Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/OzRFfGtYydKtloUFGibUfBCyMDw.roa
File: OzRFfGtYydKtloUFGibUfBCyMDw.roa (raw, json)
Hash identifier: cWKDKlEnWPEyIjxNhIulWdfjuX7dn5MJ4+8rywovQak=
Subject key identifier: 3B:34:45:7C:6B:58:C9:D2:AD:96:85:05:1A:26:D4:7C:10:B2:30:3C
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 019425FC172341246531A79F6DF512CAEBA3
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/OzRFfGtYydKtloUFGibUfBCyMDw.roa
Signing time: Thu 02 Jan 2025 07:47:45 +0000
ROA not before: Thu 02 Jan 2025 07:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43193
IP address blocks: 2a02:1140:100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:17:23:41:24:65:31:a7:9f:6d:f5:12:ca:eb:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Jan 2 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b34457c6b58c9d2ad9685051a26d47c10b2303c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5f:45:83:d4:31:6b:a9:88:3c:7c:cd:d2:6a:
b7:91:7e:eb:4a:a7:2f:f8:00:13:24:a6:8a:62:cc:
d7:fd:8c:bf:90:2c:af:e1:5c:8f:39:4c:87:72:1d:
19:e7:fe:46:e9:85:62:18:a1:04:14:05:7a:0d:af:
9b:52:5f:ae:34:4e:91:c3:38:59:95:d7:fd:22:d6:
17:39:a6:e0:33:bb:70:f2:4a:5d:1a:fb:f9:c6:96:
3b:58:96:c5:ea:96:75:98:66:f4:2e:6e:1a:ca:69:
ee:fc:27:9e:be:b9:e9:89:ca:7e:95:65:f3:2f:bc:
58:48:19:14:50:44:96:20:67:89:5c:6e:4a:da:e2:
99:30:ec:57:03:71:28:13:b5:24:a1:f0:d3:c9:a7:
a7:d9:05:5b:5b:58:6b:e1:87:02:04:04:93:4f:e4:
c6:48:9e:e5:d4:b3:a4:cb:c2:7b:3c:a2:81:aa:d8:
6d:46:2b:d6:7a:78:5b:12:a9:20:92:9a:87:46:03:
95:bf:ed:34:bc:ff:0c:28:d6:ec:a9:6a:7f:cb:37:
70:f0:ff:48:1c:56:6f:3b:4c:c0:eb:57:33:64:b4:
28:09:c0:73:e0:d1:8a:7b:9a:ed:d9:f5:45:a0:c2:
9a:2b:27:6e:46:20:47:0d:b6:98:fb:bc:5c:0e:32:
da:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:34:45:7C:6B:58:C9:D2:AD:96:85:05:1A:26:D4:7C:10:B2:30:3C
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/OzRFfGtYydKtloUFGibUfBCyMDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:1140:100::/40
Signature Algorithm: sha256WithRSAEncryption
31:de:5b:31:77:8e:60:3b:17:97:0d:e1:1f:5a:8f:ef:39:d9:
d7:d8:ee:6d:96:52:32:34:dd:a6:2b:63:7d:5b:98:1d:db:00:
20:8b:5f:af:fc:45:1d:68:b1:e1:ec:99:6c:25:46:14:ba:e7:
b2:50:cb:9c:68:ef:66:0b:58:b9:5d:72:44:c7:c0:02:a1:6a:
a9:56:cd:8b:21:f3:22:7b:f4:82:0c:28:b6:a8:1b:47:f8:ec:
c7:10:7f:87:e9:5e:72:ab:5b:89:7c:e5:ca:b9:10:23:95:56:
5a:54:5b:6d:ae:68:96:71:5a:ab:a8:8a:26:55:9d:29:13:df:
4c:6c:e7:78:79:0d:43:06:ea:10:2c:5b:d4:7f:cf:5d:82:44:
1b:89:2d:ec:e8:d3:a3:c1:dc:0c:c3:5b:67:b2:4f:e7:f0:0a:
b1:9e:a7:35:29:60:d7:60:bc:a5:35:4d:4a:d5:87:17:0d:77:
6e:bb:8f:dc:09:e2:13:f3:dd:be:d7:55:55:c0:af:bb:0c:0d:
a0:3f:78:19:03:9f:fd:ea:44:58:f8:59:67:8f:e7:ff:16:9e:
0e:2e:7e:48:7d:26:02:91:f6:44:67:b5:47:69:1d:29:a6:41:
18:2c:b4:e2:0a:11:02:78:c9:47:0a:66:5c:00:d5:a7:da:23:
7e:c2:05:ef
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQl/BcjQSRlMaefbfUSyuujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjUwMTAyMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjM0NDU3YzZiNThjOWQyYWQ5Njg1MDUxYTI2ZDQ3YzEwYjIzMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl9Fg9Qxa6mIPHzN0mq3kX7rSqcv
+AATJKaKYszX/Yy/kCyv4VyPOUyHch0Z5/5G6YViGKEEFAV6Da+bUl+uNE6RwzhZ
ldf9ItYXOabgM7tw8kpdGvv5xpY7WJbF6pZ1mGb0Lm4aymnu/Ceevrnpicp+lWXz
L7xYSBkUUESWIGeJXG5K2uKZMOxXA3EoE7UkofDTyaen2QVbW1hr4YcCBASTT+TG
SJ7l1LOky8J7PKKBqthtRivWenhbEqkgkpqHRgOVv+00vP8MKNbsqWp/yzdw8P9I
HFZvO0zA61czZLQoCcBz4NGKe5rt2fVFoMKaKyduRiBHDbaY+7xcDjLakwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDs0RXxrWMnSrZaFBRom1HwQsjA8MB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvT3pSRmZHdFl5ZEt0bG9VRkdpYlVmQkN5TUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIRQAEw
DQYJKoZIhvcNAQELBQADggEBADHeWzF3jmA7F5cN4R9aj+852dfY7m2WUjI03aYr
Y31bmB3bACCLX6/8RR1oseHsmWwlRhS657JQy5xo72YLWLldckTHwAKhaqlWzYsh
8yJ79IIMKLaoG0f47McQf4fpXnKrW4l85cq5ECOVVlpUW22uaJZxWquoiiZVnSkT
30xs53h5DUMG6hAsW9R/z12CRBuJLezo06PB3AzDW2eyT+fwCrGepzUpYNdgvKU1
TUrVhxcNd267j9wJ4hPz3b7XVVXAr7sMDaA/eBkDn/3qRFj4WWeP5/8Wng4ufkh9
JgKR9kRntUdpHSmmQRgstOIKEQJ4yUcKZlwA1afaI37CBe8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:24 2025 by rpki-client