Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/mOxqHKVaM8FOyy9qC7C8TSKBAyM.roa
File: mOxqHKVaM8FOyy9qC7C8TSKBAyM.roa (raw, json)
Hash identifier: qTLJadQ7H14Ihs1xJu+ceU18o8p6SlqvQuxChHR7oxY=
Subject key identifier: 98:EC:6A:1C:A5:5A:33:C1:4E:CB:2F:6A:0B:B0:BC:4D:22:81:03:23
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0194228D93D4A65F4E2926249B73ABBE9443
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/mOxqHKVaM8FOyy9qC7C8TSKBAyM.roa
Signing time: Wed 01 Jan 2025 15:48:11 +0000
ROA not before: Wed 01 Jan 2025 15:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25973
IP address blocks: 2001:668:117::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:93:d4:a6:5f:4e:29:26:24:9b:73:ab:be:94:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 1 15:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98ec6a1ca55a33c14ecb2f6a0bb0bc4d22810323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:32:de:b6:f2:3e:2c:bb:4d:f3:8a:c4:eb:37:
bc:8a:ff:27:4a:64:c6:bf:1e:a7:a9:df:d4:bd:82:
37:7e:c6:da:96:41:03:b0:d6:2c:a1:a6:4a:9e:8e:
8c:d0:70:62:8f:b4:a3:89:9e:01:b4:a5:63:0b:76:
1e:44:75:81:3f:e4:0e:af:fc:f8:c5:64:06:08:a7:
d9:2c:8e:51:40:7d:96:c5:49:f0:68:72:f2:a8:0b:
05:a3:82:48:79:42:27:d6:b4:19:0d:52:44:b4:db:
46:02:73:dc:20:85:bb:0c:9a:c5:df:16:92:3d:99:
a3:42:53:3b:21:04:e4:98:80:59:cf:ec:bc:09:9b:
f7:da:e8:51:73:b2:bd:64:a8:17:7d:38:e7:48:e7:
ae:4f:8e:21:fe:0b:0d:7d:c6:b1:b2:4e:2e:b2:08:
6c:d8:a2:53:61:31:b4:c6:b1:b8:20:a5:0c:24:e3:
c9:d1:4c:e4:a2:06:9a:12:85:c4:f2:90:03:cf:38:
85:c3:12:49:45:88:62:e4:72:e1:7d:86:b4:cf:aa:
81:90:35:c7:70:99:2c:4c:bb:a2:da:cf:af:93:a2:
2c:f9:e7:99:11:ab:cf:02:f1:6e:9c:10:33:b3:20:
e3:72:2c:09:13:ad:62:41:69:2c:4b:80:ce:a1:08:
ff:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EC:6A:1C:A5:5A:33:C1:4E:CB:2F:6A:0B:B0:BC:4D:22:81:03:23
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/mOxqHKVaM8FOyy9qC7C8TSKBAyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:668:117::/48
Signature Algorithm: sha256WithRSAEncryption
35:62:7d:29:47:69:b1:92:f3:70:e3:92:08:f6:f5:45:6d:8f:
9d:d3:f7:40:80:c7:f4:de:db:64:cd:99:95:f6:23:27:6b:5d:
e2:1f:a8:d6:db:77:fe:5d:6f:29:4d:6f:ed:b5:48:59:89:fd:
fa:6e:ae:ec:2e:98:f2:ad:b3:04:1d:d6:36:c5:b9:54:22:f0:
46:0a:bd:30:22:e5:b7:4b:c3:68:05:d6:1f:bd:88:c3:48:08:
58:f1:87:a1:b3:2d:dd:50:e1:da:3c:f9:51:9a:f7:8d:1d:71:
ad:99:b3:21:63:6b:32:ed:4a:09:e9:53:ec:43:e2:9a:ea:5b:
c5:ed:46:43:83:80:3d:17:52:ff:01:f6:59:88:1d:7e:e7:58:
69:c7:0d:d4:db:5f:e2:de:a3:f1:12:91:c7:07:cc:b0:cf:cb:
37:fc:9c:c8:4e:83:c9:24:c7:39:6d:51:95:40:2e:29:ee:f2:
3f:c0:a0:d5:dc:27:7a:a5:81:eb:a5:8e:8f:cd:e0:69:61:0e:
bb:94:7c:4a:60:cd:d3:b2:c8:1a:da:31:30:f8:54:47:64:a2:
0f:a2:a7:bd:bf:c6:20:62:44:74:85:08:21:9c:23:a6:ff:5a:
e9:ad:c6:46:93:36:60:b2:6b:81:ad:ff:aa:39:ba:ee:a3:7f:
71:c0:63:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijZPUpl9OKSYkm3OrvpRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwMTAxMTU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGVjNmExY2E1NWEzM2MxNGVjYjJmNmEwYmIwYmM0ZDIyODEwMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTLetvI+LLtN84rE6ze8iv8nSmTG
vx6nqd/UvYI3fsbalkEDsNYsoaZKno6M0HBij7SjiZ4BtKVjC3YeRHWBP+QOr/z4
xWQGCKfZLI5RQH2WxUnwaHLyqAsFo4JIeUIn1rQZDVJEtNtGAnPcIIW7DJrF3xaS
PZmjQlM7IQTkmIBZz+y8CZv32uhRc7K9ZKgXfTjnSOeuT44h/gsNfcaxsk4usghs
2KJTYTG0xrG4IKUMJOPJ0UzkogaaEoXE8pADzziFwxJJRYhi5HLhfYa0z6qBkDXH
cJksTLui2s+vk6Is+eeZEavPAvFunBAzsyDjciwJE61iQWksS4DOoQj/WQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJjsahylWjPBTssvaguwvE0igQMjMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvbU94cUhLVmFNOEZPeXk5cUM3QzhUU0tCQXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGaAEX
MA0GCSqGSIb3DQEBCwUAA4IBAQA1Yn0pR2mxkvNw45II9vVFbY+d0/dAgMf03ttk
zZmV9iMna13iH6jW23f+XW8pTW/ttUhZif36bq7sLpjyrbMEHdY2xblUIvBGCr0w
IuW3S8NoBdYfvYjDSAhY8Yehsy3dUOHaPPlRmveNHXGtmbMhY2sy7UoJ6VPsQ+Ka
6lvF7UZDg4A9F1L/AfZZiB1+51hpxw3U21/i3qPxEpHHB8ywz8s3/JzIToPJJMc5
bVGVQC4p7vI/wKDV3Cd6pYHrpY6PzeBpYQ67lHxKYM3Tssga2jEw+FRHZKIPoqe9
v8YgYkR0hQghnCOm/1rprcZGkzZgsmuBrf+qObruo39xwGOf
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:38 2025 by rpki-client