Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/O4hsLYqHDHOc5YtrhKrxfVw253c.roa
File: O4hsLYqHDHOc5YtrhKrxfVw253c.roa (raw, json)
Hash identifier: ftP8M0zBEeWH13FQ0ROC4yQQqu5d0hiLyMqOEpuSB2s=
Subject key identifier: 3B:88:6C:2D:8A:87:0C:73:9C:E5:8B:6B:84:AA:F1:7D:5C:36:E7:77
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 019425FD9C425FE912C7C780A7B29DE8D415
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/O4hsLYqHDHOc5YtrhKrxfVw253c.roa
Signing time: Thu 02 Jan 2025 07:49:24 +0000
ROA not before: Thu 02 Jan 2025 07:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6939
IP address blocks: 2a0e:da40:1::/48 maxlen: 128
2a0e:da40:da40::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9c:42:5f:e9:12:c7:c7:80:a7:b2:9d:e8:d4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 2 07:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b886c2d8a870c739ce58b6b84aaf17d5c36e777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:29:d9:eb:35:3e:5d:8f:e3:0b:fd:6e:9d:02:
2f:00:36:51:f4:fa:7e:ae:46:16:c9:17:f5:42:51:
de:f1:e8:fb:3d:f8:f7:54:0b:2c:cf:4f:30:94:5c:
b7:e6:80:ac:1b:63:32:97:6c:8a:57:30:5f:cf:91:
16:66:40:ce:5a:54:2e:15:78:25:7b:1b:0e:74:03:
22:bb:fc:58:3a:8a:10:06:69:5d:31:98:e3:a9:55:
73:8a:80:31:f8:1f:0e:c4:22:3e:e7:7a:18:6c:e4:
c4:71:a6:ee:a4:95:e6:54:1e:fd:5b:0d:22:cb:f1:
6b:97:0d:9a:74:6a:52:d4:ec:8f:c7:14:1c:74:c2:
3e:c1:90:4b:69:37:9d:6c:e6:cf:00:e8:0a:36:a9:
fb:3b:23:5e:39:c4:42:e0:de:83:2a:3a:ee:4e:86:
34:3a:3f:1b:cd:a6:21:d6:33:78:94:30:57:16:c1:
7e:25:d3:4a:d9:1f:e8:b1:80:f5:df:b6:d5:bf:aa:
7f:d6:76:c9:f9:ca:51:10:6a:47:75:a7:0b:36:cc:
e1:b6:28:bc:85:78:0c:5d:09:37:8f:67:c4:9a:d7:
15:88:76:39:d7:a0:60:81:4e:f9:30:1d:e1:59:6d:
9e:ff:21:74:a1:b9:99:b5:cd:02:bf:4d:3a:a4:a9:
a2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:88:6C:2D:8A:87:0C:73:9C:E5:8B:6B:84:AA:F1:7D:5C:36:E7:77
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/O4hsLYqHDHOc5YtrhKrxfVw253c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:da40:1::/48
2a0e:da40:da40::/48
Signature Algorithm: sha256WithRSAEncryption
41:2d:a1:aa:c2:02:95:62:f6:b0:be:96:92:27:17:4d:2e:72:
62:89:be:d7:60:db:1a:fc:bf:75:99:79:6c:39:6a:6a:e9:e1:
24:24:5e:51:1a:f2:b5:36:f6:65:3e:08:cc:fd:df:70:80:ad:
de:aa:bb:4b:97:09:7c:84:3d:b8:47:e7:73:92:82:18:a2:93:
ea:42:d1:27:a4:89:8e:fd:b6:86:a5:ed:a7:9e:2b:78:d2:37:
81:60:33:22:2a:af:4a:e0:60:88:b7:83:ca:3d:b8:fe:40:0d:
40:95:fa:21:ea:5f:cf:88:64:f7:02:c7:d8:17:3e:48:13:93:
a8:8e:1f:3f:1f:50:5e:47:0a:b2:e6:21:68:b9:05:df:9e:5b:
1b:27:47:0c:12:23:92:fc:b5:b0:5f:9a:df:32:68:ed:4f:6b:
26:1f:77:60:8f:5f:23:ea:31:57:38:b1:8d:80:81:40:4a:a9:
15:4e:8c:d4:c8:3d:eb:4a:61:c5:d8:8f:1a:e4:79:2a:5c:c9:
4d:e7:8f:a1:8b:68:50:d2:55:cf:29:05:9e:8f:61:db:25:f2:
85:ff:54:f9:88:03:4e:3a:e6:27:fa:49:d6:cc:0b:9b:c6:12:
ae:3a:61:67:b1:c7:41:50:ba:33:e4:57:c4:1b:ac:78:1c:0a:
cc:68:59:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/ZxCX+kSx8eAp7Kd6NQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjUwMTAyMDc0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjg4NmMyZDhhODcwYzczOWNlNThiNmI4NGFhZjE3ZDVjMzZlNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3inZ6zU+XY/jC/1unQIvADZR9Pp+
rkYWyRf1QlHe8ej7Pfj3VAssz08wlFy35oCsG2Myl2yKVzBfz5EWZkDOWlQuFXgl
exsOdAMiu/xYOooQBmldMZjjqVVzioAx+B8OxCI+53oYbOTEcabupJXmVB79Ww0i
y/Frlw2adGpS1OyPxxQcdMI+wZBLaTedbObPAOgKNqn7OyNeOcRC4N6DKjruToY0
Oj8bzaYh1jN4lDBXFsF+JdNK2R/osYD137bVv6p/1nbJ+cpREGpHdacLNszhtii8
hXgMXQk3j2fEmtcViHY516BggU75MB3hWW2e/yF0obmZtc0Cv006pKmiEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDuIbC2KhwxznOWLa4Sq8X1cNud3MB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvTzRoc0xZcUhESE9jNVl0cmhLcnhmVncyNTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg7aQAAB
AwcAKg7aQNpAMA0GCSqGSIb3DQEBCwUAA4IBAQBBLaGqwgKVYvawvpaSJxdNLnJi
ib7XYNsa/L91mXlsOWpq6eEkJF5RGvK1NvZlPgjM/d9wgK3eqrtLlwl8hD24R+dz
koIYopPqQtEnpImO/baGpe2nnit40jeBYDMiKq9K4GCIt4PKPbj+QA1Alfoh6l/P
iGT3AsfYFz5IE5Oojh8/H1BeRwqy5iFouQXfnlsbJ0cMEiOS/LWwX5rfMmjtT2sm
H3dgj18j6jFXOLGNgIFASqkVTozUyD3rSmHF2I8a5HkqXMlN54+hi2hQ0lXPKQWe
j2HbJfKF/1T5iANOOuYn+knWzAubxhKuOmFnscdBULoz5FfEG6x4HArMaFn1
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:57:06 2025 by rpki-client