Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/OKSpYrLatEWj0ajOMlnkl0RP5oU.roa
File: OKSpYrLatEWj0ajOMlnkl0RP5oU.roa (raw, json)
Hash identifier: A3Q0jZ1iyPESI+l4cyY/4KEw8Naq+QWll8F7NuPp7jY=
Subject key identifier: 38:A4:A9:62:B2:DA:B4:45:A3:D1:A8:CE:32:59:E4:97:44:4F:E6:85
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 019428257E7E785B53BE2E0906F1B00D2161
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/OKSpYrLatEWj0ajOMlnkl0RP5oU.roa
Signing time: Thu 02 Jan 2025 17:52:13 +0000
ROA not before: Thu 02 Jan 2025 17:52:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a13:27c0:10::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:7e:7e:78:5b:53:be:2e:09:06:f1:b0:0d:21:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Jan 2 17:52:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38a4a962b2dab445a3d1a8ce3259e497444fe685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:65:f0:9f:14:01:24:40:54:3a:d6:8b:4c:4e:
3c:d4:02:8a:46:bb:7b:17:80:7b:6d:37:93:c2:a4:
d3:18:fa:62:e3:28:0e:18:c4:bd:f0:3f:26:1a:05:
4f:66:36:9c:fb:79:89:ff:66:dc:d8:3e:d1:0a:67:
69:81:89:20:e3:25:f0:c5:0f:33:11:c0:a9:58:75:
c4:70:d7:d6:f1:58:d1:81:b1:05:9e:d8:d0:04:8d:
6f:5a:a1:03:fd:22:08:d4:87:ba:73:51:9e:a5:48:
93:f4:fc:30:0c:3c:c3:69:a5:ef:6a:1c:89:80:45:
3d:8b:e1:ae:23:7c:6f:47:fb:eb:ce:2a:66:33:59:
b3:71:05:30:46:34:a9:47:82:c2:23:db:f1:e2:4f:
f8:57:33:29:0a:8f:c1:d9:bf:9c:42:c1:cd:85:cc:
08:c4:ca:d8:8f:c6:d5:e3:7d:60:c3:04:9e:33:a2:
09:c1:9f:6c:8c:18:c0:0a:b9:7d:65:0f:83:1c:fb:
18:45:25:51:2b:e4:c6:16:3b:52:00:0a:6e:29:53:
28:dd:90:fd:d8:fb:65:2b:11:79:fb:d6:22:93:b6:
77:b8:90:e6:d1:0b:49:d2:b1:6d:0d:18:39:1a:49:
b0:52:44:8a:1b:46:7d:ec:02:15:e7:d8:e4:62:ea:
3b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A4:A9:62:B2:DA:B4:45:A3:D1:A8:CE:32:59:E4:97:44:4F:E6:85
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/OKSpYrLatEWj0ajOMlnkl0RP5oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:27c0:10::/44
Signature Algorithm: sha256WithRSAEncryption
c5:9f:67:7a:3a:c0:2d:c2:8e:d6:1f:fe:f4:bb:dd:23:59:ae:
e9:e9:c6:06:7f:b0:85:cf:0f:6a:0e:9d:51:16:28:f4:f3:65:
1c:e9:3f:da:1a:04:78:b9:6b:56:60:1e:c4:ac:0c:65:d9:5c:
58:b2:71:b3:32:d9:f1:ac:ae:03:61:ef:38:dc:15:5b:66:7e:
27:7c:39:5b:b5:ae:92:65:82:82:2e:13:fb:aa:2e:84:2d:36:
db:16:10:48:54:39:dd:92:ec:10:a6:b7:4c:2c:5b:30:ae:51:
74:a3:93:11:3f:38:b5:98:94:03:6b:b9:98:f4:c4:a6:8e:35:
5a:b7:d4:5c:b5:f6:ef:a2:8d:bf:02:06:cb:14:54:8f:2c:cf:
5a:64:d9:94:4f:b2:55:7c:5a:5c:e4:82:53:a4:40:e9:a7:2d:
76:ef:f7:63:2d:eb:10:87:b3:8f:5e:d3:e5:61:5c:db:4a:1a:
da:75:36:46:7c:0b:f2:fa:97:e3:ad:8f:62:e0:61:a4:49:73:
f7:5b:d4:dd:32:fb:bb:59:ee:d4:b5:67:a2:1f:1e:5a:47:d8:
60:8d:9d:2f:40:70:8b:f5:0b:ef:b5:ef:06:e0:e6:03:33:53:
92:ad:91:65:29:58:c0:f1:3c:8d:79:84:58:8a:ba:3d:b8:b5:
5d:46:f7:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJX5+eFtTvi4JBvGwDSFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjUwMTAyMTc1MjEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGE0YTk2MmIyZGFiNDQ1YTNkMWE4Y2UzMjU5ZTQ5NzQ0NGZlNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymXwnxQBJEBUOtaLTE481AKKRrt7
F4B7bTeTwqTTGPpi4ygOGMS98D8mGgVPZjac+3mJ/2bc2D7RCmdpgYkg4yXwxQ8z
EcCpWHXEcNfW8VjRgbEFntjQBI1vWqED/SII1Ie6c1GepUiT9PwwDDzDaaXvahyJ
gEU9i+GuI3xvR/vrzipmM1mzcQUwRjSpR4LCI9vx4k/4VzMpCo/B2b+cQsHNhcwI
xMrYj8bV431gwwSeM6IJwZ9sjBjACrl9ZQ+DHPsYRSVRK+TGFjtSAApuKVMo3ZD9
2PtlKxF5+9Yik7Z3uJDm0QtJ0rFtDRg5GkmwUkSKG0Z97AIV59jkYuo7lwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDikqWKy2rRFo9GozjJZ5JdET+aFMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvT0tTcFlyTGF0RVdqMGFqT01sbmtsMFJQNW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhMnwAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDFn2d6OsAtwo7WH/70u90jWa7p6cYGf7CFzw9q
Dp1RFij082Uc6T/aGgR4uWtWYB7ErAxl2VxYsnGzMtnxrK4DYe843BVbZn4nfDlb
ta6SZYKCLhP7qi6ELTbbFhBIVDndkuwQprdMLFswrlF0o5MRPzi1mJQDa7mY9MSm
jjVat9Rctfbvoo2/AgbLFFSPLM9aZNmUT7JVfFpc5IJTpEDppy127/djLesQh7OP
XtPlYVzbShradTZGfAvy+pfjrY9i4GGkSXP3W9TdMvu7We7UtWeiHx5aR9hgjZ0v
QHCL9Qvvte8G4OYDM1OSrZFlKVjA8TyNeYRYiro9uLVdRveK
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:52:40 2025 by rpki-client