Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/oreGjQwv74g6OpxObQTCv-MnU1M.roa
File: oreGjQwv74g6OpxObQTCv-MnU1M.roa (raw, json)
Hash identifier: d1IJwSRdqQjA5VA/VLC7+miffsmnB8Nxer6G7ClHfMc=
Subject key identifier: A2:B7:86:8D:0C:2F:EF:88:3A:3A:9C:4E:6D:04:C2:BF:E3:27:53:53
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 019483FFCB11C04C1A117BAC34A70BE5468C
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/oreGjQwv74g6OpxObQTCv-MnU1M.roa
Signing time: Mon 20 Jan 2025 13:56:06 +0000
ROA not before: Mon 20 Jan 2025 13:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5378
IP address blocks: 2a01:840::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:83:ff:cb:11:c0:4c:1a:11:7b:ac:34:a7:0b:e5:46:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 20 13:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2b7868d0c2fef883a3a9c4e6d04c2bfe3275353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:37:20:90:55:4b:e0:42:97:06:d5:b6:67:4a:
81:9e:75:67:d6:b7:af:11:27:31:16:55:ff:e5:ab:
94:e8:54:dd:d7:8f:90:19:d7:ec:01:a8:00:52:db:
16:11:20:e9:65:cd:bb:52:8f:6b:40:b0:25:eb:24:
0a:04:b2:7e:7e:7d:b3:fb:8c:07:9b:de:69:5f:ae:
2a:ba:08:71:93:e4:4a:13:c2:95:b0:c2:e3:15:5e:
e9:ef:e8:88:51:9f:39:61:0d:dc:67:e2:4c:7b:2d:
4e:6f:b2:8b:a7:2b:ec:8c:65:bf:4a:19:99:d3:f5:
b4:b0:29:3c:26:68:9a:db:6b:7b:9e:bb:b4:36:e4:
a4:6a:78:59:60:13:86:40:48:21:f7:07:d3:9a:77:
13:58:3d:15:63:71:1c:29:da:85:d3:a5:fd:08:53:
24:6a:6d:0e:e7:5a:92:17:5f:40:23:15:0d:36:88:
18:82:ee:af:4f:55:e1:15:5a:4b:1d:1e:8b:ea:61:
72:66:ab:cd:d4:9e:3f:cd:8c:45:c8:af:15:8f:f1:
f1:ba:5e:f4:89:b6:aa:f1:c5:5b:0d:ad:d1:2f:d9:
40:b5:02:fc:87:7e:e1:c0:9a:3f:54:3b:39:1e:fe:
bd:f1:65:5f:f5:5e:9a:3c:54:57:18:f9:aa:da:88:
07:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B7:86:8D:0C:2F:EF:88:3A:3A:9C:4E:6D:04:C2:BF:E3:27:53:53
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/oreGjQwv74g6OpxObQTCv-MnU1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:840::/32
Signature Algorithm: sha256WithRSAEncryption
45:c3:5e:a4:a1:4f:34:39:10:de:dc:64:67:7e:40:27:fe:a4:
04:d3:b7:0d:0c:c0:75:d5:8b:7e:5e:2e:24:1a:59:30:61:fc:
13:fb:0e:e6:6d:49:4f:e1:a7:cf:8a:4b:b5:a4:05:97:88:58:
ef:5e:4a:fb:e0:a2:34:71:9c:df:f4:c7:73:b8:fd:0d:5c:69:
8b:39:1e:2b:47:a1:3d:ab:9c:29:cf:e9:27:b6:ba:92:b9:3f:
5b:e3:8c:2d:a6:52:38:a0:32:6e:53:61:a5:60:61:4d:43:dc:
a5:8a:c6:40:bd:86:10:3d:51:32:87:9e:8d:fe:ad:9b:42:3c:
af:2c:ec:90:05:07:ac:52:12:d5:a6:24:0d:8e:fd:57:7c:6b:
06:ac:b3:6d:27:bb:65:dd:f6:f3:26:61:5c:9c:67:1f:fc:9e:
f5:b0:ad:be:c4:3d:03:71:ed:dc:14:71:13:95:0a:91:78:7f:
42:50:77:b2:2b:56:72:3d:9d:5b:df:eb:e1:9e:98:cc:1a:f8:
4b:2c:11:37:7b:93:69:9f:83:5d:45:81:23:e1:af:64:7d:6a:
c9:0f:fa:25:f4:09:00:ec:7c:b1:88:47:1b:f5:7e:26:82:60:
e9:20:92:70:87:03:98:db:1f:a9:74:92:96:55:cb:c5:2f:1b:
f3:60:4c:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZSD/8sRwEwaEXusNKcL5UaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUwMTIwMTM1NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI3ODY4ZDBjMmZlZjg4M2EzYTljNGU2ZDA0YzJiZmUzMjc1MzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzcgkFVL4EKXBtW2Z0qBnnVn1rev
EScxFlX/5auU6FTd14+QGdfsAagAUtsWESDpZc27Uo9rQLAl6yQKBLJ+fn2z+4wH
m95pX64qughxk+RKE8KVsMLjFV7p7+iIUZ85YQ3cZ+JMey1Ob7KLpyvsjGW/ShmZ
0/W0sCk8Jmia22t7nru0NuSkanhZYBOGQEgh9wfTmncTWD0VY3EcKdqF06X9CFMk
am0O51qSF19AIxUNNogYgu6vT1XhFVpLHR6L6mFyZqvN1J4/zYxFyK8Vj/Hxul70
ibaq8cVbDa3RL9lAtQL8h37hwJo/VDs5Hv698WVf9V6aPFRXGPmq2ogHLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKK3ho0ML++IOjqcTm0Ewr/jJ1NTMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvb3JlR2pRd3Y3NGc2T3B4T2JRVEN2LU1uVTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEIQDAN
BgkqhkiG9w0BAQsFAAOCAQEARcNepKFPNDkQ3txkZ35AJ/6kBNO3DQzAddWLfl4u
JBpZMGH8E/sO5m1JT+Gnz4pLtaQFl4hY715K++CiNHGc3/THc7j9DVxpizkeK0eh
PaucKc/pJ7a6krk/W+OMLaZSOKAyblNhpWBhTUPcpYrGQL2GED1RMoeejf6tm0I8
ryzskAUHrFIS1aYkDY79V3xrBqyzbSe7Zd328yZhXJxnH/ye9bCtvsQ9A3Ht3BRx
E5UKkXh/QlB3sitWcj2dW9/r4Z6YzBr4SywRN3uTaZ+DXUWBI+GvZH1qyQ/6JfQJ
AOx8sYhHG/V+JoJg6SCScIcDmNsfqXSSllXLxS8b82BMLA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:38:54 2025 by rpki-client