Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/OcQbnJ3eD-NwfyEJ2Be-48b7lU8.roa
File: OcQbnJ3eD-NwfyEJ2Be-48b7lU8.roa (raw, json)
Hash identifier: G9JcWPcz4Qdo8+tm82eJXDqdi4d4JaQgWrc7owuaTes=
Subject key identifier: 39:C4:1B:9C:9D:DE:0F:E3:70:7F:21:09:D8:17:BE:E3:C6:FB:95:4F
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 0181D191E5E234FB1B044BC1EF14A9EB4F47
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/OcQbnJ3eD-NwfyEJ2Be-48b7lU8.roa
Signing time: Wed 06 Jul 2022 03:33:28 +0000
ROA not before: Wed 06 Jul 2022 03:33:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
151.216.5.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
2001:7fc:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d1:91:e5:e2:34:fb:1b:04:4b:c1:ef:14:a9:eb:4f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Jul 6 03:33:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39c41b9c9dde0fe3707f2109d817bee3c6fb954f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:f0:5c:ea:ac:c8:33:ad:6c:b6:59:af:51:
ec:1a:fb:56:4b:6e:9f:66:bb:60:c2:e9:4b:0d:a6:
34:07:5e:63:5c:92:2f:a1:75:45:cc:5a:91:53:9f:
ea:02:94:8e:45:ca:61:e3:3a:43:1e:47:7d:a0:f4:
16:9e:ab:4f:b9:bd:6a:20:56:45:82:ea:92:61:8f:
fa:66:f4:c8:df:2b:54:2d:e9:57:fc:98:72:dd:ae:
2c:c6:60:2a:ad:b5:83:bd:f7:f6:b9:57:a9:db:4a:
d8:b7:5d:1b:f2:82:41:0a:65:37:58:6c:5f:44:87:
46:f4:1d:ce:9a:7a:a7:dc:b7:d5:24:20:99:c8:a6:
3e:03:ee:d0:f0:dd:61:8e:61:2e:9b:07:2c:1a:79:
6a:c4:d2:db:86:4a:70:2f:7f:06:88:6d:6c:26:93:
1a:df:21:e5:bc:67:76:df:22:8c:67:17:c1:68:e9:
0a:45:ea:7f:b3:7d:5d:b4:0d:02:88:45:57:8f:6b:
e9:7a:85:50:5e:60:3e:6e:ea:9b:fd:47:71:1d:58:
55:9b:64:b3:de:d2:08:97:6c:cc:25:ac:47:2d:a2:
c0:47:2e:a0:3f:52:98:4d:28:b4:3c:cd:c7:9c:96:
83:e4:84:5f:97:b1:3d:86:ef:f8:ce:b5:64:05:08:
58:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C4:1B:9C:9D:DE:0F:E3:70:7F:21:09:D8:17:BE:E3:C6:FB:95:4F
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/OcQbnJ3eD-NwfyEJ2Be-48b7lU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/23
IPv6:
2001:7fc:2::/47
Signature Algorithm: sha256WithRSAEncryption
37:6d:dc:2d:46:37:54:eb:87:c5:b3:5f:eb:a0:5a:68:e1:ce:
ad:a5:a0:9f:47:dd:3d:6a:bb:ae:25:dc:91:48:30:19:e4:66:
e8:02:6f:72:c7:b8:58:e9:7b:aa:49:2a:1a:25:89:89:f5:b0:
2d:1b:f4:f2:1e:97:7d:fe:5a:be:1b:38:0a:70:8d:c0:aa:fd:
63:b8:89:71:65:60:d2:73:6e:28:fc:08:35:86:de:c3:66:91:
34:a8:c5:87:8f:cb:d6:c8:09:47:31:01:6a:8b:0a:21:7f:30:
3a:7c:b7:dc:a6:ec:c6:80:e1:59:3a:08:df:f1:e8:68:18:37:
a2:f2:9f:5e:57:8f:67:ad:35:24:3c:69:d0:5b:90:35:b4:35:
ee:b6:32:fb:00:7e:83:4b:ce:27:2b:ec:40:9c:41:3f:02:a1:
7e:04:cc:44:c9:fe:ee:ad:a9:e8:77:0e:dd:fc:1d:8f:a2:62:
70:b8:ee:fc:e0:0c:09:52:1c:fa:2f:61:f4:49:d6:c6:52:f5:
24:6d:39:42:19:b1:40:de:ba:41:5f:b9:de:f0:5a:56:17:72:
48:0f:8f:9e:35:84:44:d9:9d:ad:04:e7:32:09:40:e6:ce:42:
e1:d3:8a:70:20:42:45:84:b1:d4:c0:f4:f1:eb:c6:56:bb:32:
02:35:15:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYHRkeXiNPsbBEvB7xSp609HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiM2RhNmU5OWM2NjY1MTNhMmNlZTVmMGUwZDNhYjc0NWYx
NjdkYzMwHhcNMjIwNzA2MDMzMzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM0MWI5YzlkZGUwZmUzNzA3ZjIxMDlkODE3YmVlM2M2ZmI5NTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK3wXOqsyDOtbLZZr1HsGvtWS26f
ZrtgwulLDaY0B15jXJIvoXVFzFqRU5/qApSORcph4zpDHkd9oPQWnqtPub1qIFZF
guqSYY/6ZvTI3ytULelX/Jhy3a4sxmAqrbWDvff2uVep20rYt10b8oJBCmU3WGxf
RIdG9B3Omnqn3LfVJCCZyKY+A+7Q8N1hjmEumwcsGnlqxNLbhkpwL38GiG1sJpMa
3yHlvGd23yKMZxfBaOkKRep/s31dtA0CiEVXj2vpeoVQXmA+buqb/UdxHVhVm2Sz
3tIIl2zMJaxHLaLARy6gP1KYTSi0PM3HnJaD5IRfl7E9hu/4zrVkBQhYkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDnEG5yd3g/jcH8hCdgXvuPG+5VPMB8GA1UdIwQY
MBaAFEs9pumcZmUTos7l8ODTq3RfFn3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3oybTZaeG1aUk9penVYdzROT3JkRjhXZmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82ZjIzMmUtMjI3NS00NGU5LTkxYzAt
YzczOTdhMjY2OWE5LzEvT2NRYm5KM2VELU53ZnlFSjJCZS00OGI3bFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82ZjIzMmUtMjI3NS00NGU5LTkxYzAtYzczOTdhMjY2OWE5
LzEvU3oybTZaeG1aUk9penVYdzROT3JkRjhXZmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBl9gEMA8E
AgACMAkDBwEgAQf8AAIwDQYJKoZIhvcNAQELBQADggEBADdt3C1GN1Trh8WzX+ug
Wmjhzq2loJ9H3T1qu64l3JFIMBnkZugCb3LHuFjpe6pJKholiYn1sC0b9PIel33+
Wr4bOApwjcCq/WO4iXFlYNJzbij8CDWG3sNmkTSoxYePy9bICUcxAWqLCiF/MDp8
t9ym7MaA4Vk6CN/x6GgYN6Lyn15Xj2etNSQ8adBbkDW0Ne62MvsAfoNLzicr7ECc
QT8CoX4EzETJ/u6tqeh3Dt38HY+iYnC47vzgDAlSHPovYfRJ1sZS9SRtOUIZsUDe
ukFfud7wWlYXckgPj541hETZna0E5zIJQObOQuHTinAgQkWEsdTA9PHrxla7MgI1
Fcg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:25 2025 by rpki-client