Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/O2Oat0BTcTTBte3h0xOz0f6G8JE.roa
File: O2Oat0BTcTTBte3h0xOz0f6G8JE.roa (raw, json)
Hash identifier: uGPgu0fP/Po7YK/M9uF+fNufF3juVmydIWJZWmOgpIg=
Subject key identifier: 3B:63:9A:B7:40:53:71:34:C1:B5:ED:E1:D3:13:B3:D1:FE:86:F0:91
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBF7BFB29806A7ED86995319E4E43D
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/O2Oat0BTcTTBte3h0xOz0f6G8JE.roa
Signing time: Wed 01 Jan 2025 17:48:45 +0000
ROA not before: Wed 01 Jan 2025 17:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215472
IP address blocks: 2a0c:9a40:8ac0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f7:bf:b2:98:06:a7:ed:86:99:53:19:e4:e4:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b639ab740537134c1b5ede1d313b3d1fe86f091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a2:85:be:04:5c:34:90:b6:54:63:b0:56:04:
10:d9:d5:ac:7d:2f:dd:cf:35:d1:53:77:c1:61:35:
6a:00:3f:e5:93:32:5c:59:ce:58:d1:e7:28:0c:de:
8e:80:54:b1:e3:97:9d:74:ed:8a:fc:d1:3a:7a:5e:
c1:1e:2b:f1:57:d3:1a:50:6f:8e:3d:81:b4:7c:ae:
d5:7f:0d:7c:59:cd:34:48:da:9d:19:bd:b9:01:16:
cc:13:07:bb:45:6f:3f:10:4d:21:63:f0:43:88:b2:
89:13:67:bf:18:4b:07:33:07:30:6f:c3:b3:ee:c3:
03:66:dc:05:49:40:ac:81:e0:ca:21:4c:22:45:c3:
cc:06:03:4e:84:0f:7d:45:6c:2c:d0:56:81:b7:c8:
05:61:60:93:e3:a7:02:05:72:1f:82:dc:fb:04:25:
75:20:de:44:5a:a7:36:dd:d5:be:40:32:3d:ee:98:
35:0c:7b:98:f5:85:bb:0a:33:1a:69:c9:ce:de:f4:
3c:ac:97:13:f4:5d:ab:5e:a1:e4:8c:43:b5:61:99:
e3:82:b3:82:dc:af:99:ca:4c:1d:8b:4e:49:ef:a1:
82:ba:6d:1c:95:40:06:cf:94:42:ae:e8:6e:d8:39:
4e:06:de:a5:c2:eb:ae:6e:cb:0c:e9:58:92:9b:e3:
a6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:63:9A:B7:40:53:71:34:C1:B5:ED:E1:D3:13:B3:D1:FE:86:F0:91
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/O2Oat0BTcTTBte3h0xOz0f6G8JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8ac0::/44
Signature Algorithm: sha256WithRSAEncryption
32:7c:0c:af:9c:43:85:f1:1a:75:d3:79:04:4b:c7:d1:b7:17:
f2:55:4c:ab:c6:ca:5a:8f:59:c8:ee:3d:a1:03:1e:28:b2:89:
03:e3:20:76:99:b4:13:27:c9:5e:d8:82:4c:39:51:0c:dc:17:
b7:db:29:2a:76:0c:fb:4a:1c:69:ac:f7:fd:eb:44:5a:35:4f:
5a:8b:6b:09:10:b8:26:ad:a1:ad:66:b0:c5:12:a2:dd:ad:9b:
fc:92:dd:e2:ca:be:7d:b1:cc:7e:f3:b9:d5:9a:43:1b:47:59:
29:a9:c7:4b:54:10:40:0d:6e:c0:0b:b5:50:41:f0:64:a3:4e:
59:be:73:f8:fe:a9:6a:07:a3:48:37:5a:03:1b:5a:0d:d2:ef:
34:a8:7a:4c:aa:1b:36:e0:ec:81:41:10:64:2b:74:1c:db:c2:
a1:11:a0:0a:63:a8:82:28:24:58:9a:35:34:7a:e7:d3:6b:b1:
e7:16:4f:3b:2a:a4:5c:1b:4f:36:cb:64:83:cf:03:2f:50:a7:
3f:37:78:1d:18:27:50:15:7c:0a:93:b3:e4:da:ea:fc:d0:16:
5d:9a:76:e8:81:cf:c2:89:b8:fe:62:ad:e1:c9:11:d8:5c:12:
75:02:68:df:3e:d0:66:c5:52:c1:6c:0d:52:db:55:bd:45:21:
98:02:ae:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+/e/spgGp+2GmVMZ5OQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjYzOWFiNzQwNTM3MTM0YzFiNWVkZTFkMzEzYjNkMWZlODZmMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaKFvgRcNJC2VGOwVgQQ2dWsfS/d
zzXRU3fBYTVqAD/lkzJcWc5Y0ecoDN6OgFSx45eddO2K/NE6el7BHivxV9MaUG+O
PYG0fK7Vfw18Wc00SNqdGb25ARbMEwe7RW8/EE0hY/BDiLKJE2e/GEsHMwcwb8Oz
7sMDZtwFSUCsgeDKIUwiRcPMBgNOhA99RWws0FaBt8gFYWCT46cCBXIfgtz7BCV1
IN5EWqc23dW+QDI97pg1DHuY9YW7CjMaacnO3vQ8rJcT9F2rXqHkjEO1YZnjgrOC
3K+Zykwdi05J76GCum0clUAGz5RCruhu2DlOBt6lwuuubssM6ViSm+Om2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDtjmrdAU3E0wbXt4dMTs9H+hvCRMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvTzJPYXQwQlRjVFRCdGUzaDB4T3owZjZHOEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIrA
MA0GCSqGSIb3DQEBCwUAA4IBAQAyfAyvnEOF8Rp103kES8fRtxfyVUyrxspaj1nI
7j2hAx4osokD4yB2mbQTJ8le2IJMOVEM3Be32ykqdgz7ShxprPf960RaNU9ai2sJ
ELgmraGtZrDFEqLdrZv8kt3iyr59scx+87nVmkMbR1kpqcdLVBBADW7AC7VQQfBk
o05ZvnP4/qlqB6NIN1oDG1oN0u80qHpMqhs24OyBQRBkK3Qc28KhEaAKY6iCKCRY
mjU0eufTa7HnFk87KqRcG082y2SDzwMvUKc/N3gdGCdQFXwKk7Pk2ur80BZdmnbo
gc/Cibj+Yq3hyRHYXBJ1AmjfPtBmxVLBbA1S21W9RSGYAq4O
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:50:15 2025 by rpki-client