Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/oZj3kamLQ64qe41NAn79tJxrn3A.roa
File: oZj3kamLQ64qe41NAn79tJxrn3A.roa (raw, json)
Hash identifier: aQLWnTTQZBYLNZEs0bSmxS+Cx6vWjLj05WSdg5JVYgs=
Subject key identifier: A1:98:F7:91:A9:8B:43:AE:2A:7B:8D:4D:02:7E:FD:B4:9C:6B:9F:70
Certificate issuer: /CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Certificate serial: 019427480D81BB0C3ED6D477F5FC6296BF13
Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/oZj3kamLQ64qe41NAn79tJxrn3A.roa
Signing time: Thu 02 Jan 2025 13:50:20 +0000
ROA not before: Thu 02 Jan 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57406
IP address blocks: 2a13:b480::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:0d:81:bb:0c:3e:d6:d4:77:f5:fc:62:96:bf:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Validity
Not Before: Jan 2 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a198f791a98b43ae2a7b8d4d027efdb49c6b9f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7d:9f:7a:9d:f5:52:12:75:e6:cb:cd:7d:76:
60:c0:1b:6c:dc:97:db:19:aa:37:25:4d:b0:0c:d1:
06:bf:ee:43:70:db:0f:03:d4:fd:a1:5c:02:ae:46:
8a:a1:ca:6d:d1:6a:9d:6c:09:70:a3:01:5a:e0:68:
57:94:1d:f3:c7:bd:30:b3:8e:d2:4f:de:58:88:d1:
d0:6f:cd:18:ee:e4:e1:da:de:97:50:cc:ac:ac:a3:
0d:97:bb:49:12:e5:90:53:a5:c9:d3:de:a9:50:3f:
a5:8c:44:48:22:f7:5b:c1:69:51:03:94:bd:af:55:
83:4e:22:54:81:20:31:2b:fb:d7:48:32:1c:a8:ab:
63:82:1a:ed:88:cb:8a:94:5f:f5:7a:75:a7:c8:e8:
40:d0:46:06:18:36:6d:88:f9:ce:d0:62:4d:82:84:
95:e7:bf:61:52:28:cb:8c:05:2c:f9:8e:55:c7:d3:
dc:3c:dd:32:0c:5f:aa:7c:d1:b3:4f:90:5f:0c:72:
b6:0f:b3:10:82:b3:0d:ed:14:ac:d0:e0:8c:75:37:
d0:29:71:95:fd:6b:bc:2b:b5:0b:f2:63:d4:c1:40:
e5:95:a6:61:94:62:05:b6:66:4d:bd:93:26:d8:56:
2b:32:4d:45:79:16:2a:a9:f7:86:9c:18:64:5a:97:
77:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:98:F7:91:A9:8B:43:AE:2A:7B:8D:4D:02:7E:FD:B4:9C:6B:9F:70
X509v3 Authority Key Identifier:
keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/oZj3kamLQ64qe41NAn79tJxrn3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b480::/29
Signature Algorithm: sha256WithRSAEncryption
d7:3a:cb:cd:53:d1:95:84:3e:11:de:ff:28:95:cf:75:54:68:
a3:75:23:d2:9f:56:33:f0:cb:04:b7:6f:e2:8b:f2:a7:c7:85:
ea:74:4e:7e:86:5f:9f:bc:36:a6:8c:4f:d8:42:4d:65:59:e1:
7b:72:42:af:ef:b5:da:97:57:54:3a:dc:68:51:80:a5:29:4d:
2d:bb:9d:fa:d3:fe:d2:6a:5c:7d:3d:09:e0:5d:81:d0:42:39:
d0:b5:0a:9c:c8:8c:54:75:98:7b:7d:07:53:7e:3a:1f:5e:e9:
22:28:29:1a:96:9d:08:65:1a:ed:4e:8c:bb:9c:04:34:7b:76:
a8:93:22:52:d6:1f:3a:82:6e:78:52:04:0d:1f:9a:00:f8:4e:
72:49:05:e7:fd:80:b5:d0:fe:2f:44:81:d1:31:76:e7:4b:49:
33:c8:27:10:02:0f:e9:3a:88:bc:d7:19:9f:24:b0:da:c7:42:
ca:56:40:52:e4:b4:5c:45:59:fc:6a:fc:fe:04:69:f6:6b:8c:
03:62:77:0f:d1:ef:1e:44:9c:af:95:5b:a6:b1:00:d8:6d:6e:
4e:d6:f1:68:82:24:c6:54:81:fe:81:b8:b0:a8:27:5b:49:c9:
f8:84:25:2c:88:a0:0c:d5:bb:fb:8e:d0:6e:e1:d9:2e:3e:5e:
37:89:5f:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSA2Buww+1tR39fxilr8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh
NWQzODQwHhcNMjUwMTAyMTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTk4Zjc5MWE5OGI0M2FlMmE3YjhkNGQwMjdlZmRiNDljNmI5ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn2fep31UhJ15svNfXZgwBts3Jfb
Gao3JU2wDNEGv+5DcNsPA9T9oVwCrkaKocpt0WqdbAlwowFa4GhXlB3zx70ws47S
T95YiNHQb80Y7uTh2t6XUMysrKMNl7tJEuWQU6XJ096pUD+ljERIIvdbwWlRA5S9
r1WDTiJUgSAxK/vXSDIcqKtjghrtiMuKlF/1enWnyOhA0EYGGDZtiPnO0GJNgoSV
579hUijLjAUs+Y5Vx9PcPN0yDF+qfNGzT5BfDHK2D7MQgrMN7RSs0OCMdTfQKXGV
/Wu8K7UL8mPUwUDllaZhlGIFtmZNvZMm2FYrMk1FeRYqqfeGnBhkWpd3JwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKGY95Gpi0OuKnuNTQJ+/bSca59wMB8GA1UdIwQY
MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt
ZDZhNTk1MGNhZGYyLzEvb1pqM2thbUxRNjRxZTQxTkFuNzl0SnhybjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy
LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO0gDAN
BgkqhkiG9w0BAQsFAAOCAQEA1zrLzVPRlYQ+Ed7/KJXPdVRoo3Uj0p9WM/DLBLdv
4ovyp8eF6nROfoZfn7w2poxP2EJNZVnhe3JCr++12pdXVDrcaFGApSlNLbud+tP+
0mpcfT0J4F2B0EI50LUKnMiMVHWYe30HU346H17pIigpGpadCGUa7U6Mu5wENHt2
qJMiUtYfOoJueFIEDR+aAPhOckkF5/2AtdD+L0SB0TF250tJM8gnEAIP6TqIvNcZ
nySw2sdCylZAUuS0XEVZ/Gr8/gRp9muMA2J3D9HvHkScr5VbprEA2G1uTtbxaIIk
xlSB/oG4sKgnW0nJ+IQlLIigDNW7+47QbuHZLj5eN4lfsg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:51 2025 by rpki-client