Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c7a255-16a5-4d4c-a737-692f6a89839a/1/O8YdwMDXWHvo68kCxQ9EX71j7z0.roa
File: O8YdwMDXWHvo68kCxQ9EX71j7z0.roa (raw, json)
Hash identifier: wcgOKW8vp6oOAT/1M6bjyXS/p6VSgAAMqaniOAnXQkQ=
Subject key identifier: 3B:C6:1D:C0:C0:D7:58:7B:E8:EB:C9:02:C5:0F:44:5F:BD:63:EF:3D
Certificate issuer: /CN=71f6cf046dc0060cc53f39a94f62557ef00a8993
Certificate serial: 01843743A113A373F088D7EC744972F8E1C5
Authority key identifier: 71:F6:CF:04:6D:C0:06:0C:C5:3F:39:A9:4F:62:55:7E:F0:0A:89:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cfbPBG3ABgzFPzmpT2JVfvAKiZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c7a255-16a5-4d4c-a737-692f6a89839a/1/O8YdwMDXWHvo68kCxQ9EX71j7z0.roa
Signing time: Wed 02 Nov 2022 07:34:49 +0000
ROA not before: Wed 02 Nov 2022 07:34:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20454
IP address blocks: 147.78.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:43:a1:13:a3:73:f0:88:d7:ec:74:49:72:f8:e1:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71f6cf046dc0060cc53f39a94f62557ef00a8993
Validity
Not Before: Nov 2 07:34:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bc61dc0c0d7587be8ebc902c50f445fbd63ef3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:89:17:72:fb:15:65:52:f6:fc:d3:30:c2:72:
e4:1d:62:e5:69:fb:c7:52:ac:f6:6e:0c:0d:2c:80:
44:dc:9b:04:f0:ec:e8:0d:e2:ce:99:e8:e3:bc:6e:
52:4d:8b:4f:c9:48:f5:c8:96:89:33:41:4d:dd:8f:
21:57:56:a5:67:17:00:2f:44:bd:bd:bb:a4:88:29:
0b:b0:af:c1:b3:5d:59:cd:32:37:f5:af:ae:53:c6:
0c:27:95:81:06:ed:c6:3b:8c:27:00:e9:29:82:38:
fe:4f:b2:e4:6c:c8:a9:52:fb:9d:9e:5a:fb:0e:d3:
b9:e2:c6:48:f3:8e:04:42:ee:68:ad:51:7d:c3:ca:
10:1e:b6:22:43:df:07:80:05:75:13:4c:da:9d:52:
50:99:84:ec:0b:43:29:7d:85:af:87:6b:6d:e5:83:
24:58:40:52:d1:20:48:34:f1:26:06:e8:43:e7:11:
bb:6c:3b:a1:e7:4d:4d:37:4f:94:ca:fb:7a:88:98:
85:07:ac:b9:ac:e6:2d:8d:73:87:1d:41:59:a4:a4:
14:fd:51:0d:a6:a2:4f:c7:9d:b9:1e:c2:9a:02:81:
2d:cc:88:38:34:75:a1:9e:fd:29:fb:7a:ac:e1:54:
d6:85:89:cd:5b:4d:36:76:6a:32:6c:6c:d2:9f:87:
23:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C6:1D:C0:C0:D7:58:7B:E8:EB:C9:02:C5:0F:44:5F:BD:63:EF:3D
X509v3 Authority Key Identifier:
keyid:71:F6:CF:04:6D:C0:06:0C:C5:3F:39:A9:4F:62:55:7E:F0:0A:89:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfbPBG3ABgzFPzmpT2JVfvAKiZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c7a255-16a5-4d4c-a737-692f6a89839a/1/O8YdwMDXWHvo68kCxQ9EX71j7z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c7a255-16a5-4d4c-a737-692f6a89839a/1/cfbPBG3ABgzFPzmpT2JVfvAKiZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.102.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:eb:61:c8:c1:5a:f0:a2:bc:ed:c2:15:88:dd:94:35:17:fd:
