Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/45ecff-a382-4564-b57f-a3cd0958c7f1/1/DiOGcBPWhx4zHBhGzSWUnzEu-6w.roa
File: DiOGcBPWhx4zHBhGzSWUnzEu-6w.roa (raw, json)
Hash identifier: 16iPKSU7gT8NS8DbIZNH07Ta1LKt7wPNsJn5Gez5pls=
Subject key identifier: 0E:23:86:70:13:D6:87:1E:33:1C:18:46:CD:25:94:9F:31:2E:FB:AC
Certificate issuer: /CN=3a86b7a734abe4eb73f4c966af66beda7459b75f
Certificate serial: 3860DF78
Authority key identifier: 3A:86:B7:A7:34:AB:E4:EB:73:F4:C9:66:AF:66:BE:DA:74:59:B7:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ooa3pzSr5Otz9Mlmr2a-2nRZt18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/45ecff-a382-4564-b57f-a3cd0958c7f1/1/DiOGcBPWhx4zHBhGzSWUnzEu-6w.roa
Signing time: Sat 01 Jan 2022 04:57:31 +0000
ROA not before: Sat 01 Jan 2022 04:57:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2596
IP address blocks: 2001:848:804::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 945872760 (0x3860df78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a86b7a734abe4eb73f4c966af66beda7459b75f
Validity
Not Before: Jan 1 04:57:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e23867013d6871e331c1846cd25949f312efbac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ee:38:50:6c:dc:92:13:85:d9:26:0f:51:f1:
9b:77:03:3c:1f:22:aa:c7:97:97:f5:a9:60:4a:dc:
c4:fa:9e:be:db:34:2b:33:9f:f8:13:b3:f5:26:09:
8c:5e:e6:fd:a6:38:05:4d:ce:1d:ae:ec:e6:f0:af:
e3:c9:6f:32:5d:64:3b:86:14:7b:e6:16:23:a7:77:
60:43:45:d9:fb:be:f6:05:87:10:2a:f9:bd:2f:0b:
a3:ed:12:9a:e0:cc:26:c2:c8:eb:bd:cf:93:ca:45:
2a:3b:60:f9:06:7d:81:a2:2d:c4:f6:aa:74:ad:8b:
9c:7b:7a:98:43:0e:6c:bd:9f:44:8b:fe:1a:33:28:
a4:db:60:b6:4c:8a:0b:4b:d0:5f:61:54:b9:22:b9:
9b:91:27:2d:8e:f3:7f:16:b7:93:90:f3:66:01:ef:
67:3d:0f:b2:d7:f5:31:06:58:43:13:ee:e5:5c:6b:
67:dd:08:97:8b:ef:d7:81:2d:ee:3b:7e:2b:8b:fc:
4d:dd:ad:1a:ae:a8:c8:8c:d8:45:05:29:8e:4d:8b:
10:43:5b:60:06:77:38:b4:b7:5c:64:5a:bc:46:36:
ae:49:23:3e:45:fa:31:e4:d1:a7:5e:85:89:25:9b:
5a:5b:d2:20:52:26:b7:be:e4:8a:c4:0a:cc:ca:46:
18:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:23:86:70:13:D6:87:1E:33:1C:18:46:CD:25:94:9F:31:2E:FB:AC
X509v3 Authority Key Identifier:
keyid:3A:86:B7:A7:34:AB:E4:EB:73:F4:C9:66:AF:66:BE:DA:74:59:B7:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ooa3pzSr5Otz9Mlmr2a-2nRZt18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/45ecff-a382-4564-b57f-a3cd0958c7f1/1/DiOGcBPWhx4zHBhGzSWUnzEu-6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/45ecff-a382-4564-b57f-a3cd0958c7f1/1/Ooa3pzSr5Otz9Mlmr2a-2nRZt18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:848:804::/48
