Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b1a4e1-877b-4380-bfbf-b038db898b7e/1/dxC4OOVdD7y8lzmmwGYNpdpf-D0.roa
File: dxC4OOVdD7y8lzmmwGYNpdpf-D0.roa (raw, json)
Hash identifier: 1F32hSGI4pbAFMDzlkPoS+O8tvJxdYgPLvmfvhN+IXU=
Subject key identifier: 77:10:B8:38:E5:5D:0F:BC:BC:97:39:A6:C0:66:0D:A5:DA:5F:F8:3D
Certificate issuer: /CN=3829d131be52810e47c9cbbf83a3ffbd4f7cbdbf
Certificate serial: 0194228DE74D2FE447F6A3B6C938EE2A21DC
Authority key identifier: 38:29:D1:31:BE:52:81:0E:47:C9:CB:BF:83:A3:FF:BD:4F:7C:BD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCnRMb5SgQ5Hycu_g6P_vU98vb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b1a4e1-877b-4380-bfbf-b038db898b7e/1/dxC4OOVdD7y8lzmmwGYNpdpf-D0.roa
Signing time: Wed 01 Jan 2025 15:48:32 +0000
ROA not before: Wed 01 Jan 2025 15:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62350
IP address blocks: 2001:678:f50::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e7:4d:2f:e4:47:f6:a3:b6:c9:38:ee:2a:21:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3829d131be52810e47c9cbbf83a3ffbd4f7cbdbf
Validity
Not Before: Jan 1 15:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7710b838e55d0fbcbc9739a6c0660da5da5ff83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b6:42:ba:02:48:69:ae:05:3b:34:a1:51:61:
8b:4c:6a:cc:5c:a3:5f:b4:06:94:70:d4:63:e0:8c:
79:a7:44:85:eb:83:aa:67:07:0a:ef:d7:67:9c:a7:
9c:ee:ba:55:c6:63:11:36:51:5c:dc:89:f3:89:0a:
10:4d:34:82:bf:93:a0:bd:f8:1e:0a:5e:b3:28:0a:
a3:ca:e8:38:ba:e2:b8:8b:b0:55:b4:98:c4:c9:7d:
aa:d0:d0:7a:78:01:ef:81:69:b9:8c:21:6d:89:ca:
36:fe:67:4f:ae:29:be:8b:6c:e2:62:a2:d7:e1:0b:
6a:4a:3b:e1:d2:67:0a:ca:8c:df:d5:87:e5:ae:4f:
b5:94:67:c4:3c:1b:2e:55:2f:76:be:a5:61:97:37:
d6:00:63:fd:63:81:64:64:9b:56:e9:ba:ed:6f:08:
e8:c0:8d:1e:f6:b4:cc:82:ed:b6:7a:20:c6:ef:92:
a2:47:f5:53:6d:1f:71:4e:2a:31:24:28:15:7d:4d:
9e:99:29:8b:65:95:5a:a5:05:de:52:8c:ad:7d:c0:
bc:27:9d:b1:e1:30:06:dc:8d:c3:9f:a9:b9:7c:97:
3f:c0:b9:62:62:ff:57:ea:93:02:ff:ef:72:31:30:
ad:5c:e4:ec:29:86:4a:f8:7b:37:c2:c6:46:dc:78:
01:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:10:B8:38:E5:5D:0F:BC:BC:97:39:A6:C0:66:0D:A5:DA:5F:F8:3D
X509v3 Authority Key Identifier:
keyid:38:29:D1:31:BE:52:81:0E:47:C9:CB:BF:83:A3:FF:BD:4F:7C:BD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCnRMb5SgQ5Hycu_g6P_vU98vb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b1a4e1-877b-4380-bfbf-b038db898b7e/1/dxC4OOVdD7y8lzmmwGYNpdpf-D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b1a4e1-877b-4380-bfbf-b038db898b7e/1/OCnRMb5SgQ5Hycu_g6P_vU98vb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f50::/48
