Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/OxTZ1LvoXTUaxEUWLsU_oBxtOhM.roa
File: OxTZ1LvoXTUaxEUWLsU_oBxtOhM.roa (raw, json)
Hash identifier: vUg6CITgm+PFKd3FXshDu+jzskD4tKEs8196+xLUihc=
Subject key identifier: 3B:14:D9:D4:BB:E8:5D:35:1A:C4:45:16:2E:C5:3F:A0:1C:6D:3A:13
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194D61A790F6036A90A7BE39AC0E3236909
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/OxTZ1LvoXTUaxEUWLsU_oBxtOhM.roa
Signing time: Wed 05 Feb 2025 12:34:06 +0000
ROA not before: Wed 05 Feb 2025 12:34:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206833
IP address blocks: 46.29.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:1a:79:0f:60:36:a9:0a:7b:e3:9a:c0:e3:23:69:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Feb 5 12:34:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b14d9d4bbe85d351ac445162ec53fa01c6d3a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ae:63:a8:de:64:10:76:de:0a:f8:b5:04:2d:
52:ee:33:2d:b0:58:11:df:02:4a:8f:a5:a7:e3:b0:
48:08:9c:07:cb:e6:1b:09:a0:35:d8:97:b9:ac:06:
79:76:ad:6e:ab:ae:3b:2b:d3:92:6a:cc:ab:5a:2d:
35:5a:68:0a:79:c4:e3:58:6b:95:7f:d7:24:c6:9b:
0c:7a:04:7b:71:ea:40:2d:6a:08:00:2a:74:15:9b:
a0:2e:63:fc:0c:7c:53:9d:04:f2:9f:13:b1:b6:1d:
52:e9:2a:8c:83:0e:85:77:9a:ca:9a:52:1f:b9:25:
19:d9:bd:ee:a4:60:5c:62:08:66:bc:3a:18:56:fd:
11:8e:ea:2b:80:90:ad:2b:f2:89:72:b6:08:db:ae:
cd:70:30:8f:87:2b:5b:6c:f3:6a:3e:1b:ea:29:6b:
57:b4:6b:04:fa:46:6b:0e:ed:20:cd:43:8e:46:3a:
d5:3f:f8:bb:fc:84:1c:3a:d1:13:1e:17:20:bf:e8:
15:8d:0d:8c:1a:fd:03:41:81:0d:4b:e9:f6:06:f6:
f3:60:df:6a:06:1e:68:8f:90:6e:24:66:3c:3b:13:
0e:32:73:a3:db:64:3f:89:51:b6:e7:2a:d1:29:28:
58:3c:f4:be:5e:e3:3d:2e:ea:16:4f:bc:73:72:63:
3e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:14:D9:D4:BB:E8:5D:35:1A:C4:45:16:2E:C5:3F:A0:1C:6D:3A:13
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/OxTZ1LvoXTUaxEUWLsU_oBxtOhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.31.0/24
Signature Algorithm: sha256WithRSAEncryption
47:74:36:93:3f:4c:6a:f1:1e:f8:b3:da:89:fb:7f:f6:d6:0a:
46:17:ae:df:1d:c3:6f:44:2f:8c:d4:36:97:46:49:6e:cb:db:
9f:b4:04:87:ae:24:e8:f1:c4:0d:c5:2c:8f:d3:d3:8f:9c:ff:
2f:ba:9d:08:2e:93:03:cf:47:bf:9d:11:fa:32:83:b6:db:2c:
f9:2f:6f:96:67:31:c5:df:12:a1:36:7b:84:77:5f:f6:e5:cd:
18:3a:8f:72:f6:43:cb:f6:e0:27:26:96:34:9b:f5:a7:66:97:
04:70:d9:f6:d2:07:0c:6c:1f:f7:f9:72:83:e9:80:31:72:81:
d8:37:e3:c9:a8:90:c2:00:f3:a8:f1:bf:fb:cb:c7:06:ce:31:
b0:c0:50:84:08:d5:83:92:d2:b9:a5:b5:c7:fb:e7:01:36:b8:
21:78:a8:3d:45:c1:bb:01:48:88:1d:03:64:e1:5c:10:58:36:
3f:47:b7:f3:3d:99:e5:05:76:14:8a:de:33:d1:8a:a7:15:04:
fa:98:04:05:64:7c:6f:d9:0d:0f:de:ea:17:53:35:76:32:42:
3f:51:d8:4c:d6:44:cb:2a:da:61:33:f8:3c:1d:5d:6f:f4:8f:
2f:8b:89:fb:0f:85:3c:84:78:37:a5:9a:30:49:e8:94:9a:4d:
0b:c4:57:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTWGnkPYDapCnvjmsDjI2kJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMjA1MTIzNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjE0ZDlkNGJiZTg1ZDM1MWFjNDQ1MTYyZWM1M2ZhMDFjNmQzYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1q5jqN5kEHbeCvi1BC1S7jMtsFgR
3wJKj6Wn47BICJwHy+YbCaA12Je5rAZ5dq1uq647K9OSasyrWi01WmgKecTjWGuV
f9ckxpsMegR7cepALWoIACp0FZugLmP8DHxTnQTynxOxth1S6SqMgw6Fd5rKmlIf
uSUZ2b3upGBcYghmvDoYVv0RjuorgJCtK/KJcrYI267NcDCPhytbbPNqPhvqKWtX
tGsE+kZrDu0gzUOORjrVP/i7/IQcOtETHhcgv+gVjQ2MGv0DQYENS+n2BvbzYN9q
Bh5oj5BuJGY8OxMOMnOj22Q/iVG25yrRKShYPPS+XuM9LuoWT7xzcmM+SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsU2dS76F01GsRFFi7FP6AcbToTMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvT3hUWjFMdm9YVFVheEVVV0xzVV9vQnh0T2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALh0fMA0G
CSqGSIb3DQEBCwUAA4IBAQBHdDaTP0xq8R74s9qJ+3/21gpGF67fHcNvRC+M1DaX
Rkluy9uftASHriTo8cQNxSyP09OPnP8vup0ILpMDz0e/nRH6MoO22yz5L2+WZzHF
3xKhNnuEd1/25c0YOo9y9kPL9uAnJpY0m/WnZpcEcNn20gcMbB/3+XKD6YAxcoHY
N+PJqJDCAPOo8b/7y8cGzjGwwFCECNWDktK5pbXH++cBNrgheKg9RcG7AUiIHQNk
4VwQWDY/R7fzPZnlBXYUit4z0YqnFQT6mAQFZHxv2Q0P3uoXUzV2MkI/UdhM1kTL
KtphM/g8HV1v9I8vi4n7D4U8hHg3pZowSeiUmk0LxFd+
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:24:33 2025 by rpki-client