Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/OjcVy0GD8k4hcL8TqatzrwvfKI4.roa
File: OjcVy0GD8k4hcL8TqatzrwvfKI4.roa (raw, json)
Hash identifier: F/NOwGH5uq3Ta1hkwK8ONz25FZMJkk1iczAs1jYB4bA=
Subject key identifier: 3A:37:15:CB:41:83:F2:4E:21:70:BF:13:A9:AB:73:AF:0B:DF:28:8E
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 019513EE0C703F1732960037A842E7C57F15
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/OjcVy0GD8k4hcL8TqatzrwvfKI4.roa
Signing time: Mon 17 Feb 2025 12:42:02 +0000
ROA not before: Mon 17 Feb 2025 12:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12859
IP address blocks: 2.56.226.0/23 maxlen: 24
46.182.180.0/23 maxlen: 24
46.182.182.0/23 maxlen: 24
2a04:e1c0:1::/48 maxlen: 48
2a09:d240:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:ee:0c:70:3f:17:32:96:00:37:a8:42:e7:c5:7f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Feb 17 12:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a3715cb4183f24e2170bf13a9ab73af0bdf288e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:36:a7:a2:b0:54:b6:f2:59:e0:02:39:97:55:
37:21:0d:4e:28:ea:53:85:2b:19:82:0c:42:e5:93:
8d:69:9c:e9:f0:20:8f:6c:4f:47:2f:d6:df:d5:41:
a6:3e:d9:ec:49:0c:6d:15:33:83:23:ed:21:a1:8b:
a3:8a:a9:8a:d2:01:42:0e:6d:c6:27:0b:88:08:39:
68:05:f3:e8:fe:7f:95:d5:64:5e:fc:68:cb:a5:a8:
dc:5f:26:63:81:73:29:6c:9c:b4:2e:7a:d4:b4:0d:
f0:73:3c:a2:a6:d6:d9:ad:b4:33:67:83:2c:a5:ed:
cc:46:be:9b:c7:04:cc:d3:99:4f:cb:f7:61:f1:bd:
4e:13:e8:ea:d4:49:cb:77:6d:0e:87:6b:7d:fc:ce:
c1:1c:35:75:be:15:be:f9:53:ba:25:9e:32:22:41:
89:12:fc:13:00:af:c6:d7:82:33:19:92:8b:f0:15:
93:65:03:5d:3c:77:27:44:c1:30:0a:c9:46:a8:07:
cf:24:bc:94:93:39:b8:4d:0d:79:93:d4:32:aa:25:
9c:4e:fb:7a:a1:d8:03:1e:49:60:ad:bd:0d:af:b5:
80:46:db:c9:6e:9e:38:8d:a8:32:56:08:c3:00:d7:
18:13:68:e5:20:f8:b6:f1:f4:e1:aa:5c:8b:71:35:
1b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:37:15:CB:41:83:F2:4E:21:70:BF:13:A9:AB:73:AF:0B:DF:28:8E
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/OjcVy0GD8k4hcL8TqatzrwvfKI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.226.0/23
46.182.180.0/22
IPv6:
2a04:e1c0:1::/48
2a09:d240:1::/48
Signature Algorithm: sha256WithRSAEncryption
ad:90:60:0b:ce:e1:a9:87:52:e1:da:f8:0c:cb:27:79:54:d0:
af:dc:8a:12:bd:fb:e6:05:a0:0b:f8:dc:a0:16:62:77:fd:d6:
0e:de:c3:6b:f8:fb:31:cc:72:dc:64:03:d4:9e:fc:39:bc:48:
ff:1c:3f:f5:01:84:1d:66:b0:45:26:54:df:28:73:52:49:66:
63:cd:f8:fa:68:04:78:d6:c5:2f:3c:0b:8e:54:12:ea:3d:5e:
cf:ff:bb:49:fa:c0:89:7a:0a:6d:72:e4:48:50:e7:5f:14:10:
2c:29:1c:0a:df:60:0d:8b:3e:b5:73:0a:30:69:79:f6:48:1f:
a7:1c:f5:6e:93:5a:3c:84:e0:6d:d1:c0:a8:7f:71:c3:4f:ab:
a9:b2:ef:44:10:9b:87:24:41:3b:80:a2:dc:e5:ce:a7:db:55:
d3:0a:7b:1c:f5:0c:a1:79:85:ce:74:49:c9:4f:32:19:2e:17:
7c:22:e3:69:35:8d:6c:4a:6a:4c:d2:57:1f:ba:18:94:d5:c2:
46:ce:0c:1e:42:94:b8:2d:e5:d9:3a:15:75:e4:12:66:77:8b:
46:b6:aa:f5:f2:4f:43:5c:93:ec:ab:c2:69:98:fb:d3:f4:b4:
c7:04:88:b1:b0:8c:23:75:c4:fe:e9:10:94:e5:ea:36:76:c7:
c5:95:bf:bd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZUT7gxwPxcylgA3qELnxX8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjUwMjE3MTI0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM3MTVjYjQxODNmMjRlMjE3MGJmMTNhOWFiNzNhZjBiZGYyODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzanorBUtvJZ4AI5l1U3IQ1OKOpT
hSsZggxC5ZONaZzp8CCPbE9HL9bf1UGmPtnsSQxtFTODI+0hoYujiqmK0gFCDm3G
JwuICDloBfPo/n+V1WRe/GjLpajcXyZjgXMpbJy0LnrUtA3wczyiptbZrbQzZ4Ms
pe3MRr6bxwTM05lPy/dh8b1OE+jq1EnLd20Oh2t9/M7BHDV1vhW++VO6JZ4yIkGJ
EvwTAK/G14IzGZKL8BWTZQNdPHcnRMEwCslGqAfPJLyUkzm4TQ15k9QyqiWcTvt6
odgDHklgrb0Nr7WARtvJbp44jagyVgjDANcYE2jlIPi28fThqlyLcTUbKQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDo3FctBg/JOIXC/E6mrc68L3yiOMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvT2pjVnkwR0Q4azRoY0w4VHFhdHpyd3ZmS0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBAjjiAwQC
Lra0MBgEAgACMBIDBwAqBOHAAAEDBwAqCdJAAAEwDQYJKoZIhvcNAQELBQADggEB
AK2QYAvO4amHUuHa+AzLJ3lU0K/cihK9++YFoAv43KAWYnf91g7ew2v4+zHMctxk
A9Se/Dm8SP8cP/UBhB1msEUmVN8oc1JJZmPN+PpoBHjWxS88C45UEuo9Xs//u0n6
wIl6Cm1y5EhQ518UECwpHArfYA2LPrVzCjBpefZIH6cc9W6TWjyE4G3RwKh/ccNP
q6my70QQm4ckQTuAotzlzqfbVdMKexz1DKF5hc50SclPMhkuF3wi42k1jWxKakzS
Vx+6GJTVwkbODB5ClLgt5dk6FXXkEmZ3i0a2qvXyT0Nck+yrwmmY+9P0tMcEiLGw
jCN1xP7pEJTl6jZ2x8WVv70=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:10:49 2025 by rpki-client