Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/fe3d1a-ec07-4033-b40c-ca24361e7e4d/1/Oweo7u97UcaDvU5cgvfnY2HVBiA.roa
File: Oweo7u97UcaDvU5cgvfnY2HVBiA.roa (raw, json)
Hash identifier: 9UVd3DPB1mzF9n8MAqzmlxVsZVW6nxguJq5SMTbJCP4=
Subject key identifier: 3B:07:A8:EE:EF:7B:51:C6:83:BD:4E:5C:82:F7:E7:63:61:D5:06:20
Certificate issuer: /CN=311867bba7eeccf2b04c122ab8ec2cf1e72fc5ea
Certificate serial: 019422FBA02436D7EE50E5B95E8A20CB62BF
Authority key identifier: 31:18:67:BB:A7:EE:CC:F2:B0:4C:12:2A:B8:EC:2C:F1:E7:2F:C5:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MRhnu6fuzPKwTBIquOws8ecvxeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/fe3d1a-ec07-4033-b40c-ca24361e7e4d/1/Oweo7u97UcaDvU5cgvfnY2HVBiA.roa
Signing time: Wed 01 Jan 2025 17:48:23 +0000
ROA not before: Wed 01 Jan 2025 17:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 46.17.14.0/23 maxlen: 24
2a02:2870:8000::/33 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a0:24:36:d7:ee:50:e5:b9:5e:8a:20:cb:62:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311867bba7eeccf2b04c122ab8ec2cf1e72fc5ea
Validity
Not Before: Jan 1 17:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b07a8eeef7b51c683bd4e5c82f7e76361d50620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:41:23:51:71:46:0e:9b:06:bb:0b:a1:ef:21:
ca:4c:d6:d7:a4:b6:92:81:c0:e8:70:85:8d:3a:3c:
3e:b0:5e:5d:5e:19:9b:2f:00:b4:15:67:d3:5f:55:
18:f2:e2:13:dd:16:b0:23:fc:66:6c:81:15:8c:d0:
1b:56:7e:98:85:27:ba:1e:31:0e:27:ba:b3:b0:28:
b1:5a:ac:97:96:f2:19:34:4a:c6:5b:5a:cb:3e:22:
60:1f:c9:5c:7b:39:92:bc:ba:0c:1c:9f:cc:b3:eb:
38:91:f4:af:f4:cf:75:84:75:73:f9:24:b4:73:10:
92:8b:92:8a:1a:e2:11:01:16:8c:fb:ac:0a:fa:4d:
88:15:9d:92:da:18:89:75:26:2c:2b:42:6f:89:76:
df:4a:b5:19:d5:71:ba:88:ab:76:88:af:59:17:87:
02:3f:31:cb:32:99:90:ca:1d:4f:8f:79:49:d3:54:
3b:0e:73:9f:ed:0d:82:b6:9e:36:24:da:89:f1:0a:
3d:d1:99:38:59:5f:b9:89:c5:41:b8:2f:b5:40:29:
5d:42:03:80:30:46:f8:1a:99:71:db:1a:ff:6d:73:
42:bc:ee:75:13:7c:26:f0:66:6f:fd:c2:36:49:62:
06:d4:fb:4b:e9:ce:d2:53:f7:52:b3:d6:2e:ec:60:
4f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:07:A8:EE:EF:7B:51:C6:83:BD:4E:5C:82:F7:E7:63:61:D5:06:20
X509v3 Authority Key Identifier:
keyid:31:18:67:BB:A7:EE:CC:F2:B0:4C:12:2A:B8:EC:2C:F1:E7:2F:C5:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MRhnu6fuzPKwTBIquOws8ecvxeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/fe3d1a-ec07-4033-b40c-ca24361e7e4d/1/Oweo7u97UcaDvU5cgvfnY2HVBiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/fe3d1a-ec07-4033-b40c-ca24361e7e4d/1/MRhnu6fuzPKwTBIquOws8ecvxeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.14.0/23
