Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/ac8fdc-9d55-45db-a243-f16697d72a71/1/OaynJV0qbIIk7EsSxRIucNannDI.roa
File: OaynJV0qbIIk7EsSxRIucNannDI.roa (raw, json)
Hash identifier: rLhfi7PeZU4mZH9NTsaCKUtzejxWWyeiOXooqE3dPpU=
Subject key identifier: 39:AC:A7:25:5D:2A:6C:82:24:EC:4B:12:C5:12:2E:70:D6:A7:9C:32
Certificate issuer: /CN=b2749bc9cd2cf8dffcf2ffed7884fbc13cb3e45d
Certificate serial: 019425FC8AAFF36B52F48E3ED26E5B178E05
Authority key identifier: B2:74:9B:C9:CD:2C:F8:DF:FC:F2:FF:ED:78:84:FB:C1:3C:B3:E4:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snSbyc0s-N_88v_teIT7wTyz5F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/ac8fdc-9d55-45db-a243-f16697d72a71/1/OaynJV0qbIIk7EsSxRIucNannDI.roa
Signing time: Thu 02 Jan 2025 07:48:15 +0000
ROA not before: Thu 02 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2001:678:580::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:8a:af:f3:6b:52:f4:8e:3e:d2:6e:5b:17:8e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2749bc9cd2cf8dffcf2ffed7884fbc13cb3e45d
Validity
Not Before: Jan 2 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39aca7255d2a6c8224ec4b12c5122e70d6a79c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d9:3c:fe:ba:60:38:12:67:1f:3f:67:ab:b2:
2e:14:ed:12:0b:81:32:1e:79:50:06:4e:e7:d0:61:
c9:be:fa:cd:ae:35:18:16:0a:6d:1a:8d:56:43:40:
bd:31:d1:ee:65:66:dd:10:31:aa:10:f3:83:2c:a2:
52:a4:9b:3e:5d:20:3e:93:17:b0:0c:0c:5b:a6:a0:
96:f6:d7:37:a0:81:2f:a7:66:3a:f7:98:d5:0b:ab:
03:a7:06:59:d6:cc:60:2b:26:80:63:27:e6:63:eb:
4c:2a:f6:4f:c1:42:b8:35:30:f5:0e:fb:c0:35:ff:
f4:76:a5:26:66:da:8b:ef:70:31:2a:05:21:bf:27:
35:51:fa:50:e6:62:3e:c1:66:d0:05:09:c8:d0:77:
43:dc:90:37:58:b9:03:35:f5:4c:ca:44:be:50:46:
59:87:bf:0f:3d:66:e4:18:b1:3d:b9:ab:3d:c4:46:
23:79:53:6e:00:72:4c:33:e3:3b:63:58:c4:e0:18:
30:2d:a9:82:c4:d1:8a:58:46:17:c5:04:c3:9e:c1:
11:76:f7:23:6c:43:c2:b6:0c:6d:f4:c1:5b:b7:05:
82:96:8e:ef:e5:58:11:d1:e1:1f:78:e8:ce:92:69:
44:59:6c:ee:51:73:b7:bd:87:99:f7:91:db:b6:b4:
5e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AC:A7:25:5D:2A:6C:82:24:EC:4B:12:C5:12:2E:70:D6:A7:9C:32
X509v3 Authority Key Identifier:
keyid:B2:74:9B:C9:CD:2C:F8:DF:FC:F2:FF:ED:78:84:FB:C1:3C:B3:E4:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snSbyc0s-N_88v_teIT7wTyz5F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/ac8fdc-9d55-45db-a243-f16697d72a71/1/OaynJV0qbIIk7EsSxRIucNannDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/ac8fdc-9d55-45db-a243-f16697d72a71/1/snSbyc0s-N_88v_teIT7wTyz5F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:580::/48
