Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d5d6e5-c60f-4479-9b52-960c266eca5d/1/O2A2ba-DPRj_VCj1WNttrfPqIuU.roa
File: O2A2ba-DPRj_VCj1WNttrfPqIuU.roa (raw, json)
Hash identifier: MnKxVHGQEFfXE5Ew19C3FZeoZO5UxKQL1M52DF14tV4=
Subject key identifier: 3B:60:36:6D:AF:83:3D:18:FF:54:28:F5:58:DB:6D:AD:F3:EA:22:E5
Certificate issuer: /CN=8aaf2268d47e7cd5459d7a006ebc51d3eb9458c9
Certificate serial: 01856DCB02ECAB36BEE902482D707E1278DD
Authority key identifier: 8A:AF:22:68:D4:7E:7C:D5:45:9D:7A:00:6E:BC:51:D3:EB:94:58:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iq8iaNR-fNVFnXoAbrxR0-uUWMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d5d6e5-c60f-4479-9b52-960c266eca5d/1/O2A2ba-DPRj_VCj1WNttrfPqIuU.roa
Signing time: Sun 01 Jan 2023 14:44:59 +0000
ROA not before: Sun 01 Jan 2023 14:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201106
IP address blocks: 62.3.24.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:02:ec:ab:36:be:e9:02:48:2d:70:7e:12:78:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aaf2268d47e7cd5459d7a006ebc51d3eb9458c9
Validity
Not Before: Jan 1 14:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b60366daf833d18ff5428f558db6dadf3ea22e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:92:00:95:31:5f:8a:48:44:bf:c4:1c:70:1a:
96:dc:15:b7:c6:b4:97:ba:d9:cb:72:fc:78:93:e3:
fd:73:a4:1b:34:e8:bd:7c:4f:27:ab:1e:5c:88:f8:
7b:be:57:1c:aa:3d:8f:3b:11:dc:29:d5:55:b9:4c:
4d:b3:64:bd:6a:c3:23:22:bd:db:37:2a:33:e9:72:
c0:a0:a6:9a:39:c1:60:f9:ec:6f:5e:07:a4:bc:21:
fa:91:0c:79:00:52:ef:83:ee:d4:6c:45:85:2e:26:
4f:0b:85:cb:4f:9a:02:dc:ba:6c:b3:a9:86:6c:52:
38:63:b4:e2:bd:68:ba:41:ff:8f:49:34:a8:b1:a4:
35:fb:73:f8:05:b8:ef:a7:11:a0:60:f3:8e:98:47:
52:4a:24:42:ca:e4:80:a8:2a:7c:af:d0:4a:42:45:
2c:a9:51:48:f4:34:ec:16:e1:fb:69:ea:63:46:4e:
71:da:8c:ea:90:95:30:dd:db:0c:00:2e:f5:42:9f:
e5:ee:43:6a:e8:11:70:a6:cb:e6:09:cd:ed:b1:cb:
3f:0e:51:6e:76:7c:fe:60:c0:ae:01:b9:f8:4e:21:
87:ab:42:76:60:16:ab:13:17:2b:66:2a:7b:07:15:
55:e9:1a:e4:a6:cd:0f:2c:fd:ea:3c:1d:11:e2:eb:
8d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:60:36:6D:AF:83:3D:18:FF:54:28:F5:58:DB:6D:AD:F3:EA:22:E5
X509v3 Authority Key Identifier:
keyid:8A:AF:22:68:D4:7E:7C:D5:45:9D:7A:00:6E:BC:51:D3:EB:94:58:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq8iaNR-fNVFnXoAbrxR0-uUWMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d5d6e5-c60f-4479-9b52-960c266eca5d/1/O2A2ba-DPRj_VCj1WNttrfPqIuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d5d6e5-c60f-4479-9b52-960c266eca5d/1/iq8iaNR-fNVFnXoAbrxR0-uUWMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.24.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:87:08:70:58:e6:66:2f:6d:46:9a:4d:dc:aa:23:05:48:4f:
