Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/oq_bdGbnwKTXTnGXJdYy9S7WicU.roa
File: oq_bdGbnwKTXTnGXJdYy9S7WicU.roa (raw, json)
Hash identifier: p8oLPJnZdi4G9SjZfWCHDdPw6B3VXekrGGf+ZY2rnv0=
Subject key identifier: A2:AF:DB:74:66:E7:C0:A4:D7:4E:71:97:25:D6:32:F5:2E:D6:89:C5
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521EA17CD577A08B7F2CB439C4D9127
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/oq_bdGbnwKTXTnGXJdYy9S7WicU.roa
Signing time: Thu 02 Jan 2025 03:49:27 +0000
ROA not before: Thu 02 Jan 2025 03:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215683
IP address blocks: 2a0a:280:2900::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ea:17:cd:57:7a:08:b7:f2:cb:43:9c:4d:91:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2afdb7466e7c0a4d74e719725d632f52ed689c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e3:ad:b4:44:a9:71:ea:14:9d:aa:b4:ba:ee:
33:a0:7b:b1:df:74:ef:1f:93:27:7b:f3:a3:d0:5f:
31:ad:78:1e:5f:c1:13:54:3f:e1:1e:c9:5e:90:ec:
ae:fe:37:6f:2c:14:f0:ef:35:cc:74:53:a5:fd:cc:
5e:c6:13:31:49:05:d5:23:98:0b:f5:16:ef:8a:db:
f7:4f:1d:99:b8:17:8d:28:66:2b:ad:b6:61:a5:95:
6d:9a:15:2d:0e:8b:63:ca:69:94:f0:98:10:5d:4c:
1f:94:6b:ea:b3:b9:6f:f2:b2:e5:a6:12:bd:c8:87:
a4:84:f9:d7:f9:47:d4:75:ee:f1:d6:bc:65:6b:d8:
f6:8f:4a:13:f2:ea:90:34:cc:d8:ea:69:12:38:d8:
cb:cd:66:45:b5:02:0a:e4:8b:4d:15:e5:95:13:23:
af:48:59:b2:4b:c2:78:1b:4a:24:16:28:33:32:a1:
3b:45:e3:62:a5:5d:d2:52:94:b5:fe:44:0b:f7:9b:
81:2b:f6:25:a1:7d:c4:d6:2f:83:3c:c7:18:3b:cf:
f3:37:9f:0f:8c:e3:1d:c4:cb:d8:e1:b7:a6:82:f3:
12:23:42:9f:66:45:8f:e2:1d:08:7d:d3:8c:df:3a:
64:b7:5a:65:a2:e4:94:8c:60:80:c8:61:fa:75:eb:
ee:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AF:DB:74:66:E7:C0:A4:D7:4E:71:97:25:D6:32:F5:2E:D6:89:C5
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/oq_bdGbnwKTXTnGXJdYy9S7WicU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2900::/40
Signature Algorithm: sha256WithRSAEncryption
38:57:13:d3:ee:51:50:50:5c:30:97:51:ab:bd:79:d6:87:da:
d5:ce:d2:35:db:7c:d6:c6:e1:42:91:93:a4:2d:c5:0b:5c:e0:
11:12:2a:91:39:06:c9:9b:81:57:a1:cc:67:4f:db:89:e6:16:
71:89:c2:66:ac:d6:57:70:93:8f:13:96:62:1a:8d:10:68:a9:
59:24:7b:73:c1:f4:cd:cf:44:3e:07:50:40:0d:71:49:89:5e:
0d:51:2a:97:7a:56:66:96:ec:5d:49:e8:fb:d9:7b:56:8f:cd:
5e:cd:7b:41:a9:f0:2b:22:a0:69:2b:2c:57:56:da:af:3f:41:
71:99:74:9d:a0:51:89:91:67:af:f4:f0:c5:58:3a:fb:9d:44:
00:89:17:36:27:99:70:66:86:67:f3:c2:74:55:39:77:f1:67:
e2:76:db:ff:c4:da:e7:90:ca:2d:c1:4b:a8:40:87:28:47:86:
57:c3:61:df:45:02:45:c2:93:8d:7d:22:13:a0:c0:a4:5c:8b:
25:c3:91:10:05:ff:89:1a:32:3b:35:f8:6a:0c:5f:7d:65:0c:
46:ac:ce:9b:18:72:43:56:37:91:79:5c:df:df:a6:fd:e9:63:
56:b9:1b:8f:f8:bb:5e:85:75:34:93:00:84:cc:40:f3:1f:ca:
3b:0c:dd:1e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIeoXzVd6CLfyy0OcTZEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFmZGI3NDY2ZTdjMGE0ZDc0ZTcxOTcyNWQ2MzJmNTJlZDY4OWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuOttESpceoUnaq0uu4zoHux33Tv
H5Mne/Oj0F8xrXgeX8ETVD/hHslekOyu/jdvLBTw7zXMdFOl/cxexhMxSQXVI5gL
9Rbvitv3Tx2ZuBeNKGYrrbZhpZVtmhUtDotjymmU8JgQXUwflGvqs7lv8rLlphK9
yIekhPnX+UfUde7x1rxla9j2j0oT8uqQNMzY6mkSONjLzWZFtQIK5ItNFeWVEyOv
SFmyS8J4G0okFigzMqE7ReNipV3SUpS1/kQL95uBK/YloX3E1i+DPMcYO8/zN58P
jOMdxMvY4bemgvMSI0KfZkWP4h0IfdOM3zpkt1plouSUjGCAyGH6devuawIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKKv23Rm58Ck105xlyXWMvUu1onFMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvb3FfYmRHYm53S1RYVG5HWEpkWXk5UzdXaWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCkw
DQYJKoZIhvcNAQELBQADggEBADhXE9PuUVBQXDCXUau9edaH2tXO0jXbfNbG4UKR
k6QtxQtc4BESKpE5BsmbgVehzGdP24nmFnGJwmas1ldwk48TlmIajRBoqVkke3PB
9M3PRD4HUEANcUmJXg1RKpd6VmaW7F1J6PvZe1aPzV7Ne0Gp8CsioGkrLFdW2q8/
QXGZdJ2gUYmRZ6/08MVYOvudRACJFzYnmXBmhmfzwnRVOXfxZ+J22//E2ueQyi3B
S6hAhyhHhlfDYd9FAkXCk419IhOgwKRciyXDkRAF/4kaMjs1+GoMX31lDEaszpsY
ckNWN5F5XN/fpv3pY1a5G4/4u16FdTSTAITMQPMfyjsM3R4=
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:42:13 2025 by rpki-client