Signature Algorithm: sha256WithRSAEncryption
74:9c:94:36:6a:ff:0b:4f:d5:7b:df:81:db:a0:74:6f:bc:d8:
c4:5b:d6:0b:0c:86:57:97:e8:34:8b:a4:1f:40:16:4c:57:2b:
2a:f6:2c:cf:5e:15:a4:6e:ab:23:90:d3:c8:91:2d:80:ed:d9:
a4:87:4f:c0:09:13:3d:5b:d0:2c:b4:2f:81:07:51:39:54:1e:
8c:b2:2c:0b:96:9c:9e:8a:03:93:0c:0e:10:8a:4e:55:b2:73:
36:b6:11:98:3a:fe:4b:ed:e2:b1:d3:b9:50:e8:5a:d3:41:16:
53:47:b9:09:48:96:a7:65:ca:36:c5:e9:b8:71:45:8a:84:d4:
48:17:94:cc:f0:3c:e6:0c:16:04:c5:55:49:11:b8:e4:7d:55:
ad:ef:f0:b7:36:4d:07:55:b3:a2:16:b8:67:c5:4b:e0:d5:f9:
f9:67:8f:76:44:99:5e:5c:a0:01:82:c8:7d:1e:14:fc:b4:90:
6b:06:de:a4:53:70:18:46:bd:4b:62:30:2d:e6:3b:01:f3:89:
c2:9d:75:5f:d6:bf:0e:c4:e1:bf:99:38:08:5e:8f:04:dc:b5:
7f:82:15:b2:20:a5:82:a7:24:4b:80:47:bb:e7:02:fd:38:2f:
46:c0:30:b2:16:17:b7:9b:02:d0:d6:81:b2:ea:b7:10:c7:50:
d0:8a:5a:56
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEOGDfeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTg2YjdhNzM0YWJlNGViNzNmNGM5NjZhZjY2YmVkYTc0NTliNzVmMB4XDTIyMDEw
MTA0NTczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGUyMzg2NzAxM2Q2
ODcxZTMzMWMxODQ2Y2QyNTk0OWYzMTJlZmJhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOLuOFBs3JIThdkmD1Hxm3cDPB8iqseXl/WpYErcxPqevts0
KzOf+BOz9SYJjF7m/aY4BU3OHa7s5vCv48lvMl1kO4YUe+YWI6d3YENF2fu+9gWH
ECr5vS8Lo+0SmuDMJsLI673Pk8pFKjtg+QZ9gaItxPaqdK2LnHt6mEMObL2fRIv+
GjMopNtgtkyKC0vQX2FUuSK5m5EnLY7zfxa3k5DzZgHvZz0Pstf1MQZYQxPu5Vxr
Z90Il4vv14Et7jt+K4v8Td2tGq6oyIzYRQUpjk2LEENbYAZ3OLS3XGRavEY2rkkj
PkX6MeTRp16FiSWbWlvSIFImt77kisQKzMpGGPsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQOI4ZwE9aHHjMcGEbNJZSfMS77rDAfBgNVHSMEGDAWgBQ6hrenNKvk63P0
yWavZr7adFm3XzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09vYTNwelNyNU90ejlNbG1yMmEtMm5SWnQxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvNDVlY2ZmLWEzODItNDU2NC1iNTdmLWEzY2QwOTU4YzdmMS8x
L0RpT0djQlBXaHg0ekhCaEd6U1dVbnpFdS02dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
NDVlY2ZmLWEzODItNDU2NC1iNTdmLWEzY2QwOTU4YzdmMS8xL09vYTNwelNyNU90
ejlNbG1yMmEtMm5SWnQxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABCEgIBDANBgkqhkiG9w0BAQsF
AAOCAQEAdJyUNmr/C0/Ve9+B26B0b7zYxFvWCwyGV5foNIukH0AWTFcrKvYsz14V
pG6rI5DTyJEtgO3ZpIdPwAkTPVvQLLQvgQdROVQejLIsC5acnooDkwwOEIpOVbJz
NrYRmDr+S+3isdO5UOha00EWU0e5CUiWp2XKNsXpuHFFioTUSBeUzPA85gwWBMVV
SRG45H1Vre/wtzZNB1Wzoha4Z8VL4NX5+WePdkSZXlygAYLIfR4U/LSQawbepFNw
GEa9S2IwLeY7AfOJwp11X9a/DsThv5k4CF6PBNy1f4IVsiClgqckS4BHu+cC/Tgv
RsAwshYXt5sC0NaBsuq3EMdQ0IpaVg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:22 2025 by rpki-client