87:67:42:d9:f0:e4:8f:3d:0a:93:a5:07:8d:88:e9:f7:7d:dd:
ac:ff:ff:b6:d2:43:54:08:91:59:13:60:5e:ae:7d:52:82:34:
52:18:34:0d:6a:24:87:e7:5b:c7:38:e6:8c:ac:cd:6e:b2:ea:
a8:31:00:01:0b:38:5b:3b:be:eb:3a:28:a4:6a:47:b0:33:e8:
1b:db:6d:ef:aa:30:84:b9:8c:f1:c1:21:51:2c:c6:9d:01:74:
56:59:9f:08:2c:0b:c9:6c:2e:60:a1:14:1e:bf:75:8d:15:27:
e9:53:e1:8b:cd:4b:fe:b0:ce:b1:3e:23:19:cc:ef:60:b4:cd:
7d:87:65:4b:44:b7:5d:ab:e7:bc:d4:e0:0f:c7:65:2a:38:c3:
3f:d7:91:f4:de:cd:0f:bf:3e:76:94:35:0d:8f:6e:e4:8c:44:
7f:af:bd:9f:bc:98:75:2c:6f:58:8c:e9:a8:79:c4:23:76:8e:
45:27:79:db:80:87:16:6b:0c:53:a0:59:40:33:ad:b0:e5:06:
53:78:c7:c9:95:ed:10:f2:56:75:96:5a:db:d2:5b:10:4d:f6:
05:16:86:3f:59:ba:60:9f:98:e3:26:7a:68:4f:37:fd:83:45:
0e:7c:e4:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ3Q6ETo3PwiNfsdEly+OHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZjZjZjA0NmRjMDA2MGNjNTNmMzlhOTRmNjI1NTdlZjAw
YTg5OTMwHhcNMjIxMTAyMDczNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM2MWRjMGMwZDc1ODdiZThlYmM5MDJjNTBmNDQ1ZmJkNjNlZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IkXcvsVZVL2/NMwwnLkHWLlafvH
Uqz2bgwNLIBE3JsE8OzoDeLOmejjvG5STYtPyUj1yJaJM0FN3Y8hV1alZxcAL0S9
vbukiCkLsK/Bs11ZzTI39a+uU8YMJ5WBBu3GO4wnAOkpgjj+T7LkbMipUvudnlr7
DtO54sZI844EQu5orVF9w8oQHrYiQ98HgAV1E0zanVJQmYTsC0MpfYWvh2tt5YMk
WEBS0SBINPEmBuhD5xG7bDuh501NN0+Uyvt6iJiFB6y5rOYtjXOHHUFZpKQU/VEN
pqJPx525HsKaAoEtzIg4NHWhnv0p+3qs4VTWhYnNW002dmoybGzSn4cjGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvGHcDA11h76OvJAsUPRF+9Y+89MB8GA1UdIwQY
MBaAFHH2zwRtwAYMxT85qU9iVX7wComTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ZiUEJHM0FCZ3pGUHptcFQySlZmdkFLaVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jN2EyNTUtMTZhNS00ZDRjLWE3Mzct
NjkyZjZhODk4MzlhLzEvTzhZZHdNRFhXSHZvNjhrQ3hROUVYNzFqN3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jN2EyNTUtMTZhNS00ZDRjLWE3MzctNjkyZjZhODk4Mzlh
LzEvY2ZiUEJHM0FCZ3pGUHptcFQySlZmdkFLaVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk05mMA0G
CSqGSIb3DQEBCwUAA4IBAQCl62HIwVrworztwhWI3ZQ1F/2HZ0LZ8OSPPQqTpQeN
iOn3fd2s//+20kNUCJFZE2Bern1SgjRSGDQNaiSH51vHOOaMrM1usuqoMQABCzhb
O77rOiikakewM+gb223vqjCEuYzxwSFRLMadAXRWWZ8ILAvJbC5goRQev3WNFSfp
U+GLzUv+sM6xPiMZzO9gtM19h2VLRLddq+e81OAPx2UqOMM/15H03s0Pvz52lDUN
j27kjER/r72fvJh1LG9YjOmoecQjdo5FJ3nbgIcWawxToFlAM62w5QZTeMfJle0Q
8lZ1llrb0lsQTfYFFoY/Wbpgn5jjJnpoTzf9g0UOfOTx
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:26 2025 by rpki-client