae:63:1d:53:a5:c1:6f:
61:05:e8:35:65:b9:2b:f0:51:3a:9c:a8:4c:13:2e:
32:9e:a3:f3:15:67:99:0e:af:93:e0:6d:1d:61:52:
f8:c4:19:68:db:30:ff:09:a8:7b:cb:9f:63:39:a2:
bf:4d:9f:87:c4:83:a7:56:97:78:a1:f9:6e:a2:35:
62:64:a4:62:ed:94:32:16:b5:04:59:ce:64:bf:fd:
ef:b2:57:03:f7:26:97:15:c6:1e:90:9a:eb:52:11:
ce:ac:b4:c2:b8:22:7c:fa:ff:36:9e:76:e3:f6:f5:
b3:da:59:32:8b:aa:e4:15:f4:f1:0d:71:70:dc:12:
25:24:01:66:bc:b1:ee:aa:c2:ce:b4:f2:5d:47:a1:
87:3a:0f:7b:88:9e:78:88:36:01:38:19:65:17:de:
ad:2b:5e:84:60:cd:60:da:98:99:5f:cc:81:82:ba:
69:92:2b:af:3d:75:55:c9:52:b5:f8:94:a7:ac:46:
22:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E8:16:E0:71:25:D3:40:5B:D8:60:08:AB:85:49:0D:AF:09:ED:C2
X509v3 Authority Key Identifier:
keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/AOgW4HEl00Bb2GAIq4VJDa8J7cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:de:f7:69:63:15:8d:95:62:28:da:d3:a2:dc:0a:8b:53:87:
02:f4:a8:30:cd:4d:99:a4:20:ca:57:7c:d3:89:d5:a1:6a:a9:
9c:f8:06:9d:0c:5c:cd:e1:66:6f:cc:d9:0f:dc:69:da:7b:00:
7d:d1:f0:29:3b:4f:c2:a4:ac:de:98:97:9c:df:18:71:62:ef:
d0:ea:90:97:ae:c2:77:46:b7:e6:ce:de:05:60:9c:ed:ba:ab:
23:17:4a:7f:3d:d8:c9:36:96:81:62:7f:b8:29:94:40:ae:4e:
e2:56:8b:e3:be:82:3d:2f:33:e0:a1:fd:80:8d:fe:9d:c6:59:
f1:17:a6:ba:d6:08:53:cc:88:56:b2:6b:ad:ca:39:67:59:27:
d0:62:d1:9b:9d:90:bf:5c:5d:cd:b0:0c:e7:a9:d4:46:d5:a1:
77:05:4d:d2:0d:a8:18:2e:9a:e3:fe:a4:44:b2:dc:96:8d:5a:
e6:96:b0:54:de:a0:2d:9e:9a:ed:c8:bf:1a:27:fb:e2:33:12:
90:a1:97:9e:fd:48:0b:f7:71:03:ba:90:d8:7e:bb:38:a1:db:
7f:23:91:68:b4:d7:78:90:92:c5:f1:fc:67:48:5b:43:98:b5:
24:34:24:96:25:9b:ba:15:77:93:3b:57:8b:fd:a3:c7:91:c8:
8b:89:2c:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTN+aTQc5O9yP7KqzuOt4xFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1M2VjZTcxZWY2ZWJmNTViYjdiODdlNTA2NjViYTExZmRj
NzdmMDgwHhcNMjIxMjAxMTM1NjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU4MTZlMDcxMjVkMzQwNWJkODYwMDhhYjg1NDkwZGFmMDllZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshzEDTw+zQPDil0bVDUDAYOXYo6e
dbvEQcQFsHyD9qshXlqCQ2yh2845rgMF04YveVgO2HCGG6jMJMeT46K/wHZ9Jq5j
HVOlwW9hBeg1Zbkr8FE6nKhMEy4ynqPzFWeZDq+T4G0dYVL4xBlo2zD/Cah7y59j
OaK/TZ+HxIOnVpd4ofluojViZKRi7ZQyFrUEWc5kv/3vslcD9yaXFcYekJrrUhHO
rLTCuCJ8+v82nnbj9vWz2lkyi6rkFfTxDXFw3BIlJAFmvLHuqsLOtPJdR6GHOg97
iJ54iDYBOBllF96tK16EYM1g2piZX8yBgrppkiuvPXVVyVK1+JSnrEYiaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADoFuBxJdNAW9hgCKuFSQ2vCe3CMB8GA1UdIwQY
MBaAFNU+znHvbr9Vu3uH5QZluhH9x38IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQt
MWMyNjI2NTkwZDI4LzEvQU9nVzRIRWwwMEJiMkdBSXE0VkpEYThKN2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQtMWMyNjI2NTkwZDI4
LzEvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwYrMA0G
CSqGSIb3DQEBCwUAA4IBAQBa3vdpYxWNlWIo2tOi3AqLU4cC9KgwzU2ZpCDKV3zT
idWhaqmc+AadDFzN4WZvzNkP3GnaewB90fApO0/CpKzemJec3xhxYu/Q6pCXrsJ3
Rrfmzt4FYJztuqsjF0p/PdjJNpaBYn+4KZRArk7iVovjvoI9LzPgof2Ajf6dxlnx
F6a61ghTzIhWsmutyjlnWSfQYtGbnZC/XF3NsAznqdRG1aF3BU3SDagYLprj/qRE
styWjVrmlrBU3qAtnprtyL8aJ/viMxKQoZee/UgL93EDupDYfrs4odt/I5FotNd4
kJLF8fxnSFtDmLUkNCSWJZu6FXeTO1eL/aPHkciLiSxQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:10 2025 by rpki-client