Signature Algorithm: sha256WithRSAEncryption
6a:8c:17:ba:d3:3b:8b:9f:9d:71:d0:4a:b5:4b:6f:50:9b:24:
1b:9b:55:05:be:fa:0d:06:c7:c8:fc:74:ef:1e:af:6b:dd:80:
ea:99:34:3c:d1:26:ad:a2:8c:a6:1a:72:77:76:9d:ee:d8:99:
52:00:f1:47:b4:f5:f1:cf:6b:db:3b:e1:1b:66:68:1d:02:0e:
57:08:ef:5d:78:c0:41:aa:4c:15:ba:ae:b0:d3:0b:80:a4:5b:
3f:b4:5d:3d:cd:d9:7f:fe:72:79:dd:09:82:db:64:41:73:f0:
62:c7:f6:80:7f:f9:a1:17:17:c7:d2:52:07:85:92:8b:38:b1:
f8:aa:e0:85:32:0e:ad:d5:51:6f:31:7d:0b:c9:97:e4:df:ef:
58:54:b5:0a:d7:85:4f:59:11:bc:31:4a:84:ba:7c:f2:21:49:
7c:aa:d7:d4:e3:e8:87:f9:be:a9:64:4e:6e:42:59:53:3c:8c:
78:07:10:b1:fa:fc:76:d5:f6:12:fe:e3:0e:b0:cb:71:be:8c:
22:cb:69:b0:5d:47:2d:1a:d4:3f:69:ec:c5:d2:05:a7:95:07:
b8:88:c3:7e:18:61:23:78:e6:34:fc:92:62:26:f9:8a:bd:2a:
44:86:c6:61:55:ca:b3:83:93:e1:a6:9d:e5:ce:06:e8:a6:ef:
e3:68:af:f8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/Iqv82tS9I4+0m5bF44FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzQ5YmM5Y2QyY2Y4ZGZmY2YyZmZlZDc4ODRmYmMxM2Ni
M2U0NWQwHhcNMjUwMTAyMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFjYTcyNTVkMmE2YzgyMjRlYzRiMTJjNTEyMmU3MGQ2YTc5YzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29k8/rpgOBJnHz9nq7IuFO0SC4Ey
HnlQBk7n0GHJvvrNrjUYFgptGo1WQ0C9MdHuZWbdEDGqEPODLKJSpJs+XSA+kxew
DAxbpqCW9tc3oIEvp2Y695jVC6sDpwZZ1sxgKyaAYyfmY+tMKvZPwUK4NTD1DvvA
Nf/0dqUmZtqL73AxKgUhvyc1UfpQ5mI+wWbQBQnI0HdD3JA3WLkDNfVMykS+UEZZ
h78PPWbkGLE9uas9xEYjeVNuAHJMM+M7Y1jE4BgwLamCxNGKWEYXxQTDnsERdvcj
bEPCtgxt9MFbtwWClo7v5VgR0eEfeOjOkmlEWWzuUXO3vYeZ95HbtrReSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDmspyVdKmyCJOxLEsUSLnDWp5wyMB8GA1UdIwQY
MBaAFLJ0m8nNLPjf/PL/7XiE+8E8s+RdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25TYnljMHMtTl84OHZfdGVJVDd3VHl6NUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hYzhmZGMtOWQ1NS00NWRiLWEyNDMt
ZjE2Njk3ZDcyYTcxLzEvT2F5bkpWMHFiSUlrN0VzU3hSSXVjTmFubkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hYzhmZGMtOWQ1NS00NWRiLWEyNDMtZjE2Njk3ZDcyYTcx
LzEvc25TYnljMHMtTl84OHZfdGVJVDd3VHl6NUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAWA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqjBe60zuLn51x0Eq1S29QmyQbm1UFvvoNBsfI
/HTvHq9r3YDqmTQ80SatooymGnJ3dp3u2JlSAPFHtPXxz2vbO+EbZmgdAg5XCO9d
eMBBqkwVuq6w0wuApFs/tF09zdl//nJ53QmC22RBc/Bix/aAf/mhFxfH0lIHhZKL
OLH4quCFMg6t1VFvMX0LyZfk3+9YVLUK14VPWRG8MUqEunzyIUl8qtfU4+iH+b6p
ZE5uQllTPIx4BxCx+vx21fYS/uMOsMtxvowiy2mwXUctGtQ/aezF0gWnlQe4iMN+
GGEjeOY0/JJiJvmKvSpEhsZhVcqzg5Phpp3lzgbopu/jaK/4
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:52:38 2025 by rpki-client