Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/OcXuaDvQV_KERo4Y5IpefNb3p4s.roa
File: OcXuaDvQV_KERo4Y5IpefNb3p4s.roa (raw, json)
Hash identifier: CZJDm8LiUTj5ZAmruRSC8xW0Gyyg4Xl6OOUDibxVX8g=
Subject key identifier: 39:C5:EE:68:3B:D0:57:F2:84:46:8E:18:E4:8A:5E:7C:D6:F7:A7:8B
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFA8A50E1C0B3857C3083660BDF2B11
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/OcXuaDvQV_KERo4Y5IpefNb3p4s.roa
Signing time: Wed 01 Jan 2025 03:48:20 +0000
ROA not before: Wed 01 Jan 2025 03:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207036
IP address blocks: 2a0c:b641:3d0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:8a:50:e1:c0:b3:85:7c:30:83:66:0b:df:2b:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39c5ee683bd057f284468e18e48a5e7cd6f7a78b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3e:70:9a:3a:99:d8:5b:b0:4c:93:79:00:a2:
11:45:c1:4a:1b:10:d4:54:ed:0b:67:b1:5e:15:2f:
db:34:bf:7d:bb:24:05:20:f1:1c:4f:cf:e9:8f:8e:
6e:da:95:d8:63:5b:fb:52:9b:6f:57:42:3b:d3:64:
d3:04:d7:61:65:4d:ce:70:42:12:45:92:fb:8b:1e:
4b:94:25:e0:bf:e2:1b:cf:34:ac:12:09:4e:f5:0c:
2e:6a:30:7f:38:e2:64:43:5b:a4:5e:bb:7a:b9:d3:
d8:66:27:2f:ef:68:7a:bb:8d:c8:62:cf:2b:e9:c4:
60:4a:2e:25:20:3f:38:12:4a:17:95:6d:8d:0b:44:
fa:27:be:f6:18:dc:7d:14:d7:59:2f:aa:6f:3a:3d:
2b:4c:2f:46:97:d8:4a:91:86:34:5c:36:5c:e8:c1:
15:60:e4:fd:87:b8:5e:ed:9c:0e:3a:fa:98:a7:3c:
2e:9d:1c:11:ee:1b:77:ae:cb:35:9f:76:d6:37:be:
5d:57:47:a4:4c:bf:80:8f:c4:28:1a:5e:f0:0e:71:
b3:dd:70:36:b7:7e:51:4a:55:8a:12:2e:f2:da:1e:
60:d3:47:7c:7c:27:b6:0c:ab:3b:33:75:5a:99:45:
6b:d4:13:b7:6b:ce:12:52:f8:42:78:1f:76:da:b8:
fc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C5:EE:68:3B:D0:57:F2:84:46:8E:18:E4:8A:5E:7C:D6:F7:A7:8B
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/OcXuaDvQV_KERo4Y5IpefNb3p4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:3d0::/44
Signature Algorithm: sha256WithRSAEncryption
43:ac:fa:ea:67:83:4a:71:8e:45:be:3a:d9:e7:82:f7:d9:7f:
15:e8:97:96:82:5a:65:81:aa:84:62:a6:f0:53:91:8d:d4:dd:
72:65:5b:c6:1e:68:14:d5:ba:82:ef:49:4e:4e:5f:06:5e:50:
d1:5b:89:b7:0d:23:4d:16:f2:28:61:7e:6f:da:5c:60:43:04:
af:60:2a:f8:9e:90:7b:18:fd:76:d6:92:71:fa:74:4f:57:82:
8b:8f:78:74:28:41:d2:d9:b0:82:4f:eb:52:9a:36:a6:75:ed:
fe:7b:0f:c0:10:42:d5:ad:bb:ea:7d:87:53:29:5e:46:cc:95:
fe:4b:82:0b:6a:05:e1:19:02:95:96:c3:c1:ee:6b:6a:70:a5:
fa:06:98:c2:f8:64:18:0e:d8:3b:1e:02:51:b7:ac:01:a0:5f:
f2:29:e4:fd:0d:6c:98:05:b8:a2:84:68:28:aa:37:7e:88:75:
bc:a3:87:7a:02:73:fc:4b:b5:c7:d6:23:e0:e7:8b:e8:ba:52:
9e:07:3a:73:67:be:17:90:5e:20:b4:bb:85:02:87:90:35:fb:
18:f6:4b:98:30:74:ca:eb:73:46:73:8a:00:97:53:e2:0f:3c:
39:23:30:75:d3:94:52:f3:98:41:ab:ea:34:4c:fa:7a:d5:81:
98:7a:d8:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+opQ4cCzhXwwg2YL3ysRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM1ZWU2ODNiZDA1N2YyODQ0NjhlMThlNDhhNWU3Y2Q2ZjdhNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnD5wmjqZ2FuwTJN5AKIRRcFKGxDU
VO0LZ7FeFS/bNL99uyQFIPEcT8/pj45u2pXYY1v7UptvV0I702TTBNdhZU3OcEIS
RZL7ix5LlCXgv+IbzzSsEglO9QwuajB/OOJkQ1ukXrt6udPYZicv72h6u43IYs8r
6cRgSi4lID84EkoXlW2NC0T6J772GNx9FNdZL6pvOj0rTC9Gl9hKkYY0XDZc6MEV
YOT9h7he7ZwOOvqYpzwunRwR7ht3rss1n3bWN75dV0ekTL+Aj8QoGl7wDnGz3XA2
t35RSlWKEi7y2h5g00d8fCe2DKs7M3VamUVr1BO3a84SUvhCeB922rj8dwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDnF7mg70FfyhEaOGOSKXnzW96eLMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvT2NYdWFEdlFWX0tFUm80WTVJcGVmTmIzcDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQPQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBDrPrqZ4NKcY5FvjrZ54L32X8V6JeWglplgaqE
YqbwU5GN1N1yZVvGHmgU1bqC70lOTl8GXlDRW4m3DSNNFvIoYX5v2lxgQwSvYCr4
npB7GP121pJx+nRPV4KLj3h0KEHS2bCCT+tSmjamde3+ew/AEELVrbvqfYdTKV5G
zJX+S4ILagXhGQKVlsPB7mtqcKX6BpjC+GQYDtg7HgJRt6wBoF/yKeT9DWyYBbii
hGgoqjd+iHW8o4d6AnP8S7XH1iPg54voulKeBzpzZ74XkF4gtLuFAoeQNfsY9kuY
MHTK63NGc4oAl1PiDzw5IzB105RS85hBq+o0TPp61YGYethM
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:06:45 2025 by rpki-client