Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/OXvUH-49ZwXXlTf9HvcgX1619E4.roa
File: OXvUH-49ZwXXlTf9HvcgX1619E4.roa (raw, json)
Hash identifier: F4yI2B92XFdTdkbnHJ3XGz1AU/bhwWr4Z6mxAaOCk+8=
Subject key identifier: 39:7B:D4:1F:EE:3D:67:05:D7:95:37:FD:1E:F7:20:5F:5E:B5:F4:4E
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 0190436D9995EE26595E208F4E2FF93D5106
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/OXvUH-49ZwXXlTf9HvcgX1619E4.roa
Signing time: Sun 23 Jun 2024 04:49:34 +0000
ROA not before: Sun 23 Jun 2024 04:49:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60262
IP address blocks: 2a04:ca80::/29 maxlen: 29
2a0a:ca40::/29 maxlen: 29
2a0c:b500::/29 maxlen: 29
2a11:2dc0::/29 maxlen: 29
2a11:5e40::/29 maxlen: 29
2a11:76c0::/29 maxlen: 29
2a11:a900::/29 maxlen: 29
2a12:f700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:43:6d:99:95:ee:26:59:5e:20:8f:4e:2f:f9:3d:51:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jun 23 04:49:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=397bd41fee3d6705d79537fd1ef7205f5eb5f44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b7:d3:94:98:af:26:82:ea:57:9c:b8:06:0a:
24:6d:df:da:8f:a4:e4:b8:6c:33:a0:74:6d:5b:c8:
cd:c0:36:a3:e1:1c:2d:73:bc:26:95:29:41:b1:71:
c8:a2:87:3b:e6:a3:aa:22:91:27:85:f7:66:6f:90:
84:0d:bb:f6:38:54:bc:8f:b1:ef:26:69:45:e9:a5:
50:a0:55:16:93:3f:10:39:8c:cb:43:34:ba:65:df:
ea:2d:62:9e:bd:10:ce:8b:f8:c7:44:5f:05:9a:83:
b5:70:78:0a:84:99:f6:b9:32:6f:e3:8e:9c:8a:38:
3d:40:9f:d9:37:6d:48:31:58:43:3d:02:9a:bf:df:
91:b3:0c:60:f5:d6:98:29:86:a6:56:44:8d:84:24:
3c:64:64:87:5d:54:ce:c2:1f:73:89:48:7e:fa:78:
04:6a:7a:59:e6:1c:b9:e5:bb:a5:12:e8:52:ab:64:
88:29:41:33:5e:d0:7c:c2:0b:aa:e6:56:c8:c5:2e:
51:0c:a9:08:2a:ce:5a:1c:e3:64:46:3b:26:fc:51:
b6:63:f4:1f:81:72:d7:a0:c5:0b:94:30:f3:8e:90:
b7:fb:05:38:19:b4:c7:10:0c:21:51:8f:75:23:22:
43:88:8c:e3:67:b1:cd:9e:0f:e6:c1:0a:4f:2e:fe:
70:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7B:D4:1F:EE:3D:67:05:D7:95:37:FD:1E:F7:20:5F:5E:B5:F4:4E
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/OXvUH-49ZwXXlTf9HvcgX1619E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ca80::/29
2a0a:ca40::/29
2a0c:b500::/29
2a11:2dc0::/29
2a11:5e40::/29
2a11:76c0::/29
2a11:a900::/29
2a12:f700::/29
Signature Algorithm: sha256WithRSAEncryption
57:c7:03:de:b2:8b:39:c1:ce:90:3c:a8:6d:0c:e9:86:9e:ad:
75:63:b3:08:dc:6b:72:ea:36:99:35:f0:6a:96:ef:da:73:3a:
bb:d7:79:3d:c1:ce:c5:6b:c3:44:f4:f0:de:e6:9b:e3:e9:30:
2e:6b:ad:fc:53:da:4d:24:40:2d:94:03:cc:aa:90:ef:19:5b:
72:ae:3c:83:9c:66:db:ed:50:72:e2:8d:07:3e:99:03:38:10:
a8:91:21:e8:87:e6:89:36:f5:11:77:d3:0e:48:45:42:a2:3b:
0d:bf:28:a8:e6:25:64:50:6d:2b:cc:de:ea:d3:0a:95:3d:35:
aa:19:7e:e2:14:ed:8d:4d:f3:2d:33:60:ee:0a:da:6d:18:13:
69:4f:82:29:c4:ca:85:95:db:16:13:64:a7:9f:33:4f:d1:22:
be:2d:7e:ca:04:58:77:fa:04:a5:1d:1a:c2:82:dc:6f:e8:34:
1d:1f:c7:b8:94:ed:cf:c1:a0:f5:7b:17:98:8f:b3:4f:aa:8b:
31:52:02:0b:6a:0b:86:f4:85:a2:b5:dd:62:ba:d7:60:1f:25:
36:95:a0:db:7e:68:7f:ac:bc:65:81:01:79:7d:f9:4f:b6:d7:
82:a7:af:f4:8d:4e:72:4b:81:63:bb:ec:19:bd:62:45:5d:57:
1a:e7:0e:60
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZBDbZmV7iZZXiCPTi/5PVEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjQwNjIzMDQ0OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdiZDQxZmVlM2Q2NzA1ZDc5NTM3ZmQxZWY3MjA1ZjVlYjVmNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrfTlJivJoLqV5y4Bgokbd/aj6Tk
uGwzoHRtW8jNwDaj4Rwtc7wmlSlBsXHIooc75qOqIpEnhfdmb5CEDbv2OFS8j7Hv
JmlF6aVQoFUWkz8QOYzLQzS6Zd/qLWKevRDOi/jHRF8FmoO1cHgKhJn2uTJv446c
ijg9QJ/ZN21IMVhDPQKav9+Rswxg9daYKYamVkSNhCQ8ZGSHXVTOwh9ziUh++ngE
anpZ5hy55bulEuhSq2SIKUEzXtB8wguq5lbIxS5RDKkIKs5aHONkRjsm/FG2Y/Qf
gXLXoMULlDDzjpC3+wU4GbTHEAwhUY91IyJDiIzjZ7HNng/mwQpPLv5wHQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDl71B/uPWcF15U3/R73IF9etfROMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvT1h2VUgtNDlad1hYbFRmOUh2Y2dYMTYxOUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgTKgAMF
AyoKykADBQMqDLUAAwUDKhEtwAMFAyoRXkADBQMqEXbAAwUDKhGpAAMFAyoS9wAw
DQYJKoZIhvcNAQELBQADggEBAFfHA96yiznBzpA8qG0M6YaerXVjswjca3LqNpk1
8GqW79pzOrvXeT3BzsVrw0T08N7mm+PpMC5rrfxT2k0kQC2UA8yqkO8ZW3KuPIOc
ZtvtUHLijQc+mQM4EKiRIeiH5ok29RF30w5IRUKiOw2/KKjmJWRQbSvM3urTCpU9
NaoZfuIU7Y1N8y0zYO4K2m0YE2lPginEyoWV2xYTZKefM0/RIr4tfsoEWHf6BKUd
GsKC3G/oNB0fx7iU7c/BoPV7F5iPs0+qizFSAgtqC4b0haK13WK612AfJTaVoNt+
aH+svGWBAXl9+U+214Knr/SNTnJLgWO77Bm9YkVdVxrnDmA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:25 2025 by rpki-client