Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/OpxEUbqaenYhICUVSfRG6iymc0Q.roa
File: OpxEUbqaenYhICUVSfRG6iymc0Q.roa (raw, json)
Hash identifier: bdwPRGgSu4IgmW1prWwcAfsv18cyu6fXxwwnBes2bZA=
Subject key identifier: 3A:9C:44:51:BA:9A:7A:76:21:20:25:15:49:F4:46:EA:2C:A6:73:44
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0191E99BD24E6D004979CF28A3FB6A75734F
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/OpxEUbqaenYhICUVSfRG6iymc0Q.roa
Signing time: Fri 13 Sep 2024 04:19:48 +0000
ROA not before: Fri 13 Sep 2024 04:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 2a0f:db80::/29 maxlen: 29
2a13:3880::/29 maxlen: 29
2a13:3b80::/29 maxlen: 29
2a13:3c80::/29 maxlen: 29
2a13:8c40::/29 maxlen: 29
2a13:9340::/29 maxlen: 29
2a13:93c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e9:9b:d2:4e:6d:00:49:79:cf:28:a3:fb:6a:75:73:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 13 04:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a9c4451ba9a7a762120251549f446ea2ca67344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8f:17:c0:77:35:c6:52:ec:97:a4:21:03:90:
ea:d6:83:4b:29:6a:81:b2:54:e1:a6:76:da:eb:8a:
72:b0:11:d7:68:c0:83:f8:56:c2:cc:e4:93:ed:54:
9b:9a:8e:ec:6b:7b:c5:65:91:99:64:79:f2:34:bb:
31:38:08:28:ee:2f:a6:2a:3f:24:71:1b:48:96:1a:
65:21:1e:2c:e9:7f:8a:43:89:68:ff:13:29:d1:aa:
d6:56:ea:79:72:07:6b:7e:8d:a8:e6:5d:87:53:90:
92:9e:6e:4d:4e:3f:13:c3:d8:ef:61:55:9b:40:1c:
17:51:e2:b1:ac:54:a7:3a:0a:a6:a9:50:b9:85:c5:
04:a4:29:18:0f:d0:88:6c:f4:36:46:2d:57:87:a3:
6f:77:0c:53:c0:9c:7f:52:3d:59:84:58:12:14:77:
cc:25:b9:a0:a2:f9:4c:9a:72:8d:01:86:5c:88:2b:
ef:21:92:81:df:2c:64:50:f6:ad:a3:c8:38:af:a4:
7f:29:49:11:ed:95:eb:7a:fe:c5:f0:26:16:bb:37:
77:6e:ba:29:bd:3b:4d:14:9e:42:8e:4b:6b:5e:21:
45:eb:4d:b3:4f:60:f3:7f:30:d1:ba:10:1d:17:a5:
f5:c6:d4:f9:7d:0a:e6:d2:fc:fb:65:04:dd:d8:9a:
cd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9C:44:51:BA:9A:7A:76:21:20:25:15:49:F4:46:EA:2C:A6:73:44
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/OpxEUbqaenYhICUVSfRG6iymc0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:db80::/29
2a13:3880::/29
2a13:3b80::/29
2a13:3c80::/29
2a13:8c40::/29
2a13:9340::/29
2a13:93c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:d3:ad:a2:6a:6e:d2:8d:b8:74:4a:1d:cf:84:ee:da:38:f4:
2c:58:f2:72:f1:26:48:0d:b8:e3:23:9c:04:15:c5:3b:88:3e:
59:88:40:da:95:ba:0a:da:14:93:a8:56:51:ef:f7:73:36:ed:
e0:87:15:74:17:dc:78:2d:80:a0:be:9b:18:7a:e8:ad:84:c3:
22:52:d7:89:8f:6e:b2:88:43:f0:bb:96:55:7c:01:e1:02:f5:
f8:cb:3a:0a:89:b5:05:a3:cc:04:ac:d6:2c:85:d8:a5:0b:e6:
2b:f1:d6:61:97:c1:83:40:f8:76:06:60:2a:41:fd:66:54:28:
7b:b7:1f:7f:28:63:f8:1f:8e:e8:f3:1d:7c:23:3d:f8:f5:2c:
c1:df:09:58:9f:f3:2f:54:4a:eb:96:e6:44:33:8a:3a:9a:ed:
23:b5:d8:2e:7c:dd:f7:e6:e4:f9:f8:50:71:23:5d:be:ff:5c:
f8:f6:78:80:41:eb:10:83:a2:a3:79:b1:0d:bc:b1:65:35:e8:
a1:e2:2f:a8:2b:61:ed:4c:c9:df:77:90:f5:c8:f6:68:60:76:
5b:6b:72:53:77:66:5b:66:4d:f4:65:b7:13:03:83:f6:21:ec:
b1:9d:07:e1:78:92:b1:7c:e3:12:57:5d:ef:24:dc:c4:96:12:
16:aa:0d:6e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZHpm9JObQBJec8oo/tqdXNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwOTEzMDQxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTljNDQ1MWJhOWE3YTc2MjEyMDI1MTU0OWY0NDZlYTJjYTY3MzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2o8XwHc1xlLsl6QhA5Dq1oNLKWqB
slThpnba64pysBHXaMCD+FbCzOST7VSbmo7sa3vFZZGZZHnyNLsxOAgo7i+mKj8k
cRtIlhplIR4s6X+KQ4lo/xMp0arWVup5cgdrfo2o5l2HU5CSnm5NTj8Tw9jvYVWb
QBwXUeKxrFSnOgqmqVC5hcUEpCkYD9CIbPQ2Ri1Xh6NvdwxTwJx/Uj1ZhFgSFHfM
JbmgovlMmnKNAYZciCvvIZKB3yxkUPato8g4r6R/KUkR7ZXrev7F8CYWuzd3brop
vTtNFJ5CjktrXiFF602zT2DzfzDRuhAdF6X1xtT5fQrm0vz7ZQTd2JrNgQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDqcRFG6mnp2ISAlFUn0RuospnNEMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvT3B4RVVicWFlblloSUNVVlNmUkc2aXltYzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg/bgAMF
AyoTOIADBQMqEzuAAwUDKhM8gAMFAyoTjEADBQMqE5NAAwUDKhOTwDANBgkqhkiG
9w0BAQsFAAOCAQEACtOtompu0o24dEodz4Tu2jj0LFjycvEmSA244yOcBBXFO4g+
WYhA2pW6CtoUk6hWUe/3czbt4IcVdBfceC2AoL6bGHrorYTDIlLXiY9usohD8LuW
VXwB4QL1+Ms6Com1BaPMBKzWLIXYpQvmK/HWYZfBg0D4dgZgKkH9ZlQoe7cffyhj
+B+O6PMdfCM9+PUswd8JWJ/zL1RK65bmRDOKOprtI7XYLnzd9+bk+fhQcSNdvv9c
+PZ4gEHrEIOio3mxDbyxZTXooeIvqCth7UzJ33eQ9cj2aGB2W2tyU3dmW2ZN9GW3
EwOD9iHssZ0H4XiSsXzjEldd7yTcxJYSFqoNbg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:26:18 2025 by rpki-client