Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OjeHvr3N386TXneL0nv0wyY-qeU.roa
File: OjeHvr3N386TXneL0nv0wyY-qeU.roa (raw, json)
Hash identifier: 2XpM2mgVC+oRvj+KzB8Q2pQ9lt2ZX+K54PlB5niAmP0=
Subject key identifier: 3A:37:87:BE:BD:CD:DF:CE:93:5E:77:8B:D2:7B:F4:C3:26:3E:A9:E5
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBDF0B8C3B87BC9B294D3D41CE93CB
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OjeHvr3N386TXneL0nv0wyY-qeU.roa
Signing time: Wed 01 Jan 2025 17:48:39 +0000
ROA not before: Wed 01 Jan 2025 17:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205088
IP address blocks: 2a0c:9a40:8220::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:df:0b:8c:3b:87:bc:9b:29:4d:3d:41:ce:93:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a3787bebdcddfce935e778bd27bf4c3263ea9e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d7:b1:56:58:9b:5f:e0:d5:1d:05:55:e8:c2:
e6:cf:a7:82:d7:5f:f1:65:23:b7:41:af:82:a5:fb:
67:a6:2f:8d:14:32:6e:7c:fa:c8:bf:98:ee:e1:4a:
ed:c9:7d:4c:11:82:fc:3f:50:54:50:97:33:96:1c:
5e:57:4a:d0:2e:1a:f0:ed:55:01:5e:36:cd:39:b2:
9c:05:43:51:d9:3e:a6:bc:39:29:30:ce:70:83:ef:
f8:c2:37:f6:e7:52:dd:86:e8:00:c1:2e:58:f1:5a:
61:9e:94:c8:cd:73:fa:ba:e0:1b:c5:7e:d1:bd:ef:
23:64:45:c0:e9:69:7b:99:1d:67:e8:cc:26:75:f1:
db:6c:1d:1f:34:88:47:27:6c:fd:44:b2:c2:bb:2f:
c7:df:72:2a:79:fa:72:89:3a:7f:37:73:16:4d:48:
01:54:6d:43:fc:2f:f9:b2:ce:9c:41:7d:6d:18:3f:
c5:f3:d2:5a:00:0a:c6:81:2a:3c:71:74:b4:26:49:
9e:23:71:20:97:3c:e5:70:da:e9:03:64:56:e9:16:
15:72:4b:94:1f:c8:44:fc:8f:f6:7b:e7:6f:ec:f7:
c0:59:8a:a9:28:8d:b8:57:05:45:8f:1a:6b:55:e7:
a3:2b:ce:1e:8f:07:2d:99:ab:13:90:99:ee:a1:12:
4d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:37:87:BE:BD:CD:DF:CE:93:5E:77:8B:D2:7B:F4:C3:26:3E:A9:E5
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OjeHvr3N386TXneL0nv0wyY-qeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8220::/48
Signature Algorithm: sha256WithRSAEncryption
44:c6:71:68:25:31:8c:02:7b:9b:b2:71:04:55:e0:b3:78:21:
fc:ea:a1:4f:e6:ee:b8:fd:60:8e:cf:0f:fe:33:8e:c0:69:53:
bf:98:c5:be:68:28:db:65:10:3f:c4:eb:e3:95:90:70:5c:3d:
88:9e:86:49:77:93:9a:5c:fb:61:a4:58:1f:6b:9a:71:14:e1:
c5:90:79:92:18:15:3d:49:27:f2:af:de:28:42:ff:cf:a4:6f:
5f:19:c3:0f:ec:e3:90:62:01:07:db:20:51:06:65:ee:4a:39:
fa:30:64:06:72:cc:f7:2b:22:3e:2d:d0:ce:66:ea:aa:c2:fc:
3a:45:34:6a:7e:d4:08:cf:ed:a3:b1:20:b2:1d:32:64:43:f6:
33:6e:6d:82:39:98:64:e0:57:92:20:e4:ca:f2:12:f2:44:e9:
cf:5c:c4:25:86:10:99:b8:1e:0f:cf:3e:fc:82:22:bf:81:67:
0b:c9:e6:0f:f3:c0:e5:3d:5e:02:c2:f4:5e:c4:50:f0:47:b7:
14:56:55:da:de:8e:d9:a2:f2:82:42:2f:30:fe:f9:8a:45:6e:
8d:0c:a8:49:eb:f9:ec:45:0d:eb:10:fe:25:d3:fb:91:9b:b5:
46:04:6a:55:00:4c:c5:fc:4e:ad:ec:01:de:41:23:df:62:86:
74:6c:dd:ad
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+98LjDuHvJspTT1BzpPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM3ODdiZWJkY2RkZmNlOTM1ZTc3OGJkMjdiZjRjMzI2M2VhOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdexVlibX+DVHQVV6MLmz6eC11/x
ZSO3Qa+Cpftnpi+NFDJufPrIv5ju4UrtyX1MEYL8P1BUUJczlhxeV0rQLhrw7VUB
XjbNObKcBUNR2T6mvDkpMM5wg+/4wjf251LdhugAwS5Y8VphnpTIzXP6uuAbxX7R
ve8jZEXA6Wl7mR1n6MwmdfHbbB0fNIhHJ2z9RLLCuy/H33IqefpyiTp/N3MWTUgB
VG1D/C/5ss6cQX1tGD/F89JaAArGgSo8cXS0JkmeI3EglzzlcNrpA2RW6RYVckuU
H8hE/I/2e+dv7PfAWYqpKI24VwVFjxprVeejK84ejwctmasTkJnuoRJNoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDo3h769zd/Ok153i9J79MMmPqnlMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvT2plSHZyM04zODZUWG5lTDBudjB3eVktcWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIIg
MA0GCSqGSIb3DQEBCwUAA4IBAQBExnFoJTGMAnubsnEEVeCzeCH86qFP5u64/WCO
zw/+M47AaVO/mMW+aCjbZRA/xOvjlZBwXD2InoZJd5OaXPthpFgfa5pxFOHFkHmS
GBU9SSfyr94oQv/PpG9fGcMP7OOQYgEH2yBRBmXuSjn6MGQGcsz3KyI+LdDOZuqq
wvw6RTRqftQIz+2jsSCyHTJkQ/Yzbm2COZhk4FeSIOTK8hLyROnPXMQlhhCZuB4P
zz78giK/gWcLyeYP88DlPV4CwvRexFDwR7cUVlXa3o7ZovKCQi8w/vmKRW6NDKhJ
6/nsRQ3rEP4l0/uRm7VGBGpVAEzF/E6t7AHeQSPfYoZ0bN2t
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:31:52 2025 by rpki-client