Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/OkxhKGO3hHLaH6qZ2vA9JlrGREw.roa
File: OkxhKGO3hHLaH6qZ2vA9JlrGREw.roa (raw, json)
Hash identifier: ytFzHiABycaJCtimxiXolzufiSd4PWYGRqD/u4TM94w=
Subject key identifier: 3A:4C:61:28:63:B7:84:72:DA:1F:AA:99:DA:F0:3D:26:5A:C6:44:4C
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019420680108C801A70F64D255C692CA7F80
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/OkxhKGO3hHLaH6qZ2vA9JlrGREw.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4826
IP address blocks: 2a0e:eb44::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:01:08:c8:01:a7:0f:64:d2:55:c6:92:ca:7f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a4c612863b78472da1faa99daf03d265ac6444c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ee:d7:28:fe:16:d1:99:89:78:e3:32:9a:15:
69:7c:67:dd:06:6c:a4:97:d5:83:72:c2:8d:ba:d7:
d4:6f:f8:63:0f:f3:c9:04:59:87:0b:91:85:72:c5:
cd:34:82:8d:16:fe:8a:6e:62:b8:5b:6c:42:c1:66:
aa:2f:0e:be:1c:56:6f:36:97:89:5b:af:f9:80:e9:
7f:d7:33:3d:52:37:6c:d1:df:3f:76:41:44:28:37:
9e:da:b0:53:d7:f2:05:aa:4c:2c:7c:7f:fb:4e:a6:
40:e3:7f:3c:65:98:e8:72:8f:46:3a:73:10:cc:7f:
11:e9:1d:8b:9f:60:65:02:db:98:44:8e:9b:1f:2a:
d0:89:32:37:29:5f:82:bf:d5:fe:fb:9e:ea:f4:9e:
e6:57:13:0e:fd:ce:aa:69:fe:17:4c:4a:a8:53:c4:
c0:25:df:3a:de:5e:26:a4:29:51:39:45:b9:95:2b:
76:53:66:4e:25:00:c9:be:47:f4:24:a7:50:1b:36:
ab:fd:cf:2d:ef:0e:c0:24:15:c2:02:ad:e7:a0:c2:
be:bc:b2:34:08:be:4d:d0:db:c0:12:5a:2d:8a:05:
fe:ac:b7:87:58:c1:bc:ed:c6:a8:92:9a:bb:e4:2a:
2b:5d:f5:4d:ca:d5:16:1a:18:f5:02:5f:8e:15:1f:
47:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4C:61:28:63:B7:84:72:DA:1F:AA:99:DA:F0:3D:26:5A:C6:44:4C
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/OkxhKGO3hHLaH6qZ2vA9JlrGREw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:eb44::/32
Signature Algorithm: sha256WithRSAEncryption
76:86:b1:f6:76:b4:a7:9a:c1:f1:5b:48:d0:16:a9:38:e5:d8:
7f:7e:0d:bd:f8:10:04:3a:1b:6a:9f:00:9c:28:1a:ac:58:1c:
13:32:f9:d8:3d:1e:18:e5:7f:7c:5c:28:4c:2a:2f:02:fe:91:
81:6b:91:d5:4f:e2:d0:9d:2e:b9:53:d0:d1:35:2c:63:ba:2e:
56:55:9c:96:c2:ef:3c:07:6c:58:88:06:73:2a:0b:5e:38:2b:
96:88:c3:2e:81:af:25:23:75:9a:d7:59:2a:6a:71:c5:38:1c:
6e:1d:a3:26:40:79:c4:97:a7:2f:cb:54:85:9f:3f:87:a5:8f:
08:ad:f5:22:e9:50:2d:85:e3:f3:d9:e1:3f:d8:cf:d9:ad:39:
8f:de:ca:75:68:b7:88:ec:da:5d:6f:fe:89:06:7f:b3:0b:a8:
5e:84:32:3a:d0:ce:09:c8:a6:2c:61:16:54:78:67:58:ba:96:
6c:bd:a2:1e:b7:0b:1c:45:bb:5f:26:6a:ec:88:eb:6d:30:54:
c9:bb:13:a9:b8:26:19:31:37:4d:52:6c:1b:9d:6a:06:22:1a:
c5:76:70:68:b2:24:73:db:94:83:4e:63:aa:5a:4b:9e:c8:9d:
85:11:6a:44:8c:d1:d2:e2:85:ad:bc:e7:dc:c4:e1:15:11:bc:
8a:3b:f5:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQgaAEIyAGnD2TSVcaSyn+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTRjNjEyODYzYjc4NDcyZGExZmFhOTlkYWYwM2QyNjVhYzY0NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe7XKP4W0ZmJeOMymhVpfGfdBmyk
l9WDcsKNutfUb/hjD/PJBFmHC5GFcsXNNIKNFv6KbmK4W2xCwWaqLw6+HFZvNpeJ
W6/5gOl/1zM9Ujds0d8/dkFEKDee2rBT1/IFqkwsfH/7TqZA4388ZZjoco9GOnMQ
zH8R6R2Ln2BlAtuYRI6bHyrQiTI3KV+Cv9X++57q9J7mVxMO/c6qaf4XTEqoU8TA
Jd863l4mpClROUW5lSt2U2ZOJQDJvkf0JKdQGzar/c8t7w7AJBXCAq3noMK+vLI0
CL5N0NvAElotigX+rLeHWMG87caokpq75CorXfVNytUWGhj1Al+OFR9HqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDpMYShjt4Ry2h+qmdrwPSZaxkRMMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvT2t4aEtHTzNoSExhSDZxWjJ2QTlKbHJHUkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7rRDAN
BgkqhkiG9w0BAQsFAAOCAQEAdoax9na0p5rB8VtI0BapOOXYf34NvfgQBDobap8A
nCgarFgcEzL52D0eGOV/fFwoTCovAv6RgWuR1U/i0J0uuVPQ0TUsY7ouVlWclsLv
PAdsWIgGcyoLXjgrlojDLoGvJSN1mtdZKmpxxTgcbh2jJkB5xJenL8tUhZ8/h6WP
CK31IulQLYXj89nhP9jP2a05j97KdWi3iOzaXW/+iQZ/swuoXoQyOtDOCcimLGEW
VHhnWLqWbL2iHrcLHEW7XyZq7IjrbTBUybsTqbgmGTE3TVJsG51qBiIaxXZwaLIk
c9uUg05jqlpLnsidhRFqRIzR0uKFrbzn3MThFRG8ijv1lQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:16:37 2025 by rpki-client