Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oJgLIHADpOO3GuXdbLREHkhDUlc.roa
File: oJgLIHADpOO3GuXdbLREHkhDUlc.roa (raw, json)
Hash identifier: 75KhjPLWjdn+1zH+A4KsbmPRDK/qfMrZCsuDyETI880=
Subject key identifier: A0:98:0B:20:70:03:A4:E3:B7:1A:E5:DD:6C:B4:44:1E:48:43:52:57
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570954DD4D6AD8D10AF1F28F5E2702668
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oJgLIHADpOO3GuXdbLREHkhDUlc.roa
Signing time: Mon 02 Jan 2023 03:45:11 +0000
ROA not before: Mon 02 Jan 2023 03:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50833
IP address blocks: 2a02:128:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:4d:d4:d6:ad:8d:10:af:1f:28:f5:e2:70:26:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0980b207003a4e3b71ae5dd6cb4441e48435257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:58:f5:67:d1:b9:7a:69:e8:26:04:68:4a:13:
77:6b:d5:b9:cb:48:b6:62:48:6c:b3:dd:c2:f2:3a:
bb:8e:fa:5f:12:8a:1a:74:11:70:6b:c4:a4:50:a7:
d2:39:6c:f1:8f:f0:d0:02:8a:4e:17:24:49:b8:04:
e5:dc:a6:03:93:c6:b0:eb:b1:41:87:7b:b8:12:13:
74:92:c0:a4:8a:44:6a:8f:2f:b2:bd:4d:e9:ce:be:
14:bd:4a:c8:a2:06:c3:63:8d:40:2e:2c:0a:b1:f5:
06:48:9e:69:72:c1:34:53:cd:61:7b:e6:22:07:0d:
d2:b2:79:3c:61:58:49:f6:42:9e:c5:14:34:18:e5:
40:27:4b:4f:d5:0c:ea:56:44:ec:2c:c4:c6:7e:0b:
8d:18:be:37:af:22:41:5f:4a:e8:a8:a6:57:79:22:
bb:72:ea:86:87:f5:87:9b:27:72:34:d6:92:57:4e:
59:6b:c8:c8:3e:94:03:ba:4a:3c:6a:e4:2f:66:bc:
e7:62:1a:96:1d:30:e0:3d:ca:e6:b3:c2:7e:ee:5e:
0b:a4:54:77:32:41:17:f2:a0:fb:c4:7a:d2:36:4f:
83:60:9e:93:f6:2f:29:58:9d:29:f5:77:ec:67:eb:
3e:a1:20:b0:d9:b8:15:20:d7:fe:2c:02:72:96:91:
14:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:98:0B:20:70:03:A4:E3:B7:1A:E5:DD:6C:B4:44:1E:48:43:52:57
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/oJgLIHADpOO3GuXdbLREHkhDUlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:128:1::/48
Signature Algorithm: sha256WithRSAEncryption
9c:f7:ca:09:14:cc:2e:29:fc:6e:79:17:3c:f7:22:16:8e:55:
8e:45:f8:51:58:47:c0:9f:9c:8e:94:f0:60:7b:87:52:0d:1b:
b3:6c:f5:34:6b:00:af:36:e4:96:31:1b:ad:16:92:1d:db:d7:
b8:4c:84:55:e2:51:3a:a3:14:0d:85:bf:52:2a:e2:f3:65:02:
59:f7:4b:f0:ad:fb:e3:a3:2c:ff:03:36:cc:64:da:a3:92:88:
39:f8:07:ae:fb:26:06:3c:df:97:51:98:0b:66:d5:6b:c4:cc:
cb:ed:22:35:85:70:09:76:e3:34:87:28:df:83:ad:a8:dc:93:
df:c8:7c:76:53:45:70:3c:b2:92:98:d0:84:67:63:27:6c:e0:
ca:23:d0:0d:09:77:8b:e6:97:04:86:76:84:69:cb:04:dc:72:
0b:3c:2f:59:29:af:5f:95:ca:1e:0f:f5:d6:9c:0a:70:4f:fd:
98:42:2c:24:08:ef:9e:a1:f0:83:29:a5:6e:af:f3:d3:cb:41:
98:af:bf:bb:b7:c0:2f:fa:15:02:94:2d:b0:a6:c0:0b:61:0a:
b8:69:ea:86:14:32:32:15:78:fa:50:6b:3e:c5:5a:0b:ac:d1:
b8:97:d0:a9:95:31:3a:be:b6:df:c1:73:fd:1f:49:10:e4:50:
96:f3:ac:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwlU3U1q2NEK8fKPXicCZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDk4MGIyMDcwMDNhNGUzYjcxYWU1ZGQ2Y2I0NDQxZTQ4NDM1MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFj1Z9G5emnoJgRoShN3a9W5y0i2
Ykhss93C8jq7jvpfEooadBFwa8SkUKfSOWzxj/DQAopOFyRJuATl3KYDk8aw67FB
h3u4EhN0ksCkikRqjy+yvU3pzr4UvUrIogbDY41ALiwKsfUGSJ5pcsE0U81he+Yi
Bw3Ssnk8YVhJ9kKexRQ0GOVAJ0tP1QzqVkTsLMTGfguNGL43ryJBX0roqKZXeSK7
cuqGh/WHmydyNNaSV05Za8jIPpQDuko8auQvZrznYhqWHTDgPcrms8J+7l4LpFR3
MkEX8qD7xHrSNk+DYJ6T9i8pWJ0p9XfsZ+s+oSCw2bgVINf+LAJylpEUswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKCYCyBwA6Tjtxrl3Wy0RB5IQ1JXMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvb0pnTElIQURwT08zR3VYZGJMUkVIa2hEVWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIBKAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCc98oJFMwuKfxueRc89yIWjlWORfhRWEfAn5yO
lPBge4dSDRuzbPU0awCvNuSWMRutFpId29e4TIRV4lE6oxQNhb9SKuLzZQJZ90vw
rfvjoyz/AzbMZNqjkog5+Aeu+yYGPN+XUZgLZtVrxMzL7SI1hXAJduM0hyjfg62o
3JPfyHx2U0VwPLKSmNCEZ2MnbODKI9ANCXeL5pcEhnaEacsE3HILPC9ZKa9flcoe
D/XWnApwT/2YQiwkCO+eofCDKaVur/PTy0GYr7+7t8Av+hUClC2wpsALYQq4aeqG
FDIyFXj6UGs+xVoLrNG4l9CplTE6vrbfwXP9H0kQ5FCW86wp
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:33 2025 by rpki-client