Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/oxQgTQ7wkuteLMrkQKJxeR-bsAc.roa
File: oxQgTQ7wkuteLMrkQKJxeR-bsAc.roa (raw, json)
Hash identifier: 2FuTkNbv4hFlM9Wln6Ops0m862LGvTAlv3qbGOWIUq0=
Subject key identifier: A3:14:20:4D:0E:F0:92:EB:5E:2C:CA:E4:40:A2:71:79:1F:9B:B0:07
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 019513C21A7253741EB37CF67B5571AAA544
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/oxQgTQ7wkuteLMrkQKJxeR-bsAc.roa
Signing time: Mon 17 Feb 2025 11:54:02 +0000
ROA not before: Mon 17 Feb 2025 11:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0d:3044::/32 maxlen: 32
2a0e:4583::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:c2:1a:72:53:74:1e:b3:7c:f6:7b:55:71:aa:a5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Feb 17 11:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a314204d0ef092eb5e2ccae440a271791f9bb007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:15:90:27:1f:53:e9:95:a9:59:91:71:6a:65:
39:02:8b:2c:0b:f2:93:74:0c:17:df:ee:b4:84:b3:
1c:4b:6b:8b:e1:00:e0:da:f3:df:48:ee:6f:c6:b7:
77:42:d4:6e:ff:3c:61:04:10:53:79:23:d1:07:81:
e0:85:08:a2:a3:de:bc:77:a0:44:82:5e:b6:0c:30:
61:d9:ca:b1:aa:cf:7e:67:15:e1:c2:bd:fb:45:65:
56:19:f8:b5:7c:48:a5:6e:48:6c:06:a1:f9:33:f0:
a2:91:70:df:6a:ab:71:d1:8b:d9:b4:17:8e:c6:8e:
44:5c:d8:a9:47:5f:9c:6a:47:a2:78:79:dc:da:51:
78:35:69:ee:92:60:a0:f8:48:e6:47:57:c0:36:ed:
cc:aa:6b:cb:18:3c:cb:6c:23:be:32:64:f4:78:cc:
78:cf:f2:0e:6c:44:2f:ac:94:35:96:a9:fa:84:8f:
f8:3f:3b:97:c8:ce:df:c4:8f:7b:b6:32:52:16:97:
27:74:9f:f4:56:82:36:54:27:33:38:59:67:d5:3b:
0d:dc:72:56:dd:a7:bd:bc:7a:4c:bd:bd:22:07:e0:
77:a5:88:8e:fa:0d:45:4d:81:bb:69:44:5a:bd:91:
80:62:00:d8:c7:bf:a7:2e:fd:ee:eb:f6:42:d5:74:
c0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:14:20:4D:0E:F0:92:EB:5E:2C:CA:E4:40:A2:71:79:1F:9B:B0:07
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/oxQgTQ7wkuteLMrkQKJxeR-bsAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3044::/32
2a0e:4583::/32
Signature Algorithm: sha256WithRSAEncryption
60:ba:86:21:d6:dd:e8:eb:1c:f3:68:1e:5d:13:3d:95:c7:35:
51:28:34:ea:1d:2a:95:d9:0f:5d:77:a5:fe:43:f6:ec:2a:c1:
d9:91:8a:8b:4a:3b:c0:ab:75:21:fe:4e:d0:51:a3:1f:c3:21:
78:7e:4f:60:8a:a3:84:6e:67:4f:eb:ee:e6:d2:1c:a9:87:3a:
69:70:7f:a3:01:9d:85:0a:30:73:c7:bd:28:92:96:6e:a9:8c:
c9:8e:4c:34:27:ee:3f:d3:0b:e7:68:19:0b:8c:47:32:f8:55:
c9:31:59:04:f7:cc:fc:81:a5:fe:5c:02:8f:54:58:c4:be:98:
47:43:6c:c1:a1:05:48:eb:80:13:2b:4a:f0:e0:d2:c9:be:49:
e1:b5:40:98:de:c4:03:7a:8f:5d:ca:6e:61:31:3c:b4:cd:c1:
fd:33:ff:fc:fe:98:3d:5e:68:3b:56:b9:26:90:c5:cb:1a:f2:
a8:dc:14:05:7c:e5:32:9b:a7:b7:0e:ac:d1:ef:b7:67:ea:f2:
9a:9e:2f:a9:18:9f:e6:96:0a:96:eb:1e:89:2f:20:c0:5d:8f:
66:71:18:4a:af:11:83:6c:1a:54:eb:9c:82:a7:5d:1e:ae:fc:
c3:1e:e1:1b:12:f8:78:ef:e2:5e:f0:0c:cd:3a:4a:8f:ac:b5:
e8:42:05:b5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZUTwhpyU3Qes3z2e1VxqqVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjUwMjE3MTE1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE0MjA0ZDBlZjA5MmViNWUyY2NhZTQ0MGEyNzE3OTFmOWJiMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RWQJx9T6ZWpWZFxamU5AossC/KT
dAwX3+60hLMcS2uL4QDg2vPfSO5vxrd3QtRu/zxhBBBTeSPRB4HghQiio968d6BE
gl62DDBh2cqxqs9+ZxXhwr37RWVWGfi1fEilbkhsBqH5M/CikXDfaqtx0YvZtBeO
xo5EXNipR1+cakeieHnc2lF4NWnukmCg+EjmR1fANu3MqmvLGDzLbCO+MmT0eMx4
z/IObEQvrJQ1lqn6hI/4PzuXyM7fxI97tjJSFpcndJ/0VoI2VCczOFln1TsN3HJW
3ae9vHpMvb0iB+B3pYiO+g1FTYG7aURavZGAYgDYx7+nLv3u6/ZC1XTA/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKMUIE0O8JLrXizK5ECicXkfm7AHMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvb3hRZ1RRN3drdXRlTE1ya1FLSnhlUi1ic0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg0wRAMF
ACoORYMwDQYJKoZIhvcNAQELBQADggEBAGC6hiHW3ejrHPNoHl0TPZXHNVEoNOod
KpXZD113pf5D9uwqwdmRiotKO8CrdSH+TtBRox/DIXh+T2CKo4RuZ0/r7ubSHKmH
Omlwf6MBnYUKMHPHvSiSlm6pjMmOTDQn7j/TC+doGQuMRzL4VckxWQT3zPyBpf5c
Ao9UWMS+mEdDbMGhBUjrgBMrSvDg0sm+SeG1QJjexAN6j13KbmExPLTNwf0z//z+
mD1eaDtWuSaQxcsa8qjcFAV85TKbp7cOrNHvt2fq8pqeL6kYn+aWCpbrHokvIMBd
j2ZxGEqvEYNsGlTrnIKnXR6u/MMe4RsS+Hjv4l7wDM06So+stehCBbU=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:53:41 2025 by rpki-client on console.sobornost.net