9d:a0:b9:44:27:74:64:01:6b:a5:70:0c:4c:b8:66:99:b6:d7:
3e:a5:d0:f2:54:f2:87:cd:ec:a2:87:b1:b5:51:14:e5:fe:74:
5c:04:b9:37:48:2e:af:a7:84:f4:b6:40:6f:0a:a8:65:d6:5b:
d8:a9:c4:33:2e:bf:45:1c:5d:1d:04:6e:66:cd:dd:8f:59:a2:
7a:f7:e8:81:a4:95:0a:ff:c9:70:5c:60:94:b2:97:5b:85:97:
5b:48:69:13:05:c9:72:b0:84:5b:8a:ae:15:7f:51:e4:b5:6a:
ab:b7:5d:4f:19:6b:5d:94:55:db:58:80:70:94:3e:7a:77:52:
0d:5a:4e:ce:dd:04:1a:29:16:51:1a:99:28:cb:41:26:aa:72:
07:9c:53:b2:73:d9:9b:76:21:e9:aa:8b:ba:67:5d:fc:db:67:
d2:aa:c3:42:20:72:00:a0:db:b8:68:0b:76:c6:39:ee:90:ba:
d6:63:46:6b:2e:dc:b8:52:cd:5a:3d:8c:f9:e1:2f:cf:f5:1b:
71:bf:be:ef:78:3b:79:50:c2:62:ce:4f:0a:11:c1:f5:be:4c:
07:62:a0:9a:81:bb:aa:dd:ec:71:9e:24:87:76:6a:40:ce:95:
ea:10:a6:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtywLsqza+6QJILXB+EnjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWYyMjY4ZDQ3ZTdjZDU0NTlkN2EwMDZlYmM1MWQzZWI5
NDU4YzkwHhcNMjMwMTAxMTQ0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjYwMzY2ZGFmODMzZDE4ZmY1NDI4ZjU1OGRiNmRhZGYzZWEyMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5IAlTFfikhEv8QccBqW3BW3xrSX
utnLcvx4k+P9c6QbNOi9fE8nqx5ciPh7vlccqj2POxHcKdVVuUxNs2S9asMjIr3b
Nyoz6XLAoKaaOcFg+exvXgekvCH6kQx5AFLvg+7UbEWFLiZPC4XLT5oC3Lpss6mG
bFI4Y7TivWi6Qf+PSTSosaQ1+3P4BbjvpxGgYPOOmEdSSiRCyuSAqCp8r9BKQkUs
qVFI9DTsFuH7aepjRk5x2ozqkJUw3dsMAC71Qp/l7kNq6BFwpsvmCc3tscs/DlFu
dnz+YMCuAbn4TiGHq0J2YBarExcrZip7BxVV6Rrkps0PLP3qPB0R4uuNnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtgNm2vgz0Y/1Qo9Vjbba3z6iLlMB8GA1UdIwQY
MBaAFIqvImjUfnzVRZ16AG68UdPrlFjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXE4aWFOUi1mTlZGblhvQWJyeFIwLXVVV01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kNWQ2ZTUtYzYwZi00NDc5LTliNTIt
OTYwYzI2NmVjYTVkLzEvTzJBMmJhLURQUmpfVkNqMVdOdHRyZlBxSXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kNWQ2ZTUtYzYwZi00NDc5LTliNTItOTYwYzI2NmVjYTVk
LzEvaXE4aWFOUi1mTlZGblhvQWJyeFIwLXVVV01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMYMA0G
CSqGSIb3DQEBCwUAA4IBAQAshwhwWOZmL21Gmk3cqiMFSE+doLlEJ3RkAWulcAxM
uGaZttc+pdDyVPKHzeyih7G1URTl/nRcBLk3SC6vp4T0tkBvCqhl1lvYqcQzLr9F
HF0dBG5mzd2PWaJ69+iBpJUK/8lwXGCUspdbhZdbSGkTBclysIRbiq4Vf1HktWqr
t11PGWtdlFXbWIBwlD56d1INWk7O3QQaKRZRGpkoy0EmqnIHnFOyc9mbdiHpqou6
Z13822fSqsNCIHIAoNu4aAt2xjnukLrWY0ZrLty4Us1aPYz54S/P9Rtxv77veDt5
UMJizk8KEcH1vkwHYqCagbuq3exxniSHdmpAzpXqEKZS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:23 2024 by rpki-client on console-fra.rpki-client.org