Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Ojkxj7ivSjIUVfaC_M9qrUtupeY.roa
File: Ojkxj7ivSjIUVfaC_M9qrUtupeY.roa (raw, json)
Hash identifier: gNVipeh9GQPWLp0Ho+Mbvb1A2WGH0zIeeKzVC0lDJkE=
Subject key identifier: 3A:39:31:8F:B8:AF:4A:32:14:55:F6:82:FC:CF:6A:AD:4B:6E:A5:E6
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEF5526586EF00AB4F0967AC9A850
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Ojkxj7ivSjIUVfaC_M9qrUtupeY.roa
Signing time: Sun 01 Jan 2023 14:44:54 +0000
ROA not before: Sun 01 Jan 2023 14:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56420
IP address blocks: 2a02:2698:6400::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ef:55:26:58:6e:f0:0a:b4:f0:96:7a:c9:a8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a39318fb8af4a321455f682fccf6aad4b6ea5e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ef:dc:c0:1e:50:62:11:2c:b4:6c:a9:39:15:
25:e7:f5:41:f9:e4:fb:f2:f7:f2:4b:72:bc:85:70:
55:ab:4a:ac:95:98:ab:60:2e:05:8d:ab:48:d3:37:
1a:a5:1b:db:a5:b7:cf:c7:e3:ce:95:7a:13:56:34:
3c:c3:11:4c:10:e9:39:18:ba:c6:27:77:53:ab:b7:
72:34:71:b2:f7:3a:7d:24:96:b4:d3:3b:56:f6:0d:
62:34:5c:89:2b:55:97:d5:ef:52:26:b1:99:fe:f3:
9e:32:f3:1b:7f:ee:92:f0:c7:84:d4:ed:02:b7:b6:
f8:a6:e9:af:f0:07:30:32:15:f8:81:ca:34:d1:05:
08:eb:36:51:08:0d:03:35:3f:06:05:a1:77:71:c7:
9b:07:c9:c2:ca:5e:c7:45:06:33:fc:85:cd:76:bf:
23:57:b5:1b:fe:cc:71:2f:96:9f:f8:fa:ae:34:cc:
40:7e:c3:32:47:fd:43:6b:78:02:1e:b8:c4:c7:86:
87:2e:5a:2f:cb:a0:67:7d:1f:6b:22:ea:4e:05:1f:
e6:34:b8:2a:e9:83:3b:cc:78:d5:df:38:c9:ab:29:
84:54:44:51:b8:93:bf:10:e2:e3:bb:a2:a8:45:1d:
d1:21:9c:8c:35:0c:04:06:39:a4:5d:b4:63:df:91:
89:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:39:31:8F:B8:AF:4A:32:14:55:F6:82:FC:CF:6A:AD:4B:6E:A5:E6
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Ojkxj7ivSjIUVfaC_M9qrUtupeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:6400::/38
Signature Algorithm: sha256WithRSAEncryption
a6:9b:bf:74:58:0c:8f:52:e8:cb:31:05:25:6f:00:2f:66:38:
3c:3d:75:7c:09:62:b9:4d:dc:d1:a0:95:69:c9:74:ff:69:21:
bb:b2:00:5f:57:45:d3:90:81:17:bb:27:d5:bd:35:66:0b:b8:
30:f3:b1:97:94:dc:09:b0:4c:5e:ed:a8:d4:2c:a1:88:9f:6d:
9e:44:83:bb:e8:7d:fd:88:fb:df:ce:38:62:40:ae:5d:36:2b:
aa:85:93:f6:21:6b:e4:54:e0:c4:ef:2a:c9:85:51:f1:1a:ca:
30:b8:3d:79:d5:8f:79:f1:45:e4:83:a9:b0:40:04:d4:ed:53:
ce:9a:b9:7c:9b:4d:17:b9:44:d0:f2:ac:88:0a:6d:3e:cc:4f:
96:84:43:36:37:0b:d2:42:c4:21:b0:92:f4:72:0d:80:c8:fa:
ae:ab:7b:75:ba:e1:8f:2c:47:ee:12:c4:fd:6f:ce:1b:ca:19:
2e:54:8c:9d:ab:21:f0:83:be:43:b3:4f:ee:5b:71:d7:5b:b1:
e0:d3:97:58:53:23:9a:fe:72:7a:40:ab:2f:95:ce:29:1e:14:
95:dd:d7:e1:d9:d0:9b:92:52:fb:f6:cc:49:cf:e7:42:d3:27:
5b:b4:21:ca:f3:bb:0b:04:e8:87:2d:b5:56:30:60:ad:8d:b6:
a1:87:8d:e3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyu9VJlhu8Aq08JZ6yahQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM5MzE4ZmI4YWY0YTMyMTQ1NWY2ODJmY2NmNmFhZDRiNmVhNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve/cwB5QYhEstGypORUl5/VB+eT7
8vfyS3K8hXBVq0qslZirYC4FjatI0zcapRvbpbfPx+POlXoTVjQ8wxFMEOk5GLrG
J3dTq7dyNHGy9zp9JJa00ztW9g1iNFyJK1WX1e9SJrGZ/vOeMvMbf+6S8MeE1O0C
t7b4pumv8AcwMhX4gco00QUI6zZRCA0DNT8GBaF3ccebB8nCyl7HRQYz/IXNdr8j
V7Ub/sxxL5af+PquNMxAfsMyR/1Da3gCHrjEx4aHLlovy6BnfR9rIupOBR/mNLgq
6YM7zHjV3zjJqymEVERRuJO/EOLju6KoRR3RIZyMNQwEBjmkXbRj35GJcwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDo5MY+4r0oyFFX2gvzPaq1LbqXmMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvT2preGo3aXZTaklVVmZhQ19NOXFyVXR1cGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmGQw
DQYJKoZIhvcNAQELBQADggEBAKabv3RYDI9S6MsxBSVvAC9mODw9dXwJYrlN3NGg
lWnJdP9pIbuyAF9XRdOQgRe7J9W9NWYLuDDzsZeU3AmwTF7tqNQsoYifbZ5Eg7vo
ff2I+9/OOGJArl02K6qFk/Yha+RU4MTvKsmFUfEayjC4PXnVj3nxReSDqbBABNTt
U86auXybTRe5RNDyrIgKbT7MT5aEQzY3C9JCxCGwkvRyDYDI+q6re3W64Y8sR+4S
xP1vzhvKGS5UjJ2rIfCDvkOzT+5bcddbseDTl1hTI5r+cnpAqy+VzikeFJXd1+HZ
0JuSUvv2zEnP50LTJ1u0IcrzuwsE6IcttVYwYK2NtqGHjeM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:18 2025 by rpki-client