Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2OCozl-Q0jQSQ2_DITAcY3K0GS8.roa
File: 2OCozl-Q0jQSQ2_DITAcY3K0GS8.roa (raw, json)
Hash identifier: xV2WUSlQUnJO3217p6p4/IZtlXLFg12iORRDDlv1ZL8=
Subject key identifier: D8:E0:A8:CE:5F:90:D2:34:12:43:6F:C3:21:30:1C:63:72:B4:19:2F
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0194244533CDBCF234025AD03DC80880410F
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2OCozl-Q0jQSQ2_DITAcY3K0GS8.roa
Signing time: Wed 01 Jan 2025 23:48:22 +0000
ROA not before: Wed 01 Jan 2025 23:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a14:7b85::/32 maxlen: 32
2a14:7b86::/32 maxlen: 32
2a14:7b87::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:33:cd:bc:f2:34:02:5a:d0:3d:c8:08:80:41:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8e0a8ce5f90d23412436fc321301c6372b4192f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:07:5d:a2:9b:94:57:dd:20:c3:96:02:d2:e5:
73:b0:0e:4c:51:1f:4a:d2:34:25:36:a5:05:6a:06:
1e:9a:0f:80:a0:1c:7c:1a:39:5b:c8:75:11:56:f9:
30:e7:c7:f4:65:ec:d8:e3:40:b2:7f:12:d6:ba:cc:
97:f9:63:c3:7c:5e:24:00:58:d4:e7:9f:41:f0:4a:
0a:3c:ae:4c:ee:db:97:98:53:02:7f:75:08:3b:d9:
6a:a7:c1:e6:26:45:4c:7c:1c:de:3b:da:ca:8f:c2:
59:4f:b3:06:cd:30:87:db:48:c7:26:f1:f7:7e:1f:
51:64:d3:ad:54:3a:84:04:10:6a:b9:27:7a:e2:04:
4e:5c:51:65:27:5a:12:ea:fd:4e:db:86:c9:f1:3b:
77:64:0e:e3:75:5f:7f:cf:a7:6c:af:cf:81:91:d7:
46:f9:64:5d:18:f8:76:6c:b8:31:6c:a0:ae:0b:37:
c5:bd:ce:04:ed:16:66:ba:7e:d7:ec:a1:52:13:5a:
67:fd:38:6c:0f:88:16:41:c5:8f:7a:90:93:f5:30:
79:02:40:6d:63:e7:bb:77:94:2a:4e:a7:79:74:cc:
4f:03:a4:5b:69:59:6a:ea:a8:64:26:be:09:24:f9:
7e:2c:c6:54:b1:d5:f2:18:8f:91:46:f3:97:e3:a6:
db:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E0:A8:CE:5F:90:D2:34:12:43:6F:C3:21:30:1C:63:72:B4:19:2F
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2OCozl-Q0jQSQ2_DITAcY3K0GS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7b85::-2a14:7b87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:a6:aa:4b:91:54:9e:6a:87:2e:c2:15:fd:9b:f8:64:ea:42:
3b:a3:ee:c2:e8:6d:ec:3e:44:3d:db:05:0b:4e:f4:86:d2:01:
0c:e4:28:a3:2b:6c:8c:45:e9:12:c6:2f:ed:39:44:63:10:0a:
cd:6e:d0:cd:33:b7:c1:50:fd:7c:1f:85:09:64:dc:b3:54:ef:
43:58:d7:17:f0:27:60:b7:b9:95:d9:fa:a1:7b:74:eb:4e:3c:
5f:f1:a3:7d:fa:34:d6:d3:fe:76:4b:eb:b8:22:81:db:b2:9b:
6e:2e:0b:fc:85:ff:8c:b9:85:c6:83:a9:bb:8a:27:c8:ea:bf:
e9:a0:ed:8c:d7:fa:25:b2:66:41:a6:17:6a:fc:1d:dc:93:46:
37:c8:18:87:fd:88:47:5f:be:1a:d8:ce:d2:d3:cc:ae:1d:13:
3c:c0:b1:fd:e0:bf:40:3c:4a:cb:b3:89:b8:c6:27:3b:f3:2e:
2e:04:fa:a6:91:1d:15:a4:b4:7e:d6:bc:da:6f:f0:08:80:dc:
84:1c:c8:b4:4c:cb:af:90:40:91:b4:1f:ba:26:e6:20:c4:1c:
a1:28:39:42:57:25:9b:e6:bd:2c:43:ca:44:53:fa:ad:54:72:
bc:2d:04:de:f6:c6:0a:6e:37:0c:5c:02:6c:09:64:a0:a7:dc:
b9:60:49:d9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQkRTPNvPI0AlrQPcgIgEEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGUwYThjZTVmOTBkMjM0MTI0MzZmYzMyMTMwMWM2MzcyYjQxOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQddopuUV90gw5YC0uVzsA5MUR9K
0jQlNqUFagYemg+AoBx8GjlbyHURVvkw58f0ZezY40CyfxLWusyX+WPDfF4kAFjU
559B8EoKPK5M7tuXmFMCf3UIO9lqp8HmJkVMfBzeO9rKj8JZT7MGzTCH20jHJvH3
fh9RZNOtVDqEBBBquSd64gROXFFlJ1oS6v1O24bJ8Tt3ZA7jdV9/z6dsr8+BkddG
+WRdGPh2bLgxbKCuCzfFvc4E7RZmun7X7KFSE1pn/ThsD4gWQcWPepCT9TB5AkBt
Y+e7d5QqTqd5dMxPA6RbaVlq6qhkJr4JJPl+LMZUsdXyGI+RRvOX46bb+wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNjgqM5fkNI0EkNvwyEwHGNytBkvMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMk9Db3psLVEwalFTUTJfRElUQWNZM0swR1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqFHuF
AwUDKhR7gDANBgkqhkiG9w0BAQsFAAOCAQEAXKaqS5FUnmqHLsIV/Zv4ZOpCO6Pu
wuht7D5EPdsFC070htIBDOQooytsjEXpEsYv7TlEYxAKzW7QzTO3wVD9fB+FCWTc
s1TvQ1jXF/AnYLe5ldn6oXt06048X/Gjffo01tP+dkvruCKB27Kbbi4L/IX/jLmF
xoOpu4onyOq/6aDtjNf6JbJmQaYXavwd3JNGN8gYh/2IR1++GtjO0tPMrh0TPMCx
/eC/QDxKy7OJuMYnO/MuLgT6ppEdFaS0fta82m/wCIDchBzItEzLr5BAkbQfuibm
IMQcoSg5Qlclm+a9LEPKRFP6rVRyvC0E3vbGCm43DFwCbAlkoKfcuWBJ2Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:37:58 2025 by rpki-client