Signature Algorithm: sha256WithRSAEncryption
39:5e:29:bb:3c:c9:69:68:24:4d:2e:9a:41:9d:94:de:79:ed:
95:e8:c4:23:1d:88:64:17:70:a5:76:df:49:ff:32:ee:40:76:
25:3a:78:92:b8:37:e3:03:1e:c0:83:17:9f:4b:2f:a2:23:84:
f9:12:42:d2:a1:5c:a4:07:a3:02:c6:29:3d:9f:46:39:58:0d:
df:0b:1a:72:91:1f:21:f1:ef:47:21:2f:d6:ca:c0:8e:76:a6:
73:73:bb:f7:97:83:20:65:82:ff:c1:eb:40:54:a1:dd:68:47:
fd:0d:df:5b:c9:62:8b:fb:5a:67:0f:32:ca:c5:c7:8a:95:65:
85:6e:2d:54:84:18:e7:70:92:29:6d:d6:37:9c:9c:f6:92:05:
45:38:5a:18:60:48:33:da:42:83:72:e9:92:6e:79:24:64:8c:
9d:a4:6c:5e:89:47:15:a5:ef:23:70:cc:5d:70:ed:bd:3c:49:
d2:d2:f6:93:f2:c8:90:f0:2d:3e:d8:5a:ef:ee:a4:fa:3a:98:
62:bc:ff:42:f8:8c:00:73:d6:5f:54:6f:f6:a4:e7:e3:2b:c5:
9d:1f:40:76:4d:82:b3:58:8f:ee:e2:7d:13:4d:4b:19:44:b9:
e6:46:90:aa:ed:4d:61:90:38:cd:a8:4a:55:5c:15:04:38:06:
5d:f3:5c:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijedNL+RH9qO2yTjuKiHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjlkMTMxYmU1MjgxMGU0N2M5Y2JiZjgzYTNmZmJkNGY3
Y2JkYmYwHhcNMjUwMTAxMTU0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzEwYjgzOGU1NWQwZmJjYmM5NzM5YTZjMDY2MGRhNWRhNWZmODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLZCugJIaa4FOzShUWGLTGrMXKNf
tAaUcNRj4Ix5p0SF64OqZwcK79dnnKec7rpVxmMRNlFc3InziQoQTTSCv5Ogvfge
Cl6zKAqjyug4uuK4i7BVtJjEyX2q0NB6eAHvgWm5jCFtico2/mdPrim+i2ziYqLX
4QtqSjvh0mcKyozf1Yflrk+1lGfEPBsuVS92vqVhlzfWAGP9Y4FkZJtW6brtbwjo
wI0e9rTMgu22eiDG75KiR/VTbR9xTioxJCgVfU2emSmLZZVapQXeUoytfcC8J52x
4TAG3I3Dn6m5fJc/wLliYv9X6pMC/+9yMTCtXOTsKYZK+Hs3wsZG3HgBYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHcQuDjlXQ+8vJc5psBmDaXaX/g9MB8GA1UdIwQY
MBaAFDgp0TG+UoEOR8nLv4Oj/71PfL2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NuUk1iNVNnUTVIeWN1X2c2UF92VTk4dmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iMWE0ZTEtODc3Yi00MzgwLWJmYmYt
YjAzOGRiODk4YjdlLzEvZHhDNE9PVmREN3k4bHptbXdHWU5wZHBmLUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iMWE0ZTEtODc3Yi00MzgwLWJmYmYtYjAzOGRiODk4Yjdl
LzEvT0NuUk1iNVNnUTVIeWN1X2c2UF92VTk4dmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA5Xim7PMlpaCRNLppBnZTeee2V6MQjHYhkF3Cl
dt9J/zLuQHYlOniSuDfjAx7AgxefSy+iI4T5EkLSoVykB6MCxik9n0Y5WA3fCxpy
kR8h8e9HIS/WysCOdqZzc7v3l4MgZYL/wetAVKHdaEf9Dd9byWKL+1pnDzLKxceK
lWWFbi1UhBjncJIpbdY3nJz2kgVFOFoYYEgz2kKDcumSbnkkZIydpGxeiUcVpe8j
cMxdcO29PEnS0vaT8siQ8C0+2Frv7qT6OphivP9C+IwAc9ZfVG/2pOfjK8WdH0B2
TYKzWI/u4n0TTUsZRLnmRpCq7U1hkDjNqEpVXBUEOAZd81xI
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:56:25 2025 by rpki-client