Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ohqYmaqwdvOGGVWOS6BYdAxcPHI.roa
File: ohqYmaqwdvOGGVWOS6BYdAxcPHI.roa (raw, json)
Hash identifier: pMcMBIG4FImTviy8ub1S9/Ow9MRWNH0ynvsO1iIZlZw=
Subject key identifier: A2:1A:98:99:AA:B0:76:F3:86:19:55:8E:4B:A0:58:74:0C:5C:3C:72
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194252272132CA5BA54CA98510177D4DE8E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ohqYmaqwdvOGGVWOS6BYdAxcPHI.roa
Signing time: Thu 02 Jan 2025 03:50:01 +0000
ROA not before: Thu 02 Jan 2025 03:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213366
IP address blocks: 2a0e:b107:5c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:72:13:2c:a5:ba:54:ca:98:51:01:77:d4:de:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a21a9899aab076f38619558e4ba058740c5c3c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3b:49:a7:c0:9c:0f:ac:96:e0:ee:66:0d:f9:
6e:65:16:36:40:86:f3:34:26:27:b3:e9:bf:62:a4:
6b:51:dc:b4:b0:3a:43:e9:a7:1a:7a:52:18:85:87:
aa:20:99:65:cf:63:41:58:54:8b:4d:76:a2:a0:81:
2c:9c:07:a6:cf:dc:60:13:ef:57:73:92:b0:de:89:
a2:3d:19:9a:e2:ee:0b:17:64:61:d3:19:fe:b0:6e:
ac:8f:e3:90:4d:68:84:09:d9:e5:5c:93:e7:b0:3e:
d1:7a:24:e9:9a:4a:b2:04:b8:0a:b4:01:06:26:67:
3e:5a:50:c2:04:bc:e8:cf:bf:76:13:08:74:48:dd:
4b:fc:41:2f:5f:24:5a:24:fc:c7:1c:9c:5f:1e:99:
bf:44:53:4b:f0:8f:3e:ab:23:e5:1c:c2:13:a6:d1:
48:25:4d:a8:8c:63:ad:7a:b3:84:57:ad:fc:dc:95:
39:a5:ed:4b:21:0b:1d:04:7c:05:e9:6f:9e:f8:01:
94:8d:30:29:3f:4c:50:11:48:9a:34:42:7d:3a:45:
f5:e2:4a:e3:af:03:2a:a0:b2:69:bc:69:1e:40:48:
94:bf:92:b0:28:6f:d2:02:df:34:e7:48:42:c4:4c:
fc:8a:61:34:28:4a:be:1e:40:30:35:2f:8c:bc:8a:
85:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1A:98:99:AA:B0:76:F3:86:19:55:8E:4B:A0:58:74:0C:5C:3C:72
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ohqYmaqwdvOGGVWOS6BYdAxcPHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5c0::/48
Signature Algorithm: sha256WithRSAEncryption
20:a8:e5:7a:1f:9b:c4:c1:d6:11:4a:c7:3e:d4:39:61:c9:20:
48:6e:12:ee:ac:44:7b:bf:79:90:68:ea:83:32:d8:4a:06:cb:
44:3d:bb:39:4e:34:c0:03:9d:63:58:ce:0f:b2:e7:87:5a:f9:
1c:8f:84:8a:83:66:bb:d7:c2:d2:2d:03:61:99:86:ec:9e:03:
0c:49:24:1c:36:15:3d:00:ad:a8:0c:14:13:56:15:7e:cf:4b:
54:f3:f8:c3:38:a0:85:03:4d:44:d8:33:b8:aa:bc:d4:7c:23:
e4:83:77:3b:f3:b2:b0:a0:a6:70:78:63:ec:7b:3b:da:77:00:
e0:2a:c0:3a:ab:ac:ad:e5:6a:27:b3:e4:bc:c5:f9:ac:2d:ab:
d3:3d:15:9d:0e:0d:d4:e8:82:a5:af:ab:95:a1:eb:4b:1c:28:
ad:24:60:31:65:72:70:49:c9:a1:86:ca:f6:0f:ed:e5:83:26:
c1:83:ac:17:bf:f9:11:ab:0c:11:06:00:6d:dc:ac:92:f6:3a:
ad:a1:ec:7c:ac:71:5f:8a:0f:d4:a5:da:97:5a:32:f0:17:bb:
9f:6f:91:f0:3b:c6:bc:ad:75:c0:3c:fc:32:48:1f:a1:76:e6:
92:70:81:1c:10:a5:1c:a1:fd:e5:8a:d7:5f:72:f5:b9:20:a7:
5b:43:a6:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlInITLKW6VMqYUQF31N6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjFhOTg5OWFhYjA3NmYzODYxOTU1OGU0YmEwNTg3NDBjNWMzYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTtJp8CcD6yW4O5mDfluZRY2QIbz
NCYns+m/YqRrUdy0sDpD6acaelIYhYeqIJllz2NBWFSLTXaioIEsnAemz9xgE+9X
c5Kw3omiPRma4u4LF2Rh0xn+sG6sj+OQTWiECdnlXJPnsD7ReiTpmkqyBLgKtAEG
Jmc+WlDCBLzoz792Ewh0SN1L/EEvXyRaJPzHHJxfHpm/RFNL8I8+qyPlHMITptFI
JU2ojGOterOEV6383JU5pe1LIQsdBHwF6W+e+AGUjTApP0xQEUiaNEJ9OkX14krj
rwMqoLJpvGkeQEiUv5KwKG/SAt8050hCxEz8imE0KEq+HkAwNS+MvIqFrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKIamJmqsHbzhhlVjkugWHQMXDxyMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb2hxWW1hcXdkdk9HR1ZXT1M2QllkQXhjUEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwXA
MA0GCSqGSIb3DQEBCwUAA4IBAQAgqOV6H5vEwdYRSsc+1DlhySBIbhLurER7v3mQ
aOqDMthKBstEPbs5TjTAA51jWM4PsueHWvkcj4SKg2a718LSLQNhmYbsngMMSSQc
NhU9AK2oDBQTVhV+z0tU8/jDOKCFA01E2DO4qrzUfCPkg3c787KwoKZweGPsezva
dwDgKsA6q6yt5Wons+S8xfmsLavTPRWdDg3U6IKlr6uVoetLHCitJGAxZXJwScmh
hsr2D+3lgybBg6wXv/kRqwwRBgBt3KyS9jqtoex8rHFfig/UpdqXWjLwF7ufb5Hw
O8a8rXXAPPwySB+hduaScIEcEKUcof3litdfcvW5IKdbQ6bB
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:36:12 2025 by rpki-client