IPv6:
2a02:2870:8000::/33
Signature Algorithm: sha256WithRSAEncryption
d5:84:5c:d6:56:5f:d4:b4:0d:93:d5:c4:70:9e:b4:84:79:09:
a2:8f:03:0f:f9:6a:66:f5:40:c6:b1:ed:64:70:f6:29:a8:18:
24:5f:05:d2:3a:fd:bc:20:53:19:f7:3b:f3:22:85:b4:ee:99:
04:07:6a:63:e1:1f:1b:a2:1e:df:2c:e1:78:ef:6b:1f:74:cb:
cb:ad:93:8c:bb:bf:95:b3:e5:4e:db:d2:d7:3b:71:90:22:35:
ae:df:32:fe:d7:e9:57:23:24:0a:a3:8b:e7:fc:f0:45:08:29:
c6:dc:3c:e3:f3:bd:c2:50:1e:9f:07:b7:44:6c:2e:d0:52:f3:
1c:f1:ff:e9:f1:10:8b:d2:be:44:4c:45:9f:eb:f5:24:03:c2:
44:a2:34:4d:9a:01:f8:e1:48:bb:cf:6b:2c:eb:d6:1d:58:af:
5b:cb:d1:ac:cb:65:ee:3c:97:b8:35:d8:ea:85:c5:c8:0b:a4:
f7:01:f0:64:15:c0:aa:84:6b:21:20:10:7b:11:c9:ee:ad:85:
98:1b:8a:25:b8:4b:e9:3c:96:e8:a4:a7:e0:8b:9a:f0:c2:65:
57:0e:7f:5c:ba:c4:a6:e1:81:2c:4c:9b:0b:75:d3:4f:65:2c:
22:fa:5d:a9:3b:f3:e1:56:67:a2:a2:0e:12:9d:ed:65:a0:cd:
ea:e6:db:f6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQi+6AkNtfuUOW5Xoogy2K/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMTg2N2JiYTdlZWNjZjJiMDRjMTIyYWI4ZWMyY2YxZTcy
ZmM1ZWEwHhcNMjUwMTAxMTc0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA3YThlZWVmN2I1MWM2ODNiZDRlNWM4MmY3ZTc2MzYxZDUwNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukEjUXFGDpsGuwuh7yHKTNbXpLaS
gcDocIWNOjw+sF5dXhmbLwC0FWfTX1UY8uIT3RawI/xmbIEVjNAbVn6YhSe6HjEO
J7qzsCixWqyXlvIZNErGW1rLPiJgH8lcezmSvLoMHJ/Ms+s4kfSv9M91hHVz+SS0
cxCSi5KKGuIRARaM+6wK+k2IFZ2S2hiJdSYsK0JviXbfSrUZ1XG6iKt2iK9ZF4cC
PzHLMpmQyh1Pj3lJ01Q7DnOf7Q2Ctp42JNqJ8Qo90Zk4WV+5icVBuC+1QCldQgOA
MEb4Gplx2xr/bXNCvO51E3wm8GZv/cI2SWIG1PtL6c7SU/dSs9Yu7GBPmwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDsHqO7ve1HGg71OXIL352Nh1QYgMB8GA1UdIwQY
MBaAFDEYZ7un7szysEwSKrjsLPHnL8XqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVJobnU2ZnV6UEt3VEJJcXVPd3M4ZWN2eGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mZTNkMWEtZWMwNy00MDMzLWI0MGMt
Y2EyNDM2MWU3ZTRkLzEvT3dlbzd1OTdVY2FEdlU1Y2d2Zm5ZMkhWQmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mZTNkMWEtZWMwNy00MDMzLWI0MGMtY2EyNDM2MWU3ZTRk
LzEvTVJobnU2ZnV6UEt3VEJJcXVPd3M4ZWN2eGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBLhEOMA4E
AgACMAgDBgcqAihwgDANBgkqhkiG9w0BAQsFAAOCAQEA1YRc1lZf1LQNk9XEcJ60
hHkJoo8DD/lqZvVAxrHtZHD2KagYJF8F0jr9vCBTGfc78yKFtO6ZBAdqY+EfG6Ie
3yzheO9rH3TLy62TjLu/lbPlTtvS1ztxkCI1rt8y/tfpVyMkCqOL5/zwRQgpxtw8
4/O9wlAenwe3RGwu0FLzHPH/6fEQi9K+RExFn+v1JAPCRKI0TZoB+OFIu89rLOvW
HVivW8vRrMtl7jyXuDXY6oXFyAuk9wHwZBXAqoRrISAQexHJ7q2FmBuKJbhL6TyW
6KSn4Iua8MJlVw5/XLrEpuGBLEybC3XTT2UsIvpdqTvz4VZnoqIOEp3tZaDN6ubb
9g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:16 2025 by rpki-client