Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/MOue30ip0rzsnXS5CsnOkdZdXEo.roa
File: MOue30ip0rzsnXS5CsnOkdZdXEo.roa (raw, json)
Hash identifier: AVvn57WEsROh6+ARUTdz4PZV+wl5iy2QvdVKr8ej4JA=
Subject key identifier: 30:EB:9E:DF:48:A9:D2:BC:EC:9D:74:B9:0A:C9:CE:91:D6:5D:5C:4A
Certificate issuer: /CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Certificate serial: 0194228D2FCAF1A186290C60C3E652DB54B1
Authority key identifier: 0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/MOue30ip0rzsnXS5CsnOkdZdXEo.roa
Signing time: Wed 01 Jan 2025 15:47:45 +0000
ROA not before: Wed 01 Jan 2025 15:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198231
IP address blocks: 2a0f:a300::/29 maxlen: 29
2a10:a280::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:2f:ca:f1:a1:86:29:0c:60:c3:e6:52:db:54:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Validity
Not Before: Jan 1 15:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30eb9edf48a9d2bcec9d74b90ac9ce91d65d5c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6a:d8:96:58:bf:0e:4b:2c:28:02:2f:a0:fd:
f0:c2:cd:69:24:a6:64:a6:ea:83:39:b7:64:0d:ce:
0c:b0:45:ef:1a:1d:c0:a8:2a:b7:b5:0f:7d:d5:81:
40:99:43:fe:0a:b7:fc:ac:f8:2a:11:0f:31:d4:d7:
7f:b0:ca:53:23:29:15:9a:d1:d0:97:81:7f:47:10:
fa:1e:99:5b:76:58:11:fb:7d:53:93:dc:48:3f:72:
1a:23:a4:2b:87:ae:40:f4:05:72:2b:cd:d4:42:e2:
1e:91:5b:00:17:24:de:32:a9:ff:fe:d7:4d:a2:f9:
81:2f:3d:3a:55:72:4f:d7:2d:67:39:1f:73:3d:a6:
43:ea:2e:13:4b:4a:37:bb:03:72:cc:9a:7f:7c:a1:
68:df:f7:ca:30:b5:de:28:83:6d:e4:bf:8c:83:c7:
46:a2:86:6d:9f:08:fc:0c:c3:73:ab:ce:5e:be:2f:
01:b4:85:1f:71:3d:4c:a7:56:e0:cd:de:31:11:c3:
19:bb:b7:f4:c5:fd:2f:40:af:12:56:a0:27:a4:53:
e6:66:9f:ad:5b:e9:5c:8c:c4:bb:fd:d1:f9:ee:db:
18:6c:46:b6:a0:d8:c9:fa:0d:36:e7:30:f0:cd:f7:
46:be:1b:13:76:b2:c6:6b:9e:94:0b:38:1b:bf:a9:
5d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:EB:9E:DF:48:A9:D2:BC:EC:9D:74:B9:0A:C9:CE:91:D6:5D:5C:4A
X509v3 Authority Key Identifier:
keyid:0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/MOue30ip0rzsnXS5CsnOkdZdXEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a300::/29
2a10:a280::/29
Signature Algorithm: sha256WithRSAEncryption
6b:4c:8a:62:6f:7c:ad:e5:b6:eb:d4:6a:4f:95:6d:41:e0:59:
57:7a:a1:dd:59:fe:53:41:db:cb:40:4c:d7:52:f3:02:86:62:
73:ef:f1:65:d7:cd:74:04:f3:25:05:5a:af:66:b3:a8:ce:06:
2b:cb:88:11:c3:63:dc:18:e0:4b:8c:22:2e:71:a3:ff:67:39:
ef:e1:47:ec:1f:c0:a3:ce:00:97:64:01:0f:c0:7a:1a:88:47:
31:9f:e3:51:c0:49:81:62:b2:a3:f3:21:8f:49:aa:e9:1f:03:
41:4f:c8:01:b6:7a:58:71:96:c0:b2:58:cb:e4:b9:84:ac:72:
7b:06:20:bc:8a:b9:7a:13:1c:a8:71:a8:c0:73:f3:b1:7a:c9:
ad:ee:fe:b6:cb:9e:b0:77:ed:40:39:13:5f:92:a7:b7:b3:28:
f6:c2:10:73:32:e1:c5:69:9f:3f:a1:35:9e:eb:7c:f0:71:79:
00:d3:c1:2e:ca:a2:c0:f7:c6:fe:24:33:fd:a0:59:18:42:34:
09:16:86:66:5c:2d:b3:58:47:3e:b2:c3:c0:c1:1a:19:f0:2c:
82:fa:00:27:38:30:48:3d:f2:65:af:47:bc:51:e2:4c:e6:c1:
15:dd:6a:d1:d6:ac:1b:64:fa:f8:4c:4a:49:9a:41:fd:cd:94:
2e:09:a6:a9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQijS/K8aGGKQxgw+ZS21SxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzU1ODU0NmEyYzU0YmJkODEyYTE5MjI4YWE5OGUwNzhk
M2FhNjgwHhcNMjUwMTAxMTU0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGViOWVkZjQ4YTlkMmJjZWM5ZDc0YjkwYWM5Y2U5MWQ2NWQ1YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGrYlli/DkssKAIvoP3wws1pJKZk
puqDObdkDc4MsEXvGh3AqCq3tQ991YFAmUP+Crf8rPgqEQ8x1Nd/sMpTIykVmtHQ
l4F/RxD6HplbdlgR+31Tk9xIP3IaI6Qrh65A9AVyK83UQuIekVsAFyTeMqn//tdN
ovmBLz06VXJP1y1nOR9zPaZD6i4TS0o3uwNyzJp/fKFo3/fKMLXeKINt5L+Mg8dG
ooZtnwj8DMNzq85evi8BtIUfcT1Mp1bgzd4xEcMZu7f0xf0vQK8SVqAnpFPmZp+t
W+lcjMS7/dH57tsYbEa2oNjJ+g025zDwzfdGvhsTdrLGa56UCzgbv6ld5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDDrnt9IqdK87J10uQrJzpHWXVxKMB8GA1UdIwQY
MBaAFA01WFRqLFS72BKhkiiqmOB406poMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUt
MTMyZmZjOGJkZTQ2LzEvTU91ZTMwaXAwcnpzblhTNUNzbk9rZFpkWEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUtMTMyZmZjOGJkZTQ2
LzEvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg+jAAMF
AyoQooAwDQYJKoZIhvcNAQELBQADggEBAGtMimJvfK3ltuvUak+VbUHgWVd6od1Z
/lNB28tATNdS8wKGYnPv8WXXzXQE8yUFWq9ms6jOBivLiBHDY9wY4EuMIi5xo/9n
Oe/hR+wfwKPOAJdkAQ/AehqIRzGf41HASYFisqPzIY9JqukfA0FPyAG2elhxlsCy
WMvkuYSscnsGILyKuXoTHKhxqMBz87F6ya3u/rbLnrB37UA5E1+Sp7ezKPbCEHMy
4cVpnz+hNZ7rfPBxeQDTwS7KosD3xv4kM/2gWRhCNAkWhmZcLbNYRz6yw8DBGhnw
LIL6ACc4MEg98mWvR7xR4kzmwRXdatHWrBtk+vhMSkmaQf3NlC4Jpqk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:53 2025 by rpki-client