Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ovafsYtoE7DXZrX76_DbhwiFBFI.roa
File: ovafsYtoE7DXZrX76_DbhwiFBFI.roa (raw, json)
Hash identifier: B3oTrNBu7iXQWRfAVFRfxlkERw0m92wTQifsPR2uF3I=
Subject key identifier: A2:F6:9F:B1:8B:68:13:B0:D7:66:B5:FB:EB:F0:DB:87:08:85:04:52
Certificate issuer: /CN=64d864ae92bd7ceab5083bcc71101ef04676f8ac
Certificate serial: 01942521EE2AC29DD2B26B9DC4B144C2498D
Authority key identifier: 64:D8:64:AE:92:BD:7C:EA:B5:08:3B:CC:71:10:1E:F0:46:76:F8:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ovafsYtoE7DXZrX76_DbhwiFBFI.roa
Signing time: Thu 02 Jan 2025 03:49:28 +0000
ROA not before: Thu 02 Jan 2025 03:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 45.10.200.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ee:2a:c2:9d:d2:b2:6b:9d:c4:b1:44:c2:49:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d864ae92bd7ceab5083bcc71101ef04676f8ac
Validity
Not Before: Jan 2 03:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2f69fb18b6813b0d766b5fbebf0db8708850452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2d:b3:43:21:ac:c9:99:fc:ed:1e:bb:27:aa:
ff:3b:58:82:94:ff:cc:1b:8e:d2:e2:69:05:ca:1b:
f5:05:e3:b9:b6:53:5a:a4:e4:6c:90:3c:3f:61:56:
80:1d:cd:c2:f0:13:0a:38:f0:ff:1c:90:7a:e8:60:
9c:1a:74:9d:8c:0d:ee:ba:f9:fc:54:32:13:59:90:
88:f1:ac:3c:4c:8d:4a:f6:3f:d3:16:9e:7d:52:ff:
39:1c:30:ae:34:a7:bc:d1:16:6d:1a:24:c2:4d:35:
ba:05:82:b4:6c:d6:d6:83:b4:54:95:b6:ec:7a:31:
7c:3c:d5:c7:3f:7d:39:a7:19:a2:48:7f:3e:7f:1b:
e6:cc:98:94:21:8b:d9:69:14:96:f0:93:3f:7c:4f:
57:2d:c4:af:44:cf:a5:db:73:e3:58:43:80:08:cc:
6d:46:f5:90:17:1a:0b:c5:95:94:8d:d0:c7:ac:8f:
97:86:9c:79:a0:49:f9:e0:14:fb:f9:79:04:99:e1:
34:38:71:02:02:49:aa:59:10:bb:02:d8:6b:64:34:
a4:c2:7c:ba:72:19:62:e3:0e:f1:b1:a7:ab:a8:0b:
02:c1:8d:fd:75:13:a4:57:42:60:49:b2:ca:a7:07:
21:1f:ee:31:7e:0a:cc:00:87:42:0b:d6:da:93:68:
d7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F6:9F:B1:8B:68:13:B0:D7:66:B5:FB:EB:F0:DB:87:08:85:04:52
X509v3 Authority Key Identifier:
keyid:64:D8:64:AE:92:BD:7C:EA:B5:08:3B:CC:71:10:1E:F0:46:76:F8:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ovafsYtoE7DXZrX76_DbhwiFBFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.200.0/22
Signature Algorithm: sha256WithRSAEncryption
61:95:f8:f8:11:a4:9f:dc:21:af:7e:6f:cc:c7:c7:8d:f7:8d:
22:bb:51:6d:5a:cf:4a:be:b2:eb:9a:73:aa:bc:25:a1:44:ca:
