Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/O49qTnvW-RsHbXWlcy2w8JDGP9w.roa
File: O49qTnvW-RsHbXWlcy2w8JDGP9w.roa (raw, json)
Hash identifier: SlwPLTb8+2JAdjkFnzUN1pNZqMIrA1hZo9OaUxnbcSY=
Subject key identifier: 3B:8F:6A:4E:7B:D6:F9:1B:07:6D:75:A5:73:2D:B0:F0:90:C6:3F:DC
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018F5E64D23E0913FE31BA5EF48749EE0034
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/O49qTnvW-RsHbXWlcy2w8JDGP9w.roa
Signing time: Thu 09 May 2024 17:26:56 +0000
ROA not before: Thu 09 May 2024 17:26:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a0f:eb03::/32 maxlen: 32
2a13:a446::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:64:d2:3e:09:13:fe:31:ba:5e:f4:87:49:ee:00:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: May 9 17:26:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b8f6a4e7bd6f91b076d75a5732db0f090c63fdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:85:5a:2e:e8:6f:2b:cc:d3:1e:79:f8:24:c1:
00:87:f3:0c:d0:cd:43:33:4e:47:6b:0d:25:d9:2c:
98:0a:88:08:5c:76:3e:35:48:9e:b4:32:5a:32:23:
70:33:bf:b8:eb:ac:ce:9f:7f:c3:fa:03:ce:b7:3c:
9a:43:b0:96:bf:83:b7:2e:5c:99:6e:da:c9:12:19:
48:98:1a:3f:c8:ff:99:47:f5:6f:8c:f4:de:66:85:
53:5d:8a:de:8d:27:a0:c9:f5:16:6f:17:80:0c:c6:
32:a9:75:c9:95:27:10:f1:71:be:92:96:4f:b9:b1:
7c:b3:19:f2:76:e7:93:49:dc:df:67:50:55:5b:a1:
5d:ab:2a:0c:72:1e:8f:1e:80:44:ad:0e:3b:56:2a:
93:fc:a4:0b:53:23:73:6d:8a:ea:f0:fb:90:16:a1:
56:f0:ba:de:91:d1:4f:85:09:d0:cd:73:7b:0b:55:
3c:fd:75:f6:14:27:98:95:a1:d0:96:83:3f:e6:8c:
92:3e:e3:49:15:bf:1e:b5:1f:bc:1b:da:12:05:11:
8a:d8:2c:11:c6:b1:a6:6f:a3:04:c8:f0:6d:16:75:
0c:80:9d:59:51:62:30:85:86:1a:37:59:f3:d5:51:
95:d5:9f:78:c3:85:e3:39:17:4b:be:9e:29:46:65:
15:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8F:6A:4E:7B:D6:F9:1B:07:6D:75:A5:73:2D:B0:F0:90:C6:3F:DC
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/O49qTnvW-RsHbXWlcy2w8JDGP9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:eb03::/32
2a13:a446::/31
Signature Algorithm: sha256WithRSAEncryption
84:d7:86:1f:b5:56:f5:ca:ce:c9:1b:07:4a:ac:b0:41:6a:df:
c3:36:13:45:04:32:fc:c3:40:5c:59:25:75:17:04:4d:42:5b:
06:42:b4:0b:1a:9d:81:b5:43:0a:0e:71:94:59:79:66:8e:44:
56:b2:f6:86:66:42:ec:a9:61:05:ec:7b:f6:9b:01:d5:66:f4:
c1:1c:6c:95:e2:19:ec:b9:5e:20:a4:05:a1:68:7b:78:ce:9c:
d6:4f:10:ba:a7:be:8d:0a:53:d1:6e:7b:5f:bf:19:42:09:17:
74:a0:5c:72:a1:2a:bf:43:d5:76:20:f2:7f:77:7c:4d:bc:5d:
29:96:fa:c3:0a:8b:87:8f:f7:61:6d:fc:f1:eb:4e:88:16:0b:
74:92:aa:64:eb:15:b1:29:1f:72:cb:cd:9d:0a:5c:71:32:02:
03:88:de:c1:2e:5f:9c:a0:36:22:cc:99:8e:03:20:98:90:2a:
94:1a:5a:ca:a5:6f:1e:6e:e9:0c:d6:ff:33:12:dd:90:f8:57:
10:ab:0f:cc:23:5b:da:56:51:0a:f6:20:c9:34:c1:67:fb:9a:
e6:6f:eb:40:10:77:e9:71:55:b7:f5:f9:4e:f3:42:34:7f:00:
f0:20:e9:8f:0e:77:7f:97:09:1f:8c:f0:d1:5c:c3:9c:2a:51:
5b:fe:b0:50
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY9eZNI+CRP+Mbpe9IdJ7gA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNTA5MTcyNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhmNmE0ZTdiZDZmOTFiMDc2ZDc1YTU3MzJkYjBmMDkwYzYzZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIVaLuhvK8zTHnn4JMEAh/MM0M1D
M05Haw0l2SyYCogIXHY+NUietDJaMiNwM7+466zOn3/D+gPOtzyaQ7CWv4O3LlyZ
btrJEhlImBo/yP+ZR/VvjPTeZoVTXYrejSegyfUWbxeADMYyqXXJlScQ8XG+kpZP
ubF8sxnydueTSdzfZ1BVW6FdqyoMch6PHoBErQ47ViqT/KQLUyNzbYrq8PuQFqFW
8LrekdFPhQnQzXN7C1U8/XX2FCeYlaHQloM/5oySPuNJFb8etR+8G9oSBRGK2CwR
xrGmb6MEyPBtFnUMgJ1ZUWIwhYYaN1nz1VGV1Z94w4XjORdLvp4pRmUVswIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDuPak571vkbB211pXMtsPCQxj/cMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvTzQ5cVRudlctUnNIYlhXbGN5Mnc4SkRHUDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg/rAwMF
ASoTpEYwDQYJKoZIhvcNAQELBQADggEBAITXhh+1VvXKzskbB0qssEFq38M2E0UE
MvzDQFxZJXUXBE1CWwZCtAsanYG1QwoOcZRZeWaORFay9oZmQuypYQXse/abAdVm
9MEcbJXiGey5XiCkBaFoe3jOnNZPELqnvo0KU9Fue1+/GUIJF3SgXHKhKr9D1XYg
8n93fE28XSmW+sMKi4eP92Ft/PHrTogWC3SSqmTrFbEpH3LLzZ0KXHEyAgOI3sEu
X5ygNiLMmY4DIJiQKpQaWsqlbx5u6QzW/zMS3ZD4VxCrD8wjW9pWUQr2IMk0wWf7
muZv60AQd+lxVbf1+U7zQjR/APAg6Y8Od3+XCR+M8NFcw5wqUVv+sFA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:38 2025 by rpki-client