Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/L2OpH0Y2G4W3a2EOf--4z0pC5nw.roa
File: L2OpH0Y2G4W3a2EOf--4z0pC5nw.roa (raw, json)
Hash identifier: Z/y8jlpE1NkSokYffZSS7fe2Eq5i8YtQ+091JqoO2QM=
Subject key identifier: 2F:63:A9:1F:46:36:1B:85:B7:6B:61:0E:7F:EF:B8:CF:4A:42:E6:7C
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 01857246F0DB26B34860FBA5F3E8768BF638
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/L2OpH0Y2G4W3a2EOf--4z0pC5nw.roa
Signing time: Mon 02 Jan 2023 11:38:49 +0000
ROA not before: Mon 02 Jan 2023 11:38:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51628
IP address blocks: 192.145.99.0/24 maxlen: 24
2a09:6280:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:f0:db:26:b3:48:60:fb:a5:f3:e8:76:8b:f6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Jan 2 11:38:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f63a91f46361b85b76b610e7fefb8cf4a42e67c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3b:15:15:b6:ca:31:f1:8c:74:36:75:41:26:
db:99:73:94:82:fd:97:64:0b:34:a3:24:6a:97:2b:
12:1b:e2:12:fe:24:2d:78:b8:b0:5f:04:e9:6e:a2:
26:eb:e6:e7:84:67:04:fc:af:85:61:01:26:65:88:
86:dd:e8:7b:45:40:66:a5:bd:ff:b6:e7:de:b6:16:
65:67:32:c6:ce:71:29:69:00:a0:0d:33:4c:09:65:
99:5e:fc:6b:cf:87:57:67:8e:ef:f2:18:46:f1:fe:
75:a8:50:63:ee:53:12:c9:6b:09:38:62:86:a9:b7:
2a:b9:e2:90:8a:5e:7d:4a:62:24:5c:f4:d5:d1:9c:
db:60:8c:a9:79:a6:a5:cf:72:5a:76:0f:6c:4b:92:
50:b4:59:0f:15:0d:3a:18:23:be:60:0b:6d:3a:5a:
14:00:2a:ae:d8:2a:05:4e:cd:cf:89:40:10:67:9d:
50:3b:8b:92:e3:ef:db:a4:31:0e:a7:6a:1f:fa:3c:
25:59:32:0c:74:e3:14:70:58:d2:66:f5:1c:84:9b:
b8:d1:45:b2:1e:8a:cb:bf:bc:04:7b:0a:fc:33:7f:
07:9a:fa:02:0d:bb:49:90:48:f9:b1:f3:5d:96:52:
d3:47:b1:15:b9:bb:1d:d9:b0:75:9b:84:26:4b:df:
26:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:63:A9:1F:46:36:1B:85:B7:6B:61:0E:7F:EF:B8:CF:4A:42:E6:7C
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/L2OpH0Y2G4W3a2EOf--4z0pC5nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.99.0/24
IPv6:
2a09:6280:2::/48
Signature Algorithm: sha256WithRSAEncryption
ad:bc:9a:3a:ba:dd:93:ca:5c:a0:d1:1e:17:53:0b:fe:6b:99:
07:20:1b:5b:ba:10:43:8d:3f:33:19:75:db:18:28:92:fa:47:
34:50:e3:67:b2:d7:6b:a0:59:e2:1e:69:2b:8a:57:f8:05:b3:
c6:47:a9:b7:bc:7b:d3:3c:b8:0b:71:db:c8:5f:15:0f:40:db:
9c:32:3f:05:51:55:18:8c:69:26:a7:f0:aa:d8:a9:1c:3b:9e:
c5:e7:be:2a:79:8f:27:07:dc:d2:7c:92:8b:fa:f5:6f:85:8f:
23:77:05:04:cb:fb:aa:ee:8d:1f:26:69:ae:ff:da:42:0b:21:
25:59:96:b3:fc:c5:09:55:be:25:83:5d:62:5f:dc:4c:8d:09:
ee:5d:60:b1:86:66:db:a5:9f:c2:45:6e:c7:c6:f3:13:fc:22:
c7:fa:23:b6:ca:53:75:dc:27:9b:c7:35:f2:e3:bb:6c:4e:b1:
80:50:bc:8d:55:2e:f1:35:b2:e8:6e:62:df:4f:f7:11:ad:42:
03:10:6e:55:af:02:b7:a1:15:3f:97:f5:ed:88:aa:4b:31:46:
c8:8e:29:de:81:a0:de:de:f0:89:41:f3:f4:f9:ad:2a:d7:eb:
97:c2:f7:aa:f0:19:0c:71:e6:5f:03:b7:cf:79:2f:8e:0f:8f:
47:f3:88:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyRvDbJrNIYPul8+h2i/Y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDAxZTU4ODkwYmYyMzBkY2FlNWQwMzA1MTE5ZmYyYzJi
OGQ0MzMwHhcNMjMwMTAyMTEzODQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjYzYTkxZjQ2MzYxYjg1Yjc2YjYxMGU3ZmVmYjhjZjRhNDJlNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDsVFbbKMfGMdDZ1QSbbmXOUgv2X
ZAs0oyRqlysSG+IS/iQteLiwXwTpbqIm6+bnhGcE/K+FYQEmZYiG3eh7RUBmpb3/
tufethZlZzLGznEpaQCgDTNMCWWZXvxrz4dXZ47v8hhG8f51qFBj7lMSyWsJOGKG
qbcqueKQil59SmIkXPTV0ZzbYIypeaalz3Jadg9sS5JQtFkPFQ06GCO+YAttOloU
ACqu2CoFTs3PiUAQZ51QO4uS4+/bpDEOp2of+jwlWTIMdOMUcFjSZvUchJu40UWy
HorLv7wEewr8M38HmvoCDbtJkEj5sfNdllLTR7EVubsd2bB1m4QmS98m7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC9jqR9GNhuFt2thDn/vuM9KQuZ8MB8GA1UdIwQY
MBaAFDhAHliJC/Iw3K5dAwURn/LCuNQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYt
OGI5Y2RkYjczNDA4LzEvTDJPcEgwWTJHNFczYTJFT2YtLTR6MHBDNW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYtOGI5Y2RkYjczNDA4
LzEvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwJFjMA8E
AgACMAkDBwAqCWKAAAIwDQYJKoZIhvcNAQELBQADggEBAK28mjq63ZPKXKDRHhdT
C/5rmQcgG1u6EEONPzMZddsYKJL6RzRQ42ey12ugWeIeaSuKV/gFs8ZHqbe8e9M8
uAtx28hfFQ9A25wyPwVRVRiMaSan8KrYqRw7nsXnvip5jycH3NJ8kov69W+FjyN3
BQTL+6rujR8maa7/2kILISVZlrP8xQlVviWDXWJf3EyNCe5dYLGGZtuln8JFbsfG
8xP8Isf6I7bKU3XcJ5vHNfLju2xOsYBQvI1VLvE1suhuYt9P9xGtQgMQblWvAreh
FT+X9e2IqksxRsiOKd6BoN7e8IlB8/T5rSrX65fC96rwGQxx5l8Dt895L44Pj0fz
iNc=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:12:40 2025 by rpki-client