49:35:c4:20:f2:6a:9e:ae:ae:9d:b0:9a:27:0d:ab:a4:ae:73:
0f:d9:37:6d:88:d4:84:38:b6:40:75:b4:08:96:39:10:79:23:
4d:70:69:0b:6a:23:ab:a3:74:fe:e6:d9:cf:62:5d:93:a6:ed:
4a:61:34:72:ac:6e:15:1d:77:9c:89:1f:8c:5c:d9:e6:e2:9b:
d7:12:00:d9:b6:ff:eb:38:1b:cf:1d:df:10:09:41:85:c9:9e:
93:aa:94:0f:a4:b2:7a:51:13:a9:59:51:6a:96:81:4e:25:76:
1e:20:ac:d8:92:1a:95:ff:b2:f6:17:9a:a7:39:ab:25:6b:ce:
59:ba:e0:0f:74:52:d9:9e:ec:91:5d:3d:48:9e:6e:39:a4:07:
81:ee:38:b7:2b:c2:cf:60:f7:f5:e2:b7:38:98:78:59:e3:42:
78:92:eb:99:19:cb:4f:ae:72:7d:89:eb:26:15:aa:3a:ce:ef:
54:42:0c:05:a1:c3:24:e6:a5:2b:de:60:e8:a4:1c:51:80:c5:
33:aa:1a:1e:cb:e5:7f:7f:e1:19:9c:0e:6d:cf:53:24:46:60:
0e:03:83:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIe4qwp3SsmudxLFEwkmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDg2NGFlOTJiZDdjZWFiNTA4M2JjYzcxMTAxZWYwNDY3
NmY4YWMwHhcNMjUwMTAyMDM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmY2OWZiMThiNjgxM2IwZDc2NmI1ZmJlYmYwZGI4NzA4ODUwNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C2zQyGsyZn87R67J6r/O1iClP/M
G47S4mkFyhv1BeO5tlNapORskDw/YVaAHc3C8BMKOPD/HJB66GCcGnSdjA3uuvn8
VDITWZCI8aw8TI1K9j/TFp59Uv85HDCuNKe80RZtGiTCTTW6BYK0bNbWg7RUlbbs
ejF8PNXHP305pxmiSH8+fxvmzJiUIYvZaRSW8JM/fE9XLcSvRM+l23PjWEOACMxt
RvWQFxoLxZWUjdDHrI+Xhpx5oEn54BT7+XkEmeE0OHECAkmqWRC7AthrZDSkwny6
chli4w7xsaerqAsCwY39dROkV0JgSbLKpwchH+4xfgrMAIdCC9bak2jXOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKL2n7GLaBOw12a1++vw24cIhQRSMB8GA1UdIwQY
MBaAFGTYZK6SvXzqtQg7zHEQHvBGdvisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5oa3JwSzlmT3ExQ0R2TWNSQWU4RVoyLUt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83MGIyYzQtMWQ0YS00YjkxLWIwZDAt
MmMwNWNjOTIyMDAxLzEvb3ZhZnNZdG9FN0RYWnJYNzZfRGJod2lGQkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83MGIyYzQtMWQ0YS00YjkxLWIwZDAtMmMwNWNjOTIyMDAx
LzEvWk5oa3JwSzlmT3ExQ0R2TWNSQWU4RVoyLUt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQrIMA0G
CSqGSIb3DQEBCwUAA4IBAQBhlfj4EaSf3CGvfm/Mx8eN940iu1FtWs9KvrLrmnOq
vCWhRMpJNcQg8mqerq6dsJonDaukrnMP2TdtiNSEOLZAdbQIljkQeSNNcGkLaiOr
o3T+5tnPYl2Tpu1KYTRyrG4VHXeciR+MXNnm4pvXEgDZtv/rOBvPHd8QCUGFyZ6T
qpQPpLJ6UROpWVFqloFOJXYeIKzYkhqV/7L2F5qnOasla85ZuuAPdFLZnuyRXT1I
nm45pAeB7ji3K8LPYPf14rc4mHhZ40J4kuuZGctPrnJ9iesmFao6zu9UQgwFocMk
5qUr3mDopBxRgMUzqhoey+V/f+EZnA5tz1MkRmAOA4P1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:10 2025 by rpki-client