Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLT27DbcTsoAH0RO9h9QgEUKvWo.roa
File: OLT27DbcTsoAH0RO9h9QgEUKvWo.roa (raw, json)
Hash identifier: z/H9YX611lj4M5ZjCNm6yxjp8mCX55l/rVILcqtaBPI=
Subject key identifier: 38:B4:F6:EC:36:DC:4E:CA:00:1F:44:4E:F6:1F:50:80:45:0A:BD:6A
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBFE77324F1E322B1FCEF92B043198
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLT27DbcTsoAH0RO9h9QgEUKvWo.roa
Signing time: Wed 01 Jan 2025 17:48:47 +0000
ROA not before: Wed 01 Jan 2025 17:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216305
IP address blocks: 2a0c:9a40:8490::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:fe:77:32:4f:1e:32:2b:1f:ce:f9:2b:04:31:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38b4f6ec36dc4eca001f444ef61f5080450abd6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:47:92:56:81:d5:ec:30:9d:a9:b5:bc:3a:f3:
e9:12:df:67:9b:a9:01:76:c0:8e:cf:cf:91:54:f9:
a3:a5:b5:11:7e:af:56:89:14:70:f2:28:1b:ac:e5:
bf:0a:14:0e:be:05:f8:88:4b:88:d6:76:88:3a:5d:
d3:82:5a:4c:4f:7a:d3:df:be:dc:a8:20:0d:08:37:
1d:6d:df:b8:cc:b8:38:3c:4a:c2:37:51:3f:8d:a9:
80:9e:b9:21:b8:4c:7d:32:7e:64:3e:e0:66:24:ea:
21:32:97:99:e3:58:e3:0d:c1:de:a1:68:c6:53:d8:
42:27:18:44:d9:13:1e:11:e7:2e:61:5a:2f:76:77:
b9:50:9a:d9:45:09:09:34:df:db:7b:5e:b3:da:a4:
68:63:10:ad:23:32:99:3d:d9:f9:6b:b5:4f:ca:d3:
07:b6:1a:b5:44:64:21:f5:1b:fd:cc:2c:24:c5:d9:
d7:09:09:15:bc:77:f1:78:52:ad:78:f3:f8:d3:65:
9c:9d:63:c5:66:96:3c:64:97:d5:03:16:ad:5d:7e:
85:7a:0b:32:87:2b:8e:99:b9:79:f6:2c:a0:71:1a:
e2:2b:58:87:fd:2b:12:be:4e:c7:ff:4e:ba:e9:d3:
99:fb:25:d6:34:ae:5d:1c:f7:30:17:7e:07:af:46:
bb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B4:F6:EC:36:DC:4E:CA:00:1F:44:4E:F6:1F:50:80:45:0A:BD:6A
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLT27DbcTsoAH0RO9h9QgEUKvWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8490::/48
Signature Algorithm: sha256WithRSAEncryption
14:17:7a:bc:6a:91:79:c8:f1:28:21:5a:57:01:3a:6b:d6:cd:
94:66:61:9a:ec:7f:06:e7:cb:e8:ec:a2:ce:a4:0f:63:90:03:
17:1e:9f:a9:3d:64:4b:a7:3b:49:9e:4e:09:89:e1:be:ad:91:
d7:42:6a:04:4e:ec:9d:8c:3d:51:74:d4:7e:56:73:20:b7:25:
5b:ac:66:5e:4a:c4:99:60:e5:f1:5a:86:6c:57:18:6c:61:f9:
5e:2a:0b:f6:95:34:90:3a:74:99:ab:81:96:82:b5:1d:a1:92:
15:24:3d:f1:94:1d:8c:00:00:84:c7:e5:e6:c5:a5:ff:e4:9b:
9e:fd:f1:8a:d8:da:cb:9e:11:54:03:e7:5e:90:30:dd:ee:ff:
10:50:cd:bb:19:3b:75:eb:8d:cf:6b:bf:18:a9:01:9f:ce:14:
0f:c3:2d:05:b7:77:91:7e:e1:5c:e3:07:55:7b:63:ea:d0:63:
5a:b9:a1:d5:e3:3a:20:05:58:fd:de:19:58:20:d2:72:d2:78:
f3:11:9a:8c:74:cb:b4:41:86:67:af:f3:fa:8f:9a:c4:4e:7f:
71:8c:40:4c:49:7a:f3:8e:93:e7:2b:4c:33:38:6d:d2:e9:40:
5e:65:69:70:da:a3:aa:4d:14:e7:df:0e:b6:38:e8:da:a5:dc:
f8:a9:60:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+/53Mk8eMisfzvkrBDGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI0ZjZlYzM2ZGM0ZWNhMDAxZjQ0NGVmNjFmNTA4MDQ1MGFiZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEeSVoHV7DCdqbW8OvPpEt9nm6kB
dsCOz8+RVPmjpbURfq9WiRRw8igbrOW/ChQOvgX4iEuI1naIOl3TglpMT3rT377c
qCANCDcdbd+4zLg4PErCN1E/jamAnrkhuEx9Mn5kPuBmJOohMpeZ41jjDcHeoWjG
U9hCJxhE2RMeEecuYVovdne5UJrZRQkJNN/be16z2qRoYxCtIzKZPdn5a7VPytMH
thq1RGQh9Rv9zCwkxdnXCQkVvHfxeFKtePP402WcnWPFZpY8ZJfVAxatXX6Fegsy
hyuOmbl59iygcRriK1iH/SsSvk7H/0666dOZ+yXWNK5dHPcwF34Hr0a71QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDi09uw23E7KAB9ETvYfUIBFCr1qMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvT0xUMjdEYmNUc29BSDBSTzloOVFnRVVLdldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQISQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAUF3q8apF5yPEoIVpXATpr1s2UZmGa7H8G58vo
7KLOpA9jkAMXHp+pPWRLpztJnk4JieG+rZHXQmoETuydjD1RdNR+VnMgtyVbrGZe
SsSZYOXxWoZsVxhsYfleKgv2lTSQOnSZq4GWgrUdoZIVJD3xlB2MAACEx+XmxaX/
5Jue/fGK2NrLnhFUA+dekDDd7v8QUM27GTt1643Pa78YqQGfzhQPwy0Ft3eRfuFc
4wdVe2Pq0GNauaHV4zogBVj93hlYINJy0njzEZqMdMu0QYZnr/P6j5rETn9xjEBM
SXrzjpPnK0wzOG3S6UBeZWlw2qOqTRTn3w62OOjapdz4qWC+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:59:49 2025